@namespace Oqtane.Modules.Admin.Users @inherits ModuleBase @inject IUserRoleService UserRoleService @inject IUserService UserService @inject ISettingService SettingService @inject ISiteService SiteService @inject IStringLocalizer Localizer @inject IStringLocalizer SharedLocalizer @inject SiteState SiteState @if (userroles == null) {

@SharedLocalizer["Loading"]

} else {

@SharedLocalizer["Name"] @SharedLocalizer["Username"] @Localizer["LastLoginOn"] @Localizer["LastIPAddress"] @Localizer["CreatedOn"]

@context.User.DisplayName @context.User.Username @string.Format("{0:dd-MMM-yyyy HH:mm:ss}",context.User.LastLoginOn) @context.User.LastIPAddress @string.Format("{0:dd-MMM-yyyy HH:mm:ss}",context.User.CreatedOn)

Allow User Registration?

@if (_providertype != "") {

Allow Login?

} else {

Allow Login?

}

Allow Two Factor?

@if (!string.IsNullOrEmpty(PageState.Alias.Path)) {

Cookie Type:

}

Minimum Length:

Unique Characters:

Require Digit?

Require Uppercase?

Require Lowercase?

Require Punctuation?

Maximum Failures:

Lockout Duration:

Provider Type:

@if (_providertype != "") {

Provider Name:

} @if (_providertype == AuthenticationProviderTypes.OpenIDConnect) {

Authority:

Metadata Url:

} @if (_providertype == AuthenticationProviderTypes.OAuth2) {

Authorization Url:

Token Url:

User Info Url:

} @if (_providertype != "") {

Client ID:

Client Secret:

Scopes:

Use PKCE?

Redirect Url:

@if (_providertype == AuthenticationProviderTypes.OpenIDConnect) {

Email Claim Type:

}

Domain Filter:

Create New Users?

}

Secret:

Issuer:

Audience:

Lifetime:

Access Token:

} @code { private List allroles; private List userroles; private string _search; private string _allowregistration; private string _allowsitelogin; private string _twofactor; private string _cookietype; private string _minimumlength; private string _uniquecharacters; private string _requiredigit; private string _requireupper; private string _requirelower; private string _requirepunctuation; private string _maximumfailures; private string _lockoutduration; private string _providertype; private string _providername; private string _authority; private string _metadataurl; private string _authorizationurl; private string _tokenurl; private string _userinfourl; private string _clientid; private string _clientsecret; private string _clientsecrettype = "password"; private string _toggleclientsecret = string.Empty; private string _scopes; private string _pkce; private string _redirecturl; private string _emailclaimtype; private string _domainfilter; private string _createusers; private string _secret; private string _secrettype = "password"; private string _togglesecret = string.Empty; private string _issuer; private string _audience; private string _lifetime; private string _token; public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin; protected override async Task OnInitializedAsync() { allroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); await LoadSettingsAsync(); userroles = Search(_search); var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId); _allowregistration = PageState.Site.AllowRegistration.ToString(); _allowsitelogin = SettingService.GetSetting(settings, "LoginOptions:AllowSiteLogin", "true"); _twofactor = SettingService.GetSetting(settings, "LoginOptions:TwoFactor", "false"); _cookietype = SettingService.GetSetting(settings, "LoginOptions:CookieType", "domain"); _minimumlength = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredLength", "6"); _uniquecharacters = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", "1"); _requiredigit = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireDigit", "true"); _requireupper = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireUppercase", "true"); _requirelower = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireLowercase", "true"); _requirepunctuation = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", "true"); _maximumfailures = SettingService.GetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", "5"); _lockoutduration = TimeSpan.Parse(SettingService.GetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", "00:05:00")).TotalMinutes.ToString(); _providertype = SettingService.GetSetting(settings, "ExternalLogin:ProviderType", ""); _providername = SettingService.GetSetting(settings, "ExternalLogin:ProviderName", ""); _authority = SettingService.GetSetting(settings, "ExternalLogin:Authority", ""); _metadataurl = SettingService.GetSetting(settings, "ExternalLogin:MetadataUrl", ""); _authorizationurl = SettingService.GetSetting(settings, "ExternalLogin:AuthorizationUrl", ""); _tokenurl = SettingService.GetSetting(settings, "ExternalLogin:TokenUrl", ""); _userinfourl = SettingService.GetSetting(settings, "ExternalLogin:UserInfoUrl", ""); _clientid = SettingService.GetSetting(settings, "ExternalLogin:ClientId", ""); _clientsecret = SettingService.GetSetting(settings, "ExternalLogin:ClientSecret", ""); _toggleclientsecret = Localizer["Show"]; _scopes = SettingService.GetSetting(settings, "ExternalLogin:Scopes", ""); _pkce = SettingService.GetSetting(settings, "ExternalLogin:PKCE", "false"); _redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype; _emailclaimtype = SettingService.GetSetting(settings, "ExternalLogin:EmailClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"); _domainfilter = SettingService.GetSetting(settings, "ExternalLogin:DomainFilter", ""); _createusers = SettingService.GetSetting(settings, "ExternalLogin:CreateUsers", "true"); _secret = SettingService.GetSetting(settings, "JwtOptions:Secret", ""); _togglesecret = Localizer["Show"]; _issuer = SettingService.GetSetting(settings, "JwtOptions:Issuer", PageState.Uri.Scheme + "://" + PageState.Alias.Name); _audience = SettingService.GetSetting(settings, "JwtOptions:Audience", ""); _lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20"); } private List Search(string search) { var results = allroles.Where(item => item.Role.Name == RoleNames.Registered || (item.Role.Name == RoleNames.Host && UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))); if (!string.IsNullOrEmpty(_search)) { results = results.Where(item => ( item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) || item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) || item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase) ) ); } return results.ToList(); } private async Task OnSearch() { userroles = Search(_search); await UpdateSettingsAsync(); } private async Task DeleteUser(UserRole UserRole) { try { var user = await UserService.GetUserAsync(UserRole.UserId, PageState.Site.SiteId); if (user != null) { await UserService.DeleteUserAsync(user.UserId, PageState.Site.SiteId); await logger.LogInformation("User Deleted {User}", UserRole.User); allroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId); userroles = Search(_search); StateHasChanged(); } } catch (Exception ex) { await logger.LogError(ex, "Error Deleting User {User} {Error}", UserRole.User, ex.Message); AddModuleMessage(ex.Message, MessageType.Error); } } private string settingSearch = "AU-search"; private async Task LoadSettingsAsync() { Dictionary settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId); _search = SettingService.GetSetting(settings, settingSearch, ""); } private async Task UpdateSettingsAsync() { Dictionary settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId); SettingService.SetSetting(settings, settingSearch, _search); await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId); } private async Task SaveSiteSettings() { try { var site = PageState.Site; site.AllowRegistration = bool.Parse(_allowregistration); await SiteService.UpdateSiteAsync(site); var settings = await SettingService.GetSiteSettingsAsync(site.SiteId); settings = SettingService.SetSetting(settings, "LoginOptions:AllowSiteLogin", _allowsitelogin, false); settings = SettingService.SetSetting(settings, "LoginOptions:TwoFactor", _twofactor, false); settings = SettingService.SetSetting(settings, "LoginOptions:CookieType", _cookietype, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredLength", _minimumlength, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", _uniquecharacters, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireDigit", _requiredigit, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireUppercase", _requireupper, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireLowercase", _requirelower, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", _requirepunctuation, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", _maximumfailures, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", TimeSpan.FromMinutes(Convert.ToInt64(_lockoutduration)).ToString(), true); settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderType", _providertype, false); settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderName", _providername, false); settings = SettingService.SetSetting(settings, "ExternalLogin:Authority", _authority, true); settings = SettingService.SetSetting(settings, "ExternalLogin:MetadataUrl", _metadataurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:AuthorizationUrl", _authorizationurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:TokenUrl", _tokenurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:UserInfoUrl", _userinfourl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ClientId", _clientid, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ClientSecret", _clientsecret, true); settings = SettingService.SetSetting(settings, "ExternalLogin:Scopes", _scopes, true); settings = SettingService.SetSetting(settings, "ExternalLogin:PKCE", _pkce, true); settings = SettingService.SetSetting(settings, "ExternalLogin:EmailClaimType", _emailclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:DomainFilter", _domainfilter, true); settings = SettingService.SetSetting(settings, "ExternalLogin:CreateUsers", _createusers, true); if (!string.IsNullOrEmpty(_secret) && _secret.Length < 16) _secret = (_secret + "????????????????").Substring(0, 16); settings = SettingService.SetSetting(settings, "JwtOptions:Secret", _secret, true); settings = SettingService.SetSetting(settings, "JwtOptions:Issuer", _issuer, true); settings = SettingService.SetSetting(settings, "JwtOptions:Audience", _audience, true); settings = SettingService.SetSetting(settings, "JwtOptions:Lifetime", _lifetime, true); await SettingService.UpdateSiteSettingsAsync(settings, site.SiteId); await SettingService.ClearSiteSettingsCacheAsync(); if (!string.IsNullOrEmpty(_secret)) { SiteState.AuthorizationToken = await UserService.GetTokenAsync(); } AddModuleMessage(Localizer["Success.SaveSiteSettings"], MessageType.Success); } catch (Exception ex) { await logger.LogError(ex, "Error Saving Site Settings {Error}", ex.Message); AddModuleMessage(Localizer["Error.SaveSiteSettings"], MessageType.Error); } } private void ProviderTypeChanged(ChangeEventArgs e) { _providertype = (string)e.Value; if (_providertype == AuthenticationProviderTypes.OpenIDConnect) { _scopes = "openid,profile,email"; } else { _scopes = ""; } _redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype; StateHasChanged(); } private async Task CreateToken() { _token = await UserService.GetPersonalAccessTokenAsync(); } private void ToggleClientSecret() { if (_clientsecrettype == "password") { _clientsecrettype = "text"; _toggleclientsecret = Localizer["Hide"]; } else { _clientsecrettype = "password"; _toggleclientsecret = Localizer["Show"]; } } private void ToggleSecret() { if (_secrettype == "password") { _secrettype = "text"; _togglesecret = Localizer["Hide"]; } else { _secrettype = "password"; _togglesecret = Localizer["Show"]; } } }