Updated session5

Author: davidfowl

docs/5. Add personal agenda.md

@@ -140,133 +140,132 @@ In this section we'll add features that track attendees who have registered on t
             [DataType(DataType.EmailAddress)]
             public override string EmailAddress { get => base.EmailAddress; set => base.EmailAddress = value; }
         }
-    }    
+    }
     ```
 1. In `Welcome.cshtml.cs`, add logic that associates the logged in user with an attendee:
     ```csharp
-        using System.Threading.Tasks;
-        using FrontEnd.Services;
-        using FrontEnd.Pages.Models;
-        using Microsoft.AspNetCore.Mvc;
-        using Microsoft.AspNetCore.Mvc.RazorPages;
-        using System.Security.Claims;
-        using Microsoft.AspNetCore.Authentication;
-        using Microsoft.AspNetCore.Identity;
-
-        namespace FrontEnd
+    using System.Threading.Tasks;
+    using FrontEnd.Services;
+    using FrontEnd.Pages.Models;
+    using Microsoft.AspNetCore.Mvc;
+    using Microsoft.AspNetCore.Mvc.RazorPages;
+    using System.Security.Claims;
+    using Microsoft.AspNetCore.Authentication;
+    using Microsoft.AspNetCore.Identity;
+
+    namespace FrontEnd
+    {
+        public class WelcomeModel : PageModel
         {
-            public class WelcomeModel : PageModel
+            private readonly IApiClient _apiClient;
+
+            public WelcomeModel(IApiClient apiClient)
             {
-                private readonly IApiClient _apiClient;
+                _apiClient = apiClient;
+            }
 
-                public WelcomeModel(IApiClient apiClient)
-                {
-                    _apiClient = apiClient;
-                }
+            [BindProperty]
+            public Attendee Attendee { get; set; }
 
-                [BindProperty]
-                public Attendee Attendee { get; set; }
+            public IActionResult OnGet()
+            {
+                // Redirect to home page if user is anonymous or already registered as attendee
+                var isAttendee = User.IsAttendee();
 
-                public IActionResult OnGet()
+                if (!User.Identity.IsAuthenticated || isAttendee)
                 {
-                    // Redirect to home page if user is anonymous or already registered as attendee
-                    var isAttendee = User.IsAttendee();
+                    return RedirectToPage("/Index");
+                }
 
-                    if (!User.Identity.IsAuthenticated || isAttendee)
-                    {
-                        return RedirectToPage("/Index");
-                    }
+                return Page();
+            }
 
-                    return Page();
-                }
+            public async Task<IActionResult> OnPostAsync()
+            {
+                var success = await _apiClient.AddAttendeeAsync(Attendee);
 
-                public async Task<IActionResult> OnPostAsync()
+                if (!success)
                 {
-                    var success = await _apiClient.AddAttendeeAsync(Attendee);
-
-                    if (!success)
-                    {
-                        ModelState.AddModelError("", "There was an issue creating the attendee for this user.");
-                        return Page();
-                    }
+                    ModelState.AddModelError("", "There was an issue creating the attendee for this user.");
+                    return Page();
+                }
 
-                    // Re-issue the auth cookie with the new IsAttendee claim
-                    User.MakeAttendee();
-                    await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, User);
+                // Re-issue the auth cookie with the new IsAttendee claim
+                User.MakeAttendee();
+                await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, User);
 
-                    return RedirectToPage("/Index");
-                }
+                return RedirectToPage("/Index");
             }
         }
+    }
     ```
 1. Logged in users can now be associated with an attendee by visiting this page.
 
-## Add a filter to force logged in users to sign up on welcome page
-1. Add a folder called `Filters`.
+## Add a middleware to force logged in users to sign up on welcome page
+1. Add a folder called `Middleware`.
 1. Add a new attribute `SkipWelcomeAttribute.cs` to allow certain pages or action methods to be skipped from enforcing redirection to the Welcome page:
 
     ```csharp
     using System;
-    using Microsoft.AspNetCore.Mvc.Filters;
 
-    namespace FrontEnd.Filters
+    namespace FrontEnd
     {
         [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
-        public class SkipWelcomeAttribute : Attribute, IFilterMetadata
+        public class SkipWelcomeAttribute : Attribute
         {
 
         }
     }
     ```
-1. Add a new class called `RequireLoginFilter.cs` that redirects to the Welcome page if the user is authenticated but not associated with an attendee (does not have the `"IsAttendee"` claim):
+1. Add a new class called `RequireLoginMiddleware.cs` that redirects to the Welcome page if the user is authenticated but not associated with an attendee (does not have the `"IsAttendee"` claim):
 
     ```csharp
-    public class RequireLoginFilter : IAsyncResourceFilter
+    public class RequireLoginMiddleware
     {
-        private readonly IUrlHelperFactory _urlHelperFactory;
+        private readonly RequestDelegate _next;
+        private readonly LinkGenerator _linkGenerator;
 
-        public RequireLoginFilter(IUrlHelperFactory urlHelperFactory)
+        public RequireLoginMiddleware(RequestDelegate next, LinkGenerator linkGenerator)
         {
-            _urlHelperFactory = urlHelperFactory;
+            _next = next;
+            _linkGenerator = linkGenerator;
         }
 
-        public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next)
+        public Task Invoke(HttpContext context)
         {
-            var urlHelper = _urlHelperFactory.GetUrlHelper(context);
+            var endpoint = context.GetEndpoint();
 
             // If the user is authenticated but not a known attendee *and* we've not marked this page
             // to skip attendee welcome, then redirect to the Welcome page
-            if (context.HttpContext.User.Identity.IsAuthenticated &&
-                !context.Filters.OfType<SkipWelcomeAttribute>().Any())
+            if (context.User.Identity.IsAuthenticated &&
+                endpoint?.Metadata.GetMetadata<SkipWelcomeAttribute>() == null)
             {
-                var isAttendee = context.HttpContext.User.IsAttendee();
+                var isAttendee = context.User.IsAttendee();
 
                 if (!isAttendee)
                 {
+                    var url = _linkGenerator.GetUriByPage(context, page: "/Welcome");
                     // No attendee registerd for this user
-                    context.HttpContext.Response.Redirect(urlHelper.Page("/Welcome"));
+                    context.Response.Redirect(url);
 
-                    return;
+                    return Task.CompletedTask;
                 }
             }
 
-            await next();
+            return _next(context);
         }
     }
     ```
-1. Register the `RequireLogin` filter globally with MVC using its options in the `ConfigureServices` method in `Startup.cs`:
+1. Add the `RequireLoginMiddleware` in `Configure` method in `Startup.cs` before `UseEndpoints()`:
 
     ```csharp
-    services.AddMvc(options =>
+    app.UseMiddleware<RequireLoginMiddleware>();
+
+    app.UseEndpoints(endpoints =>
     {
-        options.Filters.AddService<RequireLoginFilter>();
-    })
+        endpoints.MapRazorPages();
+    });
     ```
-1. Register the filter in DI in the `ConfigureServices` method in `Startup.cs`
-
-   ```csharp
-   services.AddTransient<RequireLoginFilter>();
-   ```
 1. Update the `Welcome.cshtml.cs` class with the attribute to ensure it is skipped when the global filter runs:
 
     ```csharp
@@ -345,9 +344,9 @@ dotnet aspnet-codegenerator identity --dbContext FrontEnd.Data.IdentityDbContext
             return new List<SessionResponse>();
         }
 
-        var sessionIds = attendee.Sessions.Select(s => s.ID);
+        var sessionIds = attendee.Sessions.Select(s => s.Id);
 
-        sessions.RemoveAll(s => !sessionIds.Contains(s.ID));
+        sessions.RemoveAll(s => !sessionIds.Contains(s.Id));
 
         return sessions;
     }
@@ -364,15 +363,15 @@ dotnet aspnet-codegenerator identity --dbContext FrontEnd.Data.IdentityDbContext
     ```csharp
     var sessions = await _apiClient.GetSessionsByAttendeeAsync(User.Identity.Name);
 
-    IsInPersonalAgenda = sessions.Any(s => s.ID == id);
+    IsInPersonalAgenda = sessions.Any(s => s.Id == id);
     ```
 1. Add a form to the bottom of `Session.cshtml` razor page that adds the ability to add/remove the session to the attendee's personal agenda:
 
     ```html
     <form method="post">
-        <input type="hidden" name="sessionId" value="@Model.Session.ID" />
+        <input type="hidden" name="sessionId" value="@Model.Session.Id" />
         <p>
-            <a authz-policy="Admin" asp-page="/Admin/EditSession" asp-route-id="@Model.Session.ID" class="btn btn-default btn-sm">Edit</a>
+            <a authz-policy="Admin" asp-page="/Admin/EditSession" asp-route-id="@Model.Session.Id" class="btn btn-default btn-sm">Edit</a>
             @if (Model.IsInPersonalAgenda)
             {
                 <button authz="true" type="submit" asp-page-handler="Remove" class="btn btn-default btn-sm" title="Remove from my personal agenda">
@@ -526,14 +525,14 @@ dotnet aspnet-codegenerator identity --dbContext FrontEnd.Data.IdentityDbContext
                                 @foreach (var speaker in session.Speakers)
                                 {
                                     <li class="list-inline-item">
-                                        <a asp-page="Speaker" asp-route-id="@speaker.ID">@speaker.Name</a>
+                                        <a asp-page="Speaker" asp-route-id="@speaker.Id">@speaker.Name</a>
                                     </li>
                                 }
                             </ul>
                             <form authz="true" method="post">
-                                <input type="hidden" name="sessionId" value="@session.ID" />
+                                <input type="hidden" name="sessionId" value="@session.Id" />
                                 <p class="mb-0">
-                                    <a authz-policy="Admin" asp-page="/Admin/EditSession" asp-route-id="@session.ID" class="btn btn-default btn-sm">Edit</a>
+                                    <a authz-policy="Admin" asp-page="/Admin/EditSession" asp-route-id="@session.Id" class="btn btn-default btn-sm">Edit</a>
                                     @if (Model.UserSessions.Contains(session.ID))
                                     {
                                         <button type="submit" asp-page-handler="Remove" class="btn btn-default btn-sm bg-transparent" title="Remove from my personal agenda">
@@ -605,7 +604,7 @@ dotnet aspnet-codegenerator identity --dbContext FrontEnd.Data.IdentityDbContext
         CurrentDayOffset = day;
 
         var userSessions = await _apiClient.GetSessionsByAttendeeAsync(User.Identity.Name);
-        UserSessions = userSessions.Select(u => u.ID).ToList();
+        UserSessions = userSessions.Select(u => u.Id).ToList();
 
         var sessions = await GetSessionsAsync();
         //...