Commit e95ae6ce authored by Ryan Nowak's avatar Ryan Nowak
Browse files

Add save point at the end of step 5

parent 2a112597
......@@ -13,11 +13,10 @@ Go ahead and [get started](/docs/00-get-started)!
| [Session #0](/docs/00-get-started.md) | Get bits installed and build your first Blazor app |
| [Session #1](/docs/01-components-and-layout.md) | Get started with components, create the app layout |
| [Session #2](/docs/02-events-and-data-binding.md) | Add customized pizzas to orders |
| [Session #3](/docs/03-dependency-injection.md) | Using dependency injection |
| [Session #4](/docs/04-javascript-interop.md) | Track order status on a real time map |
| [Session #5](/docs/05-templated-components.md) | Create and use components with template parameters |
| [Session #6](docs/06-authentication-and-authorizationg.md) | Authenticate users and authorize access to order status |
| [Session #7](/docs/07-publish-and-deploy.md) | Deploy your app to Azure |
| [Session #8](/docs/08-advanced-components.md) | Component libraries, component lifecycle events, and component internals |
| [Session #3](/docs/03-show-order-status.md) | Show order status |
| [Session #4](/docs/03-refactor-state-management.md) | Using dependency injection to track application state |
| [Session #5](/docs/05-authentication-and-authorization.md) | Authenticate users and authorize access to order status |
| [Session #6](/docs/06-javascript-interop.md) | Track order status on a real time map |
| [Session #7](/docs/07-templated-components.md) | Create and use components with template parameters |
| [Session #8](/docs/08-publish-and-deploy.md) | Deploy your app to Azure |
| [Session #9](/docs/09-advanced-components.md) | Component libraries, component lifecycle events, and component internals |
# Authentication and authorization
Rough Notes:
1. Authentication & authorization
- Uncomment user-id related code in OrdersController - now you can no longer view or place orders
- Introduce cascading parameter for UserState
- Decorating the router with UserStateProvider makes UserState available everywhere
- Write the UserInfo component - the only new feature here is consuming a cascading parameter
- Add the UserInfo component to the layout so you can see sign-in/sign-out from every page
- Adding a new layout ForceSigninLayout that prevents rendering of content when not signed in
- Apply this layout to the MyOrders page and OrderDetails page will trigger a signin on navigation
\ No newline at end of file
<Router AppAssembly=typeof(Program).Assembly />
<UserStateProvider>
<Router AppAssembly=typeof(Program).Assembly />
</UserStateProvider>
\ No newline at end of file
@page "/myorders"
@layout ForceSignInLayout
@inject HttpClient HttpClient
<div class="main">
......
@page "/myorders/{orderId:int}"
@using System.Threading
@layout ForceSignInLayout
@inject HttpClient HttpClient
@implements IDisposable
......
@inherits BlazorLayoutComponent
@layout MainLayout
@if (UserState.CurrentUser == null) // Retrieving the login state
{
<text>Loading...</text>
}
else if (UserState.IsLoggedIn)
{
@Body
}
else
{
<div class="main">
<h2>You're signed out</h2>
<p>To continue, please sign in.</p>
<button class="btn btn-danger" onclick="@UserState.SignIn">Sign in</button>
</div>
}
@functions {
[CascadingParameter] UserStateProvider UserState { get; set; }
}
......@@ -12,6 +12,8 @@
<img src="img/bike.svg" />
<div>My Orders</div>
</NavLink>
<UserInfo />
</div>
<div class="content">
......
<div class="user-info">
@if (UserState.CurrentUser == null)
{
<text>...</text>
}
else if (UserState.CurrentUser.IsLoggedIn)
{
<img src="img/user.svg" />
<div>
<span class="username">@UserState.CurrentUser.DisplayName</span>
<span class="sign-out" onclick="@UserState.SignOut">Sign out</span>
</div>
}
else
{
<button onclick="@UserState.SignIn" class="sign-in">Sign in</button>
}
</div>
@functions {
[CascadingParameter] UserStateProvider UserState { get; set; }
}
......@@ -10,7 +10,7 @@ namespace BlazingPizza.Server
{
[Route("orders")]
[ApiController]
// [Authorize]
[Authorize]
public class OrdersController : Controller
{
private readonly PizzaStoreContext _db;
......@@ -24,7 +24,7 @@ namespace BlazingPizza.Server
public async Task<ActionResult<List<OrderWithStatus>>> GetOrders()
{
var orders = await _db.Orders
// .Where(o => o.UserId == GetUserId())
.Where(o => o.UserId == GetUserId())
.Include(o => o.Pizzas).ThenInclude(p => p.Special)
.Include(o => o.Pizzas).ThenInclude(p => p.Toppings).ThenInclude(t => t.Topping)
.OrderByDescending(o => o.CreatedTime)
......@@ -38,7 +38,7 @@ namespace BlazingPizza.Server
{
var order = await _db.Orders
.Where(o => o.OrderId == orderId)
// .Where(o => o.UserId == GetUserId())
.Where(o => o.UserId == GetUserId())
.Include(o => o.Pizzas).ThenInclude(p => p.Special)
.Include(o => o.Pizzas).ThenInclude(p => p.Toppings).ThenInclude(t => t.Topping)
.SingleOrDefaultAsync();
......@@ -56,7 +56,7 @@ namespace BlazingPizza.Server
{
order.CreatedTime = DateTime.Now;
order.DeliveryLocation = new LatLong(51.5001, -0.1239);
// order.UserId = GetUserId();
order.UserId = GetUserId();
_db.Orders.Attach(order);
await _db.SaveChangesAsync();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment