Add authentication for secure document access
Introduced a new login page (`Login.razor`) to handle user authentication via access codes. Implemented `AuthService` to validate access codes through an API. Updated `ReportViewer.razor` to check user access and redirect unauthorized users to the login page. Modified `Program.cs` to register `AuthService` for dependency injection. Enhanced document fetching in `ReportViewer.razor` to ensure secure access control.
This commit is contained in:
20
EnvelopeGenerator.ReceiverUI/Services/AuthService.cs
Normal file
20
EnvelopeGenerator.ReceiverUI/Services/AuthService.cs
Normal file
@@ -0,0 +1,20 @@
|
||||
using System.Net;
|
||||
using EnvelopeGenerator.ReceiverUI.Options;
|
||||
using Microsoft.Extensions.Options;
|
||||
|
||||
namespace EnvelopeGenerator.ReceiverUI.Services;
|
||||
|
||||
public class AuthService(HttpClient http, IOptions<ApiOptions> apiOptions)
|
||||
{
|
||||
private readonly ApiOptions _api = apiOptions.Value;
|
||||
|
||||
/// <summary>
|
||||
/// Checks whether the current user holds a valid receiver token for the given envelope key.
|
||||
/// Calls GET /api/auth/check/envelope/{envelopeKey}.
|
||||
/// </summary>
|
||||
public async Task<bool> CheckEnvelopeAccessAsync(string envelopeKey, CancellationToken cancel = default)
|
||||
{
|
||||
var response = await http.GetAsync($"{_api.BaseUrl}/api/auth/check/envelope/{Uri.EscapeDataString(envelopeKey)}", cancel);
|
||||
return response.StatusCode == HttpStatusCode.OK;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user