Web App signin, signout and cateries extracted from token to generate menu

HasanJaved-Developer · HasanJaved-Developer · commit 43ea983175e6 · 2025-09-06T18:46:12.000+05:00
diff --git a/ApiIntegrationMvc/ApiIntegrationMvc.csproj b/ApiIntegrationMvc/ApiIntegrationMvc.csproj
@@ -12,6 +12,11 @@
 
   <ItemGroup>
     <Folder Include="Areas\Home\Models\" />
+    <Folder Include="Controllers\" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.0.1" />
   </ItemGroup>
 
 </Project>
diff --git a/ApiIntegrationMvc/Areas/Account/Controllers/LoginController.cs b/ApiIntegrationMvc/Areas/Account/Controllers/LoginController.cs
@@ -1,5 +1,8 @@
 ﻿using ApiIntegrationMvc.Areas.Account.Models;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Mvc;
+using System.Security.Claims;
 using System.Text.Json;
 using UserManagement.Contracts.Auth;
 using UserManagement.Sdk.Abstractions;
@@ -11,7 +14,8 @@ public class LoginController : Controller
     {
         private readonly IUserManagementClient _users;
         private readonly IAccessTokenProvider _cache;
-        public LoginController(IUserManagementClient users, IAccessTokenProvider cache) => (_users, _cache) = (users, cache);
+        private readonly IHttpContextAccessor _http;
+        public LoginController(IUserManagementClient users, IAccessTokenProvider cache, IHttpContextAccessor http) => (_users, _cache, _http) = (users, cache, http);
 
         [HttpGet]
         [ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)]
@@ -41,7 +45,30 @@ public async Task<IActionResult> Index(LoginViewModel model, CancellationToken c
                     return RedirectToAction(nameof(Index));   // ← PRG on failure
                 }
 
-                
+
+                // Build claims (at least a stable user id + name)
+                var claims = new List<Claim>
+                {
+                    new(ClaimTypes.NameIdentifier, result.UserId.ToString()),
+                    new(ClaimTypes.Name, result.UserName),
+                  
+                };
+
+                var identity = new ClaimsIdentity(
+                    claims, CookieAuthenticationDefaults.AuthenticationScheme);
+
+                // Sign-in (creates auth cookie)
+                await HttpContext.SignInAsync(
+                    CookieAuthenticationDefaults.AuthenticationScheme,
+                    new ClaimsPrincipal(identity),
+                    new AuthenticationProperties
+                    {
+                        IsPersistent = false,
+                        // keep cookie a bit shorter than token
+                        ExpiresUtc = result.ExpiresAtUtc.AddMinutes(-5)
+                    });
+
+
                 _cache.SetAccessToken(result.Token, result.UserId, result.ExpiresAtUtc);
 
                 return RedirectToAction("Index", "Home", new { area = "Home" });
@@ -63,6 +90,29 @@ public async Task<IActionResult> Index(LoginViewModel model, CancellationToken c
             }
         }
 
-        
+        private static string? Claim(ClaimsPrincipal? u, string t) => u?.FindFirst(t)?.Value;
+
+        private string? CurrentUserId() =>
+            Claim(_http.HttpContext?.User, "sub")
+         ?? Claim(_http.HttpContext?.User, ClaimTypes.NameIdentifier);
+
+
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> Logout(CancellationToken ct)
+        {
+            var uid = CurrentUserId();
+            if (string.IsNullOrEmpty(uid))
+            {
+                return RedirectToAction("Index", "Login", new { area = "Account" });
+            }
+            // IMPORTANT: remove tokens while the user is still authenticated
+            await _cache.RemoveAsync(uid, ct);
+
+            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+            return RedirectToAction("Index", "Login", new { area = "Account" });
+        }
+
+
     }
 }
diff --git a/ApiIntegrationMvc/Areas/Home/Controllers/HomeController.cs b/ApiIntegrationMvc/Areas/Home/Controllers/HomeController.cs
@@ -1,23 +1,41 @@
 using ApiIntegrationMvc.Areas.Account.Models;
 using Microsoft.AspNetCore.Mvc;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
 using System.Text.Json;
 using UserManagement.Contracts.Auth;
 using UserManagement.Sdk.Abstractions;
+using UserManagementApi.Contracts.Models;
+using static System.Net.WebRequestMethods;
 
 namespace ApiIntegrationMvc.Areas.Home.Controllers
 {
     [Area("Home")]
     public class HomeController : Controller
     {
-        private readonly ILogger<HomeController> _logger;
+        private readonly IAccessTokenProvider _tokens;
 
