From 3468402200e673191a922f46c2e8ba912976ccc9 Mon Sep 17 00:00:00 2001 From: Joseph Doherty Date: Sat, 3 Jan 2026 08:39:18 -0500 Subject: [PATCH] feat(client): update AuthService to use encrypted login --- .../JdeScoping.Client.csproj | 1 - .../JdeScoping.Client/Models/LoginModel.cs | 15 ---- NEW/src/JdeScoping.Client/Pages/Login.razor | 1 + .../JdeScoping.Client/Services/AuthService.cs | 73 ++++++++----------- .../Services/IAuthService.cs | 16 +--- 5 files changed, 36 insertions(+), 70 deletions(-) delete mode 100644 NEW/src/JdeScoping.Client/Models/LoginModel.cs diff --git a/NEW/src/JdeScoping.Client/JdeScoping.Client.csproj b/NEW/src/JdeScoping.Client/JdeScoping.Client.csproj index 244d7e6..2f3d35d 100644 --- a/NEW/src/JdeScoping.Client/JdeScoping.Client.csproj +++ b/NEW/src/JdeScoping.Client/JdeScoping.Client.csproj @@ -8,7 +8,6 @@ - diff --git a/NEW/src/JdeScoping.Client/Models/LoginModel.cs b/NEW/src/JdeScoping.Client/Models/LoginModel.cs deleted file mode 100644 index 9b26ae1..0000000 --- a/NEW/src/JdeScoping.Client/Models/LoginModel.cs +++ /dev/null @@ -1,15 +0,0 @@ -using System.ComponentModel.DataAnnotations; - -namespace JdeScoping.Client.Models; - -/// -/// Login form model with validation. -/// -public class LoginModel -{ - [Required(ErrorMessage = "Username is required")] - public string Username { get; set; } = string.Empty; - - [Required(ErrorMessage = "Password is required")] - public string Password { get; set; } = string.Empty; -} diff --git a/NEW/src/JdeScoping.Client/Pages/Login.razor b/NEW/src/JdeScoping.Client/Pages/Login.razor index 66407c4..c7a6e9a 100644 --- a/NEW/src/JdeScoping.Client/Pages/Login.razor +++ b/NEW/src/JdeScoping.Client/Pages/Login.razor @@ -1,4 +1,5 @@ @page "/login" +@using JdeScoping.Core.Models.Auth @inject IAuthService AuthService @inject NavigationManager NavigationManager diff --git a/NEW/src/JdeScoping.Client/Services/AuthService.cs b/NEW/src/JdeScoping.Client/Services/AuthService.cs index ece26bc..f589f4d 100644 --- a/NEW/src/JdeScoping.Client/Services/AuthService.cs +++ b/NEW/src/JdeScoping.Client/Services/AuthService.cs @@ -1,74 +1,66 @@ using System.Net.Http.Json; using JdeScoping.Client.Auth; using JdeScoping.Client.Models; +using JdeScoping.Core.Models.Auth; namespace JdeScoping.Client.Services; /// -/// Handles authentication via API calls with cookie-based auth. +/// Handles authentication via encrypted API calls with cookie-based auth. /// public class AuthService : IAuthService { private readonly HttpClient _httpClient; + private readonly ICryptoService _cryptoService; private readonly AuthStateProvider _authStateProvider; public AuthService( HttpClient httpClient, + ICryptoService cryptoService, AuthStateProvider authStateProvider) { _httpClient = httpClient; + _cryptoService = cryptoService; _authStateProvider = authStateProvider; } - public async Task LoginAsync(LoginModel model) + public async Task LoginAsync(LoginModel model) { try { - var response = await _httpClient.PostAsJsonAsync("api/auth/login", new + // Encrypt credentials + var encryptedData = await _cryptoService.EncryptLoginAsync(model); + var request = new EncryptedLoginRequest(encryptedData); + + // Send encrypted request + var response = await _httpClient.PostAsJsonAsync("api/auth/login", request); + + var result = await response.Content.ReadFromJsonAsync(); + if (result is null) { - model.Username, - model.Password - }); - - if (response.IsSuccessStatusCode) - { - // API returns UserInfo and sets auth cookie - var userInfo = await response.Content.ReadFromJsonAsync(); - if (userInfo != null) - { - // Notify auth state provider of the login - await _authStateProvider.MarkUserAsAuthenticated(userInfo); - - return new AuthResult - { - Success = true, - User = userInfo - }; - } - - return new AuthResult - { - Success = false, - ErrorMessage = "Invalid response from server" - }; + return new LoginResultModel(false, "Invalid response from server", null); } - var errorContent = await response.Content.ReadAsStringAsync(); - return new AuthResult + if (result.Success && result.User is not null) { - Success = false, - ErrorMessage = string.IsNullOrEmpty(errorContent) - ? "Login failed. Please check your credentials." - : errorContent - }; + // Notify auth state provider of the login + var userViewModel = new UserInfoViewModel + { + Username = result.User.Username, + FirstName = result.User.FirstName, + LastName = result.User.LastName, + DisplayName = result.User.DisplayName, + EmailAddress = result.User.EmailAddress, + Title = result.User.Title + }; + await _authStateProvider.MarkUserAsAuthenticated(userViewModel); + } + + return result; } catch (Exception ex) { - return new AuthResult - { - Success = false, - ErrorMessage = $"Login failed: {ex.Message}" - }; + return new LoginResultModel(false, $"Login failed: {ex.Message}", null); } } @@ -76,7 +68,6 @@ public class AuthService : IAuthService { try { - // Call logout endpoint to clear server-side cookie await _httpClient.PostAsync("api/auth/logout", null); } catch diff --git a/NEW/src/JdeScoping.Client/Services/IAuthService.cs b/NEW/src/JdeScoping.Client/Services/IAuthService.cs index 4486eec..3cfe66a 100644 --- a/NEW/src/JdeScoping.Client/Services/IAuthService.cs +++ b/NEW/src/JdeScoping.Client/Services/IAuthService.cs @@ -1,4 +1,4 @@ -using JdeScoping.Client.Models; +using JdeScoping.Core.Models.Auth; namespace JdeScoping.Client.Services; @@ -8,22 +8,12 @@ namespace JdeScoping.Client.Services; public interface IAuthService { /// - /// Attempts to log in with the provided credentials. + /// Attempts to log in with the provided credentials (encrypted). /// - Task LoginAsync(LoginModel model); + Task LoginAsync(LoginModel model); /// /// Logs out the current user. /// Task LogoutAsync(); } - -/// -/// Result of an authentication attempt. -/// -public record AuthResult -{ - public bool Success { get; init; } - public string? ErrorMessage { get; init; } - public UserInfoViewModel? User { get; init; } -}