From d188d4fbd1dc4ace45a0a057c0ee7f524e3e91ea Mon Sep 17 00:00:00 2001
From: James Kolpack <james.kolpack@gmail.com>
Date: Tue, 11 Nov 2025 14:41:51 -0500
Subject: [PATCH] Add simple auth

---
 WebApp/Authentication/AuthController.cs       | 36 +++++++++++++++++++
 WebApp/Components/Login.razor                 | 11 ++++++
 .../Pages/EventDefinitionPages/Create.razor   |  1 +
 .../Pages/EventDefinitionPages/Details.razor  |  1 +
 .../Pages/EventDefinitionPages/Edit.razor     |  1 +
 .../Pages/EventDefinitionPages/Index.razor    |  1 +
 .../Pages/EventDefinitionPages/Printout.razor |  1 +
 WebApp/Components/Pages/Home.razor            |  1 +
 WebApp/Components/Pages/Import.razor          |  1 +
 .../Pages/MeetingSchedulePages/Index.razor    |  5 +--
 .../Pages/StudentPages/Create.razor           |  1 +
 .../Pages/StudentPages/Details.razor          |  1 +
 .../Components/Pages/StudentPages/Edit.razor  |  1 +
 .../Pages/StudentPages/EventRanking.razor     |  5 +--
 .../Pages/StudentPages/EventRankingEdit.razor |  5 +--
 .../Components/Pages/StudentPages/Index.razor |  1 +
 .../Pages/TeamPages/Assignment.razor          |  1 +
 .../Components/Pages/TeamPages/Create.razor   |  1 +
 WebApp/Components/Pages/TeamPages/Edit.razor  |  1 +
 .../Components/Pages/TeamPages/Handout.razor  |  5 +--
 WebApp/Components/Pages/TeamPages/Index.razor |  5 +--
 .../Components/Pages/TeamPages/Printout.razor |  5 +--
 WebApp/Components/Routes.razor                | 22 +++++++++---
 WebApp/Components/_Imports.razor              |  2 ++
 WebApp/Program.cs                             | 22 +++++++++++-
 WebApp/WebApp.csproj                          |  1 +
 26 files changed, 121 insertions(+), 17 deletions(-)
 create mode 100644 WebApp/Authentication/AuthController.cs
 create mode 100644 WebApp/Components/Login.razor

diff --git a/WebApp/Authentication/AuthController.cs b/WebApp/Authentication/AuthController.cs
new file mode 100644
index 0000000..f882288
--- /dev/null
+++ b/WebApp/Authentication/AuthController.cs
@@ -0,0 +1,36 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+
+namespace WebApp.Authentication
+{
+    public class AuthController : Controller
+    {
+        [HttpPost]
+        [AllowAnonymous]
+        public async Task<IActionResult> CookieLogin()
+        {
+            // Based on: https://www.codeproject.com/articles/Understanding-authentication-in-Blazor-and-ASP-NET
+            // TODO: Fix this up
+            // Generate the claims
+            var claims = new List<Claim>();
+            claims.Add(new Claim(ClaimTypes.Name, "John Patton"));
+            claims.Add(new Claim(ClaimTypes.Role, "Contributor"));
+
+            var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Auth"));
+
+            await HttpContext.SignInAsync("Auth", principal).ConfigureAwait(false);
+
+            return Redirect("/");
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> CookieLogout()
+        {
+            await HttpContext.SignOutAsync("Auth").ConfigureAwait(false);
+
+            return Redirect("/login");
+        }
+    }
+}
diff --git a/WebApp/Components/Login.razor b/WebApp/Components/Login.razor
new file mode 100644
index 0000000..1744dad
--- /dev/null
+++ b/WebApp/Components/Login.razor
@@ -0,0 +1,11 @@
+@page "/login"
+
+<h3>Login</h3>
+
+<form action="Auth/CookieLogin" method="post">
+    <button type="submit" class="btn btn-primary">Login</button>
+</form>
+
+<form action="Auth/CookieLogout" method="post">
+    <button type="submit" class="btn btn-primary">Logout</button>
+</form>
\ No newline at end of file
diff --git a/WebApp/Components/Pages/EventDefinitionPages/Create.razor b/WebApp/Components/Pages/EventDefinitionPages/Create.razor
index 0c33741..8e47749 100644
--- a/WebApp/Components/Pages/EventDefinitionPages/Create.razor
+++ b/WebApp/Components/Pages/EventDefinitionPages/Create.razor
@@ -1,4 +1,5 @@
 @page "/events/create"
+@attribute [Authorize]
 @inject AppDbContext context
 @inject NavigationManager NavigationManager
 
diff --git a/WebApp/Components/Pages/EventDefinitionPages/Details.razor b/WebApp/Components/Pages/EventDefinitionPages/Details.razor
index fab61e5..1f10461 100644
--- a/WebApp/Components/Pages/EventDefinitionPages/Details.razor
+++ b/WebApp/Components/Pages/EventDefinitionPages/Details.razor
@@ -1,4 +1,5 @@
 @page "/events/details"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @inject AppDbContext context
 @inject NavigationManager NavigationManager
diff --git a/WebApp/Components/Pages/EventDefinitionPages/Edit.razor b/WebApp/Components/Pages/EventDefinitionPages/Edit.razor
index eb9278f..df0b9ed 100644
--- a/WebApp/Components/Pages/EventDefinitionPages/Edit.razor
+++ b/WebApp/Components/Pages/EventDefinitionPages/Edit.razor
@@ -1,4 +1,5 @@
 @page "/events/edit"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @inject AppDbContext context
 @inject NavigationManager NavigationManager
diff --git a/WebApp/Components/Pages/EventDefinitionPages/Index.razor b/WebApp/Components/Pages/EventDefinitionPages/Index.razor
index fc9353a..ee3b8a2 100644
--- a/WebApp/Components/Pages/EventDefinitionPages/Index.razor
+++ b/WebApp/Components/Pages/EventDefinitionPages/Index.razor
@@ -1,4 +1,5 @@
 @page "/events"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @using WebApp.Models
 @inject AppDbContext Context
diff --git a/WebApp/Components/Pages/EventDefinitionPages/Printout.razor b/WebApp/Components/Pages/EventDefinitionPages/Printout.razor
index dfaff5e..9b71b4d 100644
--- a/WebApp/Components/Pages/EventDefinitionPages/Printout.razor
+++ b/WebApp/Components/Pages/EventDefinitionPages/Printout.razor
@@ -1,4 +1,5 @@
 @using Microsoft.EntityFrameworkCore
+@attribute [Authorize]
 @page "/events/printout"
 @inject IConfiguration Configuration
 @inject  AppDbContext Context
diff --git a/WebApp/Components/Pages/Home.razor b/WebApp/Components/Pages/Home.razor
index dc0ad0d..9449b3e 100644
--- a/WebApp/Components/Pages/Home.razor
+++ b/WebApp/Components/Pages/Home.razor
@@ -1,4 +1,5 @@
 @page "/"
+@attribute [Authorize]
 @inject IConfiguration Configuration
 
 <PageTitle>Home</PageTitle>
diff --git a/WebApp/Components/Pages/Import.razor b/WebApp/Components/Pages/Import.razor
index ad199c3..310a04f 100644
--- a/WebApp/Components/Pages/Import.razor
+++ b/WebApp/Components/Pages/Import.razor
@@ -1,4 +1,5 @@
 @page "/import"
+@attribute [Authorize]
 @using Core.Parsers
 @using Microsoft.EntityFrameworkCore
 @inject AppDbContext Context
diff --git a/WebApp/Components/Pages/MeetingSchedulePages/Index.razor b/WebApp/Components/Pages/MeetingSchedulePages/Index.razor
index 67d7c5c..669bbd0 100644
--- a/WebApp/Components/Pages/MeetingSchedulePages/Index.razor
+++ b/WebApp/Components/Pages/MeetingSchedulePages/Index.razor
@@ -1,7 +1,8 @@
-@using System.Text
+@page "/meeting-schedule"
+@attribute [Authorize]
+@using System.Text
 @using Core.Calculation
 @using Microsoft.EntityFrameworkCore
-@page "/meeting-schedule"
 @inject IConfiguration Configuration
 @inject AppDbContext Context
 @inject ClipboardService ClipboardService
diff --git a/WebApp/Components/Pages/StudentPages/Create.razor b/WebApp/Components/Pages/StudentPages/Create.razor
index bd7c903..d393888 100644
--- a/WebApp/Components/Pages/StudentPages/Create.razor
+++ b/WebApp/Components/Pages/StudentPages/Create.razor
@@ -1,4 +1,5 @@
 @page "/students/create"
+@attribute [Authorize]
 @inject AppDbContext Context
 @inject NavigationManager NavigationManager
 
