Refactor EnvelopeReceiverPage to server-side logic
Updated the document signing system to use a unified Blazor Auto (Server+WASM hybrid) frontend. Replaced client-side API calls with server-side authentication and data loading via `EnvelopeReceiverAuthorizationService` and `EnvelopeReceiverPageDataService`.
- Updated `/envelope/{key}` route to use MediatR for data loading.
- Integrated PDF.js 3.11.174 for rendering with configurable quality.
- Removed iText7 dependency due to GPL license issues.
- Introduced per-envelope cookies for receiver authentication.
- Cached signatures now loaded from distributed cache.
- Replaced redundant client-side API calls with server-side logic.
- Improved security and performance with server-side authorization.
These changes streamline the workflow, enhance security, and align the system with modern Blazor Server practices.
This commit is contained in:
@@ -5,6 +5,11 @@ Digital document signing system with **unified Blazor Auto (Server+WASM hybrid)
|
||||
|
||||
**Primary Libraries:** DevExpress + PDF.js (PSPDFKit removed)
|
||||
|
||||
**Receiver Architecture:**
|
||||
- Receiver authentication for `EnvelopeReceiverPage.razor` is now validated server-side.
|
||||
- Receiver page data is loaded directly via MediatR and distributed cache, not through the page's own API calls.
|
||||
- PDF rendering in `EnvelopeReceiverPage.razor` is PDF.js-based, while `DxPdfViewer` remains the SSR-native viewer target.
|
||||
|
||||
---
|
||||
|
||||
## Migration Notice
|
||||
@@ -203,7 +208,7 @@ Client ? WebUI:XXXX (Blazor Auto)
|
||||
### Server-Side Pages (WebUI)
|
||||
| File | Route | Purpose |
|
||||
|---|---|---|
|
||||
| `WebUI/Components/Pages/EnvelopeReceiverPage.razor` | `/envelope/{key}` | Receiver PDF viewer & signing (PDF.js). |
|
||||
| `WebUI/Components/Pages/EnvelopeReceiverPage.razor` | `/envelope/{key}` | Receiver PDF viewer & signing page. Uses Interactive Server, server-side auth/data loading, and currently renders with PDF.js overlay logic. |
|
||||
| `WebUI/Components/Pages/EnvelopeReceiverPage_DxPdfViewer.razor` | `/envelope/DxPdfViewer` | DevExpress PDF Viewer (test page). |
|
||||
| `WebUI/Components/Pages/EnvelopeReceiverPage_DxReportViewer.razor` | `/envelope/{key}/DxReportViewer` | DevExpress Report Viewer. |
|
||||
| `WebUI/Components/Pages/EnvelopeReceiverPage_embed.razor` | `/envelope/Embed` | Embedded PDF viewer (iframe). |
|
||||
@@ -214,6 +219,8 @@ Client ? WebUI:XXXX (Blazor Auto)
|
||||
| `WebUI.Client/Services/AuthService.cs` | Receiver + Sender authentication. |
|
||||
| `WebUI.Client/Services/SignatureCacheService.cs` | Signature caching (Redis/SQL). |
|
||||
| `WebUI.Client/Services/DocumentService.cs` | PDF document retrieval. |
|
||||
| `WebUI/Services/EnvelopeReceiverAuthorizationService.cs` | Server-side receiver authorization for `EnvelopeReceiverPage.razor` using per-envelope cookie/JWT validation. |
|
||||
| `WebUI/Services/EnvelopeReceiverPageDataService.cs` | Server-side document/signature/receiver data loading via MediatR and distributed cache. |
|
||||
| `WebUI/wwwroot/js/pdf-viewer.js` | PDF.js wrapper (zoom, pagination, thumbnails). |
|
||||
| `WebUI/wwwroot/js/receiver-signature.js` | Signature pad (draw/type/image). |
|
||||
| `WebUI/wwwroot/css/envelope-viewer.css` | EnvelopeViewer styles. |
|
||||
@@ -253,9 +260,16 @@ Client ? WebUI:XXXX (Blazor Auto)
|
||||
## EnvelopeReceiver — PDF.js Viewer & Signing
|
||||
|
||||
**Route:** `/envelope/{EnvelopeKey}`
|
||||
**Tech:** PDF.js 3.11.174 + Blazor Server (`@rendermode InteractiveServer`) + configurable quality
|
||||
**Tech:** PDF.js 3.11.174 + Blazor Server (`@rendermode InteractiveServer`) + server-side auth/data loading + configurable quality
|
||||
**File:** `WebUI/Components/Pages/EnvelopeReceiverPage.razor`
|
||||
|
||||
### Current Server-Side Loading Model
|
||||
|
||||
- Authorization is performed inside the server project via `EnvelopeReceiverAuthorizationService`.
|
||||
- The page no longer relies on `GET /api/auth/check/envelope/{EnvelopeKey}` for its own access check.
|
||||
- Document bytes, receiver data, and signature placeholders are loaded directly through MediatR using `EnvelopeReceiverPageDataService`.
|
||||
- Cached signatures are loaded from distributed cache directly in the server project.
|
||||
|
||||
### Key Features
|
||||
1. HiDPI/Retina support (4x quality)
|
||||
2. Configurable quality (`appsettings.json`)
|
||||
@@ -300,7 +314,9 @@ window.pdfViewer = {
|
||||
### Workflow Steps
|
||||
|
||||
1. **Page Load:**
|
||||
- Check `SignatureCacheService` for cached signature
|
||||
- Validate receiver access server-side using the per-envelope auth cookie
|
||||
- Load document, receiver, and signature data directly through MediatR
|
||||
- Check distributed cache for cached signature
|
||||
- If cached ? skip popup, load signature
|
||||
- If not ? show automatic popup (mandatory)
|
||||
|
||||
@@ -325,6 +341,12 @@ window.pdfViewer = {
|
||||
- Zoom/Page change ? recalculate button positions
|
||||
- Session state: `_capturedSignature` (lost on refresh)
|
||||
|
||||
### Authentication Notes
|
||||
|
||||
- Receiver cookies are stored per envelope: `AuthTokenSignFLOWReceiver.{envelopeKey}`.
|
||||
- `EnvelopeReceiverPage.razor` uses server-side receiver authorization logic instead of calling its own auth check API endpoint.
|
||||
- The server-side auth flow must remain compatible with `AuthScheme.Receiver` and `AuthPolicy.Receiver`.
|
||||
|
||||
### Data Model
|
||||
**File:** `WebUI.Client/Models/SignatureCaptureDto.cs`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user