-        public HomeController(ILogger<HomeController> logger)
-        {
-            _logger = logger;
-        }
 
-        public IActionResult Index()
-        {
+        public HomeController(IAccessTokenProvider tokens) => _tokens = tokens;
+       
+
+        public async Task<IActionResult> Index(CancellationToken ct)
+        {            
+            var token = await _tokens.GetAccessTokenAsync(ct);
+
+            var handler = new JwtSecurityTokenHandler();
+            var jwt = handler.ReadJwtToken(token);
+            IEnumerable<Claim> claims = jwt.Claims;
+            var list = claims.Where(c => c.Type == "categories").Select(c => c.Value).ToList();
+            if (list.Count == 1)
+            {
+                var categories = JsonSerializer.Deserialize<List<Category>>(list[0]);
+                ViewBag.Categories = categories;
+            }
+            else
+            {
+                ViewBag.Categories = new List<Category>();
+            }
             return View();
         }
 
@@ -26,5 +44,7 @@ public IActionResult Privacy()
             return View();
         }
 
+
+
     }
 }
diff --git a/ApiIntegrationMvc/Controllers/HomeController.cs b/ApiIntegrationMvc/Controllers/HomeController.cs
diff --git a/ApiIntegrationMvc/Program.cs b/ApiIntegrationMvc/Program.cs
@@ -1,3 +1,4 @@
+using Microsoft.AspNetCore.Authentication.Cookies;
 using UserManagement.Sdk;
 using UserManagement.Sdk.Abstractions;
 using UserManagement.Sdk.Extensions;
@@ -16,6 +17,20 @@
 // Add services to the container.
 builder.Services.AddControllersWithViews();
 