diff --git a/WebApp/Components/Pages/StudentPages/Details.razor b/WebApp/Components/Pages/StudentPages/Details.razor
index 377fb6f..c39d84d 100644
--- a/WebApp/Components/Pages/StudentPages/Details.razor
+++ b/WebApp/Components/Pages/StudentPages/Details.razor
@@ -1,4 +1,5 @@
 @page "/students/details"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @using Core.Entities
 @using Data
diff --git a/WebApp/Components/Pages/StudentPages/Edit.razor b/WebApp/Components/Pages/StudentPages/Edit.razor
index 01feb3b..a8dc67e 100644
--- a/WebApp/Components/Pages/StudentPages/Edit.razor
+++ b/WebApp/Components/Pages/StudentPages/Edit.razor
@@ -1,4 +1,5 @@
 @page "/students/edit"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @inject AppDbContext Context
 @inject NavigationManager NavigationManager
diff --git a/WebApp/Components/Pages/StudentPages/EventRanking.razor b/WebApp/Components/Pages/StudentPages/EventRanking.razor
index b74defc..2f1f57e 100644
--- a/WebApp/Components/Pages/StudentPages/EventRanking.razor
+++ b/WebApp/Components/Pages/StudentPages/EventRanking.razor
@@ -1,6 +1,7 @@
-@using Microsoft.EntityFrameworkCore
+@page "/students/event-ranking"
+@attribute [Authorize]
+@using Microsoft.EntityFrameworkCore
 @using WebApp.Models
-@page "/students/event-ranking"
 @inject AppDbContext Context
 @rendermode InteractiveServer
 
diff --git a/WebApp/Components/Pages/StudentPages/EventRankingEdit.razor b/WebApp/Components/Pages/StudentPages/EventRankingEdit.razor
index 9aef4ca..6fcd36f 100644
--- a/WebApp/Components/Pages/StudentPages/EventRankingEdit.razor
+++ b/WebApp/Components/Pages/StudentPages/EventRankingEdit.razor
@@ -1,7 +1,8 @@
-@using Microsoft.EntityFrameworkCore
+@page "/students/event-ranking-edit/{StudentId:int}"
+@attribute [Authorize]
+@using Microsoft.EntityFrameworkCore
 @using BlazorSortableList
 @using WebApp.Models
-@page "/students/event-ranking-edit/{StudentId:int}"
 @inject AppDbContext Context
 @inject NavigationManager NavigationManager
 
diff --git a/WebApp/Components/Pages/StudentPages/Index.razor b/WebApp/Components/Pages/StudentPages/Index.razor
index 29a7637..8059895 100644
--- a/WebApp/Components/Pages/StudentPages/Index.razor
+++ b/WebApp/Components/Pages/StudentPages/Index.razor
@@ -1,4 +1,5 @@
 @page "/students"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @using WebApp.Models
 @inject AppDbContext Context
diff --git a/WebApp/Components/Pages/TeamPages/Assignment.razor b/WebApp/Components/Pages/TeamPages/Assignment.razor
index e208920..e65cd50 100644
--- a/WebApp/Components/Pages/TeamPages/Assignment.razor
+++ b/WebApp/Components/Pages/TeamPages/Assignment.razor
@@ -1,4 +1,5 @@
 @page "/teams/assignment"
+@attribute [Authorize]
 @using Core.Calculation
 @using Microsoft.EntityFrameworkCore
 @using WebApp.Models
diff --git a/WebApp/Components/Pages/TeamPages/Create.razor b/WebApp/Components/Pages/TeamPages/Create.razor
index 18257e0..ee254a6 100644
--- a/WebApp/Components/Pages/TeamPages/Create.razor
+++ b/WebApp/Components/Pages/TeamPages/Create.razor
@@ -1,4 +1,5 @@
 @page "/teams/create"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @inject AppDbContext Context
 @inject NavigationManager NavigationManager
diff --git a/WebApp/Components/Pages/TeamPages/Edit.razor b/WebApp/Components/Pages/TeamPages/Edit.razor
index ed0a37e..2dd1646 100644
--- a/WebApp/Components/Pages/TeamPages/Edit.razor
+++ b/WebApp/Components/Pages/TeamPages/Edit.razor
@@ -1,4 +1,5 @@
 @page "/teams/edit"
+@attribute [Authorize]
 @using Microsoft.EntityFrameworkCore
 @inject AppDbContext Context
 @inject NavigationManager NavigationManager
diff --git a/WebApp/Components/Pages/TeamPages/Handout.razor b/WebApp/Components/Pages/TeamPages/Handout.razor
index 3758927..fb1bd33 100644
--- a/WebApp/Components/Pages/TeamPages/Handout.razor
+++ b/WebApp/Components/Pages/TeamPages/Handout.razor
@@ -1,6 +1,7 @@
-@using Microsoft.EntityFrameworkCore
+@page "/teams/handout"
+@attribute [Authorize]
+@using Microsoft.EntityFrameworkCore
 @using WebApp.Models
-@page "/teams/handout"
 @inject IConfiguration Configuration
 @inject AppDbContext Context
 
