@namespace Oqtane.Modules.Admin.Users @inherits ModuleBase @inject IUserRoleService UserRoleService @inject IUserService UserService @inject ISettingService SettingService @inject ISiteService SiteService @inject IStringLocalizer Localizer @inject IStringLocalizer SharedLocalizer @if (users == null) {

@SharedLocalizer["Loading"]

} else {

@Localizer["Username"] @Localizer["Name"] @Localizer["Email"] @Localizer["LastLoginOn"]

@context.User.Username @context.User.DisplayName @((MarkupString)string.Format("{1}", @context.User.Email, @context.User.Email)) @((context.User.LastLoginOn != DateTime.MinValue) ? string.Format("{0:dd-MMM-yyyy HH:mm:ss}", context.User.LastLoginOn) : "")

Allow User Registration?

@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { @if (_providertype != "") {

Allow Login?

} else {

Allow Login?

}

Two Factor?

Cookie Name:

Cookie Expiration Timespan:

Always Remember User?

Logout Everywhere?

}

@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) {

Minimum Length:

Unique Characters:

Require Digit?

Require Uppercase?

Require Lowercase?

Require Punctuation?

Maximum Failures:

Lockout Duration:

Provider:

@if (!string.IsNullOrEmpty(_providerurl)) { @Localizer["Info"] }

Provider Type:

@if (_providertype != "") {

Provider Name:

} @if (_providertype == AuthenticationProviderTypes.OpenIDConnect) {

Authority:

Metadata Url:

} @if (_providertype == AuthenticationProviderTypes.OAuth2) {

Authorization Url:

Token Url:

User Info Url:

} @if (_providertype != "") {

Client ID:

Client Secret:

@if (_providertype == AuthenticationProviderTypes.OpenIDConnect) {

Authorization Response Type:

}

Scopes:

Parameters:

Use PKCE?

Redirect Url:

Review Claims?

@if (_reviewclaims == "true") { @SharedLocalizer["Test"] }

Identifier Claim:

Name Claim:

Email Claim:

Roles Claim:

Role Claim Mappings:

Synchronize Roles?

User Profile Claims:

Save Tokens?

Domain Filter:

Create New Users?

Verify Existing Users?

}

Secret:

Issuer:

Audience:

Lifetime:

Access Token:

}

} @code { private List users; private string _allowregistration; private string _allowsitelogin; private string _twofactor; private string _cookiename; private string _cookieexpiration; private string _alwaysremember; private string _logouteverywhere; private string _minimumlength; private string _uniquecharacters; private string _requiredigit; private string _requireupper; private string _requirelower; private string _requirepunctuation; private string _maximumfailures; private string _lockoutduration; private string _provider; private string _providerurl; private string _providertype; private string _providername; private string _authority; private string _metadataurl; private string _authorizationurl; private string _tokenurl; private string _userinfourl; private string _clientid; private string _clientsecret; private string _clientsecrettype = "password"; private string _toggleclientsecret = string.Empty; private string _authresponsetype; private string _scopes; private string _parameters; private string _pkce; private string _redirecturl; private string _reviewclaims; private string _externalloginurl; private string _identifierclaimtype; private string _nameclaimtype; private string _emailclaimtype; private string _roleclaimtype; private string _roleclaimmappings; private string _synchronizeroles; private string _profileclaimtypes; private string _savetokens; private string _domainfilter; private string _createusers; private string _verifyusers; private string _secret; private string _secrettype = "password"; private string _togglesecret = string.Empty; private string _issuer; private string _audience; private string _lifetime; private string _token; private bool isSortedAscending; private string activeSortColumn; public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.View; protected override async Task OnInitializedAsync() { await LoadUsersAsync(true); var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId); _allowregistration = PageState.Site.AllowRegistration.ToString().ToLower(); _allowsitelogin = SettingService.GetSetting(settings, "LoginOptions:AllowSiteLogin", "true"); if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { _twofactor = SettingService.GetSetting(settings, "LoginOptions:TwoFactor", "false"); _cookiename = SettingService.GetSetting(settings, "LoginOptions:CookieName", ".AspNetCore.Identity.Application"); _cookieexpiration = SettingService.GetSetting(settings, "LoginOptions:CookieExpiration", ""); _alwaysremember = SettingService.GetSetting(settings, "LoginOptions:AlwaysRemember", "false"); _logouteverywhere = SettingService.GetSetting(settings, "LoginOptions:LogoutEverywhere", "false"); _minimumlength = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredLength", "6"); _uniquecharacters = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", "1"); _requiredigit = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireDigit", "true"); _requireupper = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireUppercase", "true"); _requirelower = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireLowercase", "true"); _requirepunctuation = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", "true"); _maximumfailures = SettingService.GetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", "5"); _lockoutduration = TimeSpan.Parse(SettingService.GetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", "00:05:00")).TotalMinutes.ToString(); LoadExternalLoginSettings(settings); _secret = SettingService.GetSetting(settings, "JwtOptions:Secret", ""); _togglesecret = SharedLocalizer["ShowPassword"]; _issuer = SettingService.GetSetting(settings, "JwtOptions:Issuer", PageState.Uri.Scheme + "://" + PageState.Alias.Name); _audience = SettingService.GetSetting(settings, "JwtOptions:Audience", ""); _lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20"); } } private void LoadExternalLoginSettings(Dictionary settings) { _provider = SettingService.GetSetting(settings, "ExternalLogin:Provider", ""); _providerurl = SettingService.GetSetting(settings, "ExternalLogin:ProviderUrl", ""); _providertype = SettingService.GetSetting(settings, "ExternalLogin:ProviderType", ""); _providername = SettingService.GetSetting(settings, "ExternalLogin:ProviderName", ""); _authority = SettingService.GetSetting(settings, "ExternalLogin:Authority", ""); _metadataurl = SettingService.GetSetting(settings, "ExternalLogin:MetadataUrl", ""); _authorizationurl = SettingService.GetSetting(settings, "ExternalLogin:AuthorizationUrl", ""); _tokenurl = SettingService.GetSetting(settings, "ExternalLogin:TokenUrl", ""); _userinfourl = SettingService.GetSetting(settings, "ExternalLogin:UserInfoUrl", ""); _clientid = SettingService.GetSetting(settings, "ExternalLogin:ClientId", ""); _clientsecret = SettingService.GetSetting(settings, "ExternalLogin:ClientSecret", ""); _toggleclientsecret = SharedLocalizer["ShowPassword"]; _authresponsetype = SettingService.GetSetting(settings, "ExternalLogin:AuthResponseType", "code"); _scopes = SettingService.GetSetting(settings, "ExternalLogin:Scopes", ""); _parameters = SettingService.GetSetting(settings, "ExternalLogin:Parameters", ""); _pkce = SettingService.GetSetting(settings, "ExternalLogin:PKCE", "false"); _redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype; _reviewclaims = SettingService.GetSetting(settings, "ExternalLogin:ReviewClaims", "false"); _externalloginurl = Utilities.TenantUrl(PageState.Alias, "/pages/external"); _identifierclaimtype = SettingService.GetSetting(settings, "ExternalLogin:IdentifierClaimType", "sub"); _nameclaimtype = SettingService.GetSetting(settings, "ExternalLogin:NameClaimType", "name"); _emailclaimtype = SettingService.GetSetting(settings, "ExternalLogin:EmailClaimType", "email"); _roleclaimtype = SettingService.GetSetting(settings, "ExternalLogin:RoleClaimType", ""); _roleclaimmappings = SettingService.GetSetting(settings, "ExternalLogin:RoleClaimMappings", ""); _synchronizeroles = SettingService.GetSetting(settings, "ExternalLogin:SynchronizeRoles", "false"); _profileclaimtypes = SettingService.GetSetting(settings, "ExternalLogin:ProfileClaimTypes", ""); _savetokens = SettingService.GetSetting(settings, "ExternalLogin:SaveTokens", "false"); _domainfilter = SettingService.GetSetting(settings, "ExternalLogin:DomainFilter", ""); _createusers = SettingService.GetSetting(settings, "ExternalLogin:CreateUsers", "true"); _verifyusers = SettingService.GetSetting(settings, "ExternalLogin:VerifyUsers", "true"); } private async Task LoadUsersAsync(bool load) { if (load) { users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered); if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { var hosts = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Host); users.AddRange(hosts); users = users.OrderBy(u => u.User.DisplayName).ToList(); } } } private async Task DeleteUser(UserRole UserRole) { try { if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { var user = await UserService.GetUserAsync(UserRole.UserId, PageState.Site.SiteId); if (user != null) { user.IsDeleted = true; await UserService.UpdateUserAsync(user); await logger.LogInformation("User Soft Deleted {User}", user); } } else { var userrole = await UserRoleService.GetUserRoleAsync(UserRole.UserRoleId); userrole.ExpiryDate = DateTime.UtcNow; await UserRoleService.UpdateUserRoleAsync(userrole); await logger.LogInformation("User {Username} Expired From Role {Role}", userrole.User.Username, userrole.Role.Name); } AddModuleMessage(Localizer["Success.DeleteUser"], MessageType.Success); await LoadUsersAsync(true); StateHasChanged(); } catch (Exception ex) { await logger.LogError(ex, "Error Deleting User {User} {Error}", UserRole.User, ex.Message); AddModuleMessage(Localizer["Error.DeleteUser"], MessageType.Error); } } private async Task SaveSiteSettings() { try { var site = PageState.Site; site.AllowRegistration = bool.Parse(_allowregistration); await SiteService.UpdateSiteAsync(site); var settings = await SettingService.GetSiteSettingsAsync(site.SiteId); settings = SettingService.SetSetting(settings, "LoginOptions:AllowSiteLogin", _allowsitelogin, false); if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { settings = SettingService.SetSetting(settings, "LoginOptions:TwoFactor", _twofactor, false); settings = SettingService.SetSetting(settings, "LoginOptions:CookieName", _cookiename, true); settings = SettingService.SetSetting(settings, "LoginOptions:CookieExpiration", _cookieexpiration, true); settings = SettingService.SetSetting(settings, "LoginOptions:AlwaysRemember", _alwaysremember, false); settings = SettingService.SetSetting(settings, "LoginOptions:LogoutEverywhere", _logouteverywhere, false); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredLength", _minimumlength, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", _uniquecharacters, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireDigit", _requiredigit, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireUppercase", _requireupper, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireLowercase", _requirelower, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", _requirepunctuation, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", _maximumfailures, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", TimeSpan.FromMinutes(Convert.ToInt64(_lockoutduration)).ToString(), true); settings = SettingService.SetSetting(settings, "ExternalLogin:Provider", _provider, false); settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderType", _providertype, false); settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderName", _providername, false); settings = SettingService.SetSetting(settings, "ExternalLogin:Authority", _authority, true); settings = SettingService.SetSetting(settings, "ExternalLogin:MetadataUrl", _metadataurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:AuthorizationUrl", _authorizationurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:TokenUrl", _tokenurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:UserInfoUrl", _userinfourl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ClientId", _clientid, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ClientSecret", _clientsecret, true); settings = SettingService.SetSetting(settings, "ExternalLogin:AuthResponseType", _authresponsetype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:Scopes", _scopes, true); settings = SettingService.SetSetting(settings, "ExternalLogin:Parameters", _parameters, true); settings = SettingService.SetSetting(settings, "ExternalLogin:PKCE", _pkce, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ReviewClaims", _reviewclaims, true); settings = SettingService.SetSetting(settings, "ExternalLogin:IdentifierClaimType", _identifierclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:NameClaimType", _nameclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:EmailClaimType", _emailclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:RoleClaimType", _roleclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:RoleClaimMappings", _roleclaimmappings, true); settings = SettingService.SetSetting(settings, "ExternalLogin:SynchronizeRoles", _synchronizeroles, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ProfileClaimTypes", _profileclaimtypes, true); settings = SettingService.SetSetting(settings, "ExternalLogin:SaveTokens", _savetokens, true); settings = SettingService.SetSetting(settings, "ExternalLogin:DomainFilter", _domainfilter, true); settings = SettingService.SetSetting(settings, "ExternalLogin:CreateUsers", _createusers, true); settings = SettingService.SetSetting(settings, "ExternalLogin:VerifyUsers", _verifyusers, true); settings = SettingService.SetSetting(settings, "JwtOptions:Secret", _secret, true); settings = SettingService.SetSetting(settings, "JwtOptions:Issuer", _issuer, true); settings = SettingService.SetSetting(settings, "JwtOptions:Audience", _audience, true); settings = SettingService.SetSetting(settings, "JwtOptions:Lifetime", _lifetime, true); } await SettingService.UpdateSiteSettingsAsync(settings, site.SiteId); await SettingService.ClearSiteSettingsCacheAsync(); if (!string.IsNullOrEmpty(_secret)) { SiteState.AuthorizationToken = await UserService.GetTokenAsync(); } AddModuleMessage(Localizer["Success.SaveSiteSettings"], MessageType.Success); } catch (Exception ex) { await logger.LogError(ex, "Error Saving Site Settings {Error}", ex.Message); AddModuleMessage(Localizer["Error.SaveSiteSettings"], MessageType.Error); } finally { await ScrollToPageTop(); } } private void ProviderChanged(ChangeEventArgs e) { _provider = (string)e.Value; var provider = Shared.ExternalLoginProviders.Providers.FirstOrDefault(item => item.Name == _provider); if (provider != null) { LoadExternalLoginSettings(provider.Settings); } StateHasChanged(); } private void ProviderTypeChanged(ChangeEventArgs e) { _providertype = (string)e.Value; if (string.IsNullOrEmpty(_providername)) { if (_providertype == AuthenticationProviderTypes.OpenIDConnect) { _scopes = "openid,profile,email"; } else { _scopes = ""; } } _redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype; StateHasChanged(); } private async Task CreateToken() { _token = await UserService.GetPersonalAccessTokenAsync(); } private void ToggleClientSecret() { if (_clientsecrettype == "password") { _clientsecrettype = "text"; _toggleclientsecret = SharedLocalizer["HidePassword"]; } else { _clientsecrettype = "password"; _toggleclientsecret = SharedLocalizer["ShowPassword"]; } } private void ToggleSecret() { if (_secrettype == "password") { _secrettype = "text"; _togglesecret = SharedLocalizer["HidePassword"]; } else { _secrettype = "password"; _togglesecret = SharedLocalizer["ShowPassword"]; } } private void SortTable(string columnName) { if (columnName != activeSortColumn) { users = users.OrderBy(x => x.User.GetType().GetProperty(columnName)?.GetValue(x.User)).ToList(); isSortedAscending = true; activeSortColumn = columnName; } else { if (isSortedAscending) { users = users.OrderByDescending(x => x.User.GetType().GetProperty(columnName)?.GetValue(x.User)).ToList(); } else { users = users.OrderBy(x => x.User.GetType().GetProperty(columnName)?.GetValue(x.User)).ToList(); } isSortedAscending = !isSortedAscending; } } private string SetSortIcon(string columnName) { if (activeSortColumn != columnName) { return "app-fas pe-3 "; } if (isSortedAscending) { return "app-fas oi oi-sort-ascending"; } else { return "app-fas oi oi-sort-descending"; } } }