+// Cookie auth for the web app (UI)
+builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
+    .AddCookie(o =>
+    {
+        o.LoginPath = "/Account/Login";
+        o.LogoutPath = "/Account/Logout";
+        o.AccessDeniedPath = "/Account/Denied";
+        // optional:
+        o.SlidingExpiration = true;
+        o.ExpireTimeSpan = TimeSpan.FromHours(8);
+    });
+
+builder.Services.AddAuthorization();
+
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
diff --git a/ApiIntegrationMvc/Views/Shared/_Layout.cshtml b/ApiIntegrationMvc/Views/Shared/_Layout.cshtml
@@ -10,6 +10,126 @@
     <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet" />
     <link rel="stylesheet" href="~/css/site.css" asp-append-version="true" />
     <link rel="stylesheet" href="~/ApiIntegrationMvc.styles.css" asp-append-version="true" />
+    <style>
+        body {
+            margin: 0;
+            font-family: system-ui, -apple-system, Segoe UI, Roboto, Arial;
+        }
+
+        .shell {
+            display: grid;
+            grid-template-columns: 280px 1fr;
+            height: 100vh;
+        }
+
+        .left {
+            border-right: 1px solid #eee;
+            overflow: auto;
+            padding: 12px;
+        }
+
+        .right {
+            overflow: auto;
+            padding: 16px;
+        }
+
+        /* Tree */
+        .tree, .tree ul {
+            list-style: none;
+            margin: 0;
+            padding-left: 0;
+        }
+
+            .tree li {
+                margin: 2px 0;
+            }
+
+        .row {
+            display: flex;
+            align-items: center;
+            gap: 6px;
+            padding: 6px 8px;
+            border-radius: 8px;
+            cursor: pointer;
+        }
+
+            .row:hover {
+                background: #f5f7fb;
+            }
+
+            .row.active {
+                background: #e9f1ff;
+                outline: 1px solid #cfe1ff;
+            }
+
+        .toggle {
+            width: 18px;
+            text-align: center;
+            user-select: none;
+            font-weight: 600;
+            color: #666;
+        }
+
+        /* Tiles */
+        .header {
+            display: flex;
+            align-items: center;
+            justify-content: space-between;
+            margin-bottom: 8px;
+        }
+
+        .path {
+            color: #888;
+            font-size: 12px;
+        }
+
+        .tiles {
+            display: grid;
+            grid-template-columns: repeat(auto-fill, minmax(220px,1fr));
+            gap: 12px;
+        }
+
+        .tile {
+            border: 1px solid #eee;
+            border-radius: 14px;
+            padding: 16px;
+            box-shadow: 0 1px 2px rgba(0,0,0,.04);
+            transition: transform .06s, box-shadow .06s;
+        }
+
+            .tile:hover {
+                transform: translateY(-1px);
+                box-shadow: 0 4px 10px rgba(0,0,0,.06);
+                cursor: pointer;
+            }
+
+            .tile h4 {
+                margin: 0 0 6px 0;
+                font-size: 16px;
+            }
+
+            .tile p {
+                margin: 0;
+                color: #666;
+                font-size: 13px;
+            }
+
+        .empty {
+            color: #999;
+            padding: 12px 0;
+        }
+
+        .section {
+            margin: 10px 0 0 18px;
+        }
+
+        .section-title {
+            font-size: 12px;
+            color: #666;
+            text-transform: uppercase;
+            margin: 4px 0;
+        }
+    </style>
 </head>
 <body>
     <header>
@@ -23,13 +143,31 @@
                 <div class="navbar-collapse collapse d-sm-inline-flex justify-content-between">
                     <ul class="navbar-nav flex-grow-1">
                         <li class="nav-item">
-                            <a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Index">Home</a>
+                            <a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Index"><i class="bi bi-house-door me-1"></i> Home</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Privacy">Privacy</a>
+                            <a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Privacy"><i class="bi bi-shield-lock me-1"></i> Privacy</a>
                         </li>
                     </ul>
                 </div>
+                <div class="collapse navbar-collapse">
+                    <ul class="navbar-nav ms-auto">
+                        @if (User?.Identity?.IsAuthenticated == true)
+                        {
+                            <li class="nav-item">
+                                <form asp-area="Account" asp-controller="Login" asp-action="Logout" method="post" class="d-inline">
+                                    @Html.AntiForgeryToken()
+                                    <button type="submit" class="btn btn-link nav-link"><i class="bi bi-box-arrow-right me-1"></i> Logout</button>
+                                </form>
+                            </li>
+                        }
+                        else
+                        {
+                            <li class="nav-item">
+                                <a class="nav-link" asp-area="Account" asp-controller="Login" asp-action="Index">Login</a>
+                            </li>
+                        }
+                    </ul>
             </div>
         </nav>
     </header>
diff --git a/UserManagement.Sdk/Abstractions/IAccessTokenProvider.cs b/UserManagement.Sdk/Abstractions/IAccessTokenProvider.cs
@@ -10,5 +10,6 @@ public interface IAccessTokenProvider
     {
         Task<string?> GetAccessTokenAsync(CancellationToken ct = default);
         void SetAccessToken(string token, int userId, DateTime expiresAtUtc);
+        public Task RemoveAsync(string userId, CancellationToken ct = default);
     }
 }
diff --git a/UserManagement.Sdk/MemoryCacheAccessTokenProvider.cs b/UserManagement.Sdk/MemoryCacheAccessTokenProvider.cs
@@ -37,6 +37,12 @@ public void SetAccessToken(string token, int userId, DateTime expiresAtUtc)
             _cache.Set($"token:{userId}", token, ttl);
         }
 
+        public Task RemoveAsync(string userId, CancellationToken ct = default)
+        {   
+            _cache.Remove($"token:{userId}");
+            return Task.CompletedTask;
+        }
+
         public static TimeSpan ToTtl(DateTime expiresAtUtc, TimeSpan? safety = null)
         {
             // ensure it's treated as UTC

Original file line number	Diff line number	Diff line change
`@@ -10,5 +10,6 @@ public interface IAccessTokenProvider`
`10`	`10`	`{`
`11`	`11`	`Task<string?> GetAccessTokenAsync(CancellationToken ct = default);`
`12`	`12`	`void SetAccessToken(string token, int userId, DateTime expiresAtUtc);`
	`13`	`+ public Task RemoveAsync(string userId, CancellationToken ct = default);`
`13`	`14`	`}`
`14`	`15`	`}`
Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,12 @@ public void SetAccessToken(string token, int userId, DateTime expiresAtUtc)`
`37`	`37`	`_cache.Set($"token:{userId}", token, ttl);`
`38`	`38`	`}`
`39`	`39`
	`40`	`+ public Task RemoveAsync(string userId, CancellationToken ct = default)`
	`41`	`+ {`
	`42`	`+ _cache.Remove($"token:{userId}");`
	`43`	`+ return Task.CompletedTask;`
	`44`	`+ }`
	`45`	`+`
`40`	`46`	`public static TimeSpan ToTtl(DateTime expiresAtUtc, TimeSpan? safety = null)`
`41`	`47`	`{`
`42`	`48`	`// ensure it's treated as UTC`