diff --git a/WebApp/Components/Pages/TeamPages/Index.razor b/WebApp/Components/Pages/TeamPages/Index.razor
index e82c347..dbb0ff0 100644
--- a/WebApp/Components/Pages/TeamPages/Index.razor
+++ b/WebApp/Components/Pages/TeamPages/Index.razor
@@ -1,5 +1,6 @@
-@page "/teams"
-@using Microsoft.EntityFrameworkCore
+@using Microsoft.EntityFrameworkCore
+@page "/teams"
+@attribute [Authorize]
 @inject AppDbContext Context
 @inject IDialogService DialogService
 @inject ISnackbar Snackbar
diff --git a/WebApp/Components/Pages/TeamPages/Printout.razor b/WebApp/Components/Pages/TeamPages/Printout.razor
index 0757dca..b2f56d9 100644
--- a/WebApp/Components/Pages/TeamPages/Printout.razor
+++ b/WebApp/Components/Pages/TeamPages/Printout.razor
@@ -1,6 +1,7 @@
-@using Microsoft.EntityFrameworkCore
+@page "/teams/printout"
+@attribute [Authorize]
+@using Microsoft.EntityFrameworkCore
 @using WebApp.Models
-@page "/teams/printout"
 @inject IConfiguration Configuration
 @inject AppDbContext Context
 
diff --git a/WebApp/Components/Routes.razor b/WebApp/Components/Routes.razor
index f756e19..7bcb103 100644
--- a/WebApp/Components/Routes.razor
+++ b/WebApp/Components/Routes.razor
@@ -1,6 +1,20 @@
-<Router AppAssembly="typeof(Program).Assembly">
+@using WebApp.Components.Layout
+@inject NavigationManager navigationManager
+
+<Router AppAssembly="typeof(Program).Assembly">
     <Found Context="routeData">
-        <RouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
-        <FocusOnNavigate RouteData="routeData" Selector="h1" />
+        <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
+            <NotAuthorized>
+                @{
+                    navigationManager.NavigateTo("/login", true);
+                }
+            </NotAuthorized>
+        </AuthorizeRouteView>
+        <FocusOnNavigate RouteData="@routeData" Selector="h1"/>
     </Found>
-</Router>
+    <NotFound>
+        @{
+            navigationManager.NavigateTo("/login", true);
+        }
+    </NotFound>
+</Router>
\ No newline at end of file
diff --git a/WebApp/Components/_Imports.razor b/WebApp/Components/_Imports.razor
index 10c25e5..3bdd46f 100644
--- a/WebApp/Components/_Imports.razor
+++ b/WebApp/Components/_Imports.razor
@@ -1,5 +1,7 @@
 @using System.Net.Http
 @using System.Net.Http.Json
+@using Microsoft.AspNetCore.Authorization
+@using Microsoft.AspNetCore.Components.Authorization
 @using Microsoft.AspNetCore.Components.Forms
 @using Microsoft.AspNetCore.Components.Routing
 @using Microsoft.AspNetCore.Components.Web
diff --git a/WebApp/Program.cs b/WebApp/Program.cs
index 494492f..f817e95 100644
--- a/WebApp/Program.cs
+++ b/WebApp/Program.cs
@@ -7,6 +7,7 @@ using WebApp.Components;
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
+builder.Services.AddControllersWithViews();
 builder.Services.AddRazorComponents()
     .AddInteractiveServerComponents();
 
@@ -25,6 +26,16 @@ builder.Services.AddScoped<ClipboardService>();
 builder.Services.AddScoped<StateContainer>(); // Server- side
 builder.Services.AddSingleton<StateContainer>();//Client-side 
 
+// Add authentication options
+builder.Services.AddAuthentication("Auth")
+    .AddCookie("Auth", options =>
+    {
+        options.ExpireTimeSpan = TimeSpan.FromMinutes(20);
+        options.SlidingExpiration = true;
+        options.LoginPath = "/login";
+    });
+builder.Services.AddCascadingAuthenticationState();
+
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
@@ -36,7 +47,11 @@ if (!app.Environment.IsDevelopment())
     app.UseMigrationsEndPoint();
 }
 
-app.UseHttpsRedirection();
+//app.UseHttpsRedirection();
+app.UseRouting();
+
+app.UseAuthentication();
+app.UseAuthorization();
 
 app.UseStaticFiles();
 app.UseAntiforgery();
@@ -44,4 +59,9 @@ app.UseAntiforgery();
 app.MapRazorComponents<App>()
     .AddInteractiveServerRenderMode();
 
+app.UseEndpoints(endpoints =>
+{
+    endpoints.MapControllerRoute("default", "{controller}/{action}");
+});
+
 app.Run();
diff --git a/WebApp/WebApp.csproj b/WebApp/WebApp.csproj
index bd89da4..e868219 100644
--- a/WebApp/WebApp.csproj
+++ b/WebApp/WebApp.csproj
@@ -13,6 +13,7 @@
 
   <ItemGroup>
     <PackageReference Include="BlazorSortableList" Version="2.1.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="9.0.11" />
     <PackageReference Include="Microsoft.AspNetCore.Components.QuickGrid.EntityFrameworkAdapter" Version="9.0.8" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="9.0.8" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.8">