From 724860c272afb7fe5a02645ef1c1b8d208d897f3 Mon Sep 17 00:00:00 2001
From: ivar <i@oiee.no>
Date: Thu, 4 Dec 2025 00:17:16 +0100
Subject: POC auth in app

---
 api/WhatApi/Endpoints/DownloadContentEndpoint.cs |  2 +-
 api/WhatApi/Endpoints/GetLoginPageEndpoint.cs    | 12 ++++++++
 api/WhatApi/Endpoints/LoginEndpoint.cs           |  5 ++--
 api/WhatApi/Program.cs                           |  2 +-
 api/WhatApi/Properties/launchSettings.json       |  2 +-
 api/WhatApi/Templates/TemplateFulfiller.cs       |  6 ++++
 api/WhatApi/Templates/web_login.liquid           | 37 ++++++++++++++++++++++++
 api/WhatApi/WhatApi.csproj                       |  1 +
 8 files changed, 62 insertions(+), 5 deletions(-)
 create mode 100644 api/WhatApi/Endpoints/GetLoginPageEndpoint.cs
 create mode 100644 api/WhatApi/Templates/web_login.liquid

(limited to 'api/WhatApi')

diff --git a/api/WhatApi/Endpoints/DownloadContentEndpoint.cs b/api/WhatApi/Endpoints/DownloadContentEndpoint.cs
index 34e51e8..dbbe57f 100644
--- a/api/WhatApi/Endpoints/DownloadContentEndpoint.cs
+++ b/api/WhatApi/Endpoints/DownloadContentEndpoint.cs
@@ -14,4 +14,4 @@ public class DownloadContentEndpoint : BaseEndpoint
             return NotFound();
         }
     }
-}
\ No newline at end of file
+}
diff --git a/api/WhatApi/Endpoints/GetLoginPageEndpoint.cs b/api/WhatApi/Endpoints/GetLoginPageEndpoint.cs
new file mode 100644
index 0000000..dd17669
--- /dev/null
+++ b/api/WhatApi/Endpoints/GetLoginPageEndpoint.cs
@@ -0,0 +1,12 @@
+using WhatApi.Templates;
+
+namespace WhatApi.Endpoints;
+
+public class GetLoginPageEndpoint : BaseEndpoint
+{
+    [AllowAnonymous]
+    [HttpGet("~/login")]
+    public ActionResult Handle() {
+        return Content(TemplateFulfiller.WebLoginPage(), "text/html");
+    }
+}
\ No newline at end of file
diff --git a/api/WhatApi/Endpoints/LoginEndpoint.cs b/api/WhatApi/Endpoints/LoginEndpoint.cs
index ee697ef..cb76696 100644
--- a/api/WhatApi/Endpoints/LoginEndpoint.cs
+++ b/api/WhatApi/Endpoints/LoginEndpoint.cs
@@ -13,8 +13,9 @@ public class LoginEndpoint(AppDatabase db, IConfiguration configuration) : BaseE
         public required string Password { get; set; }
     }
 
+    [AllowAnonymous]
     [HttpPost("~/login")]
-    public async Task<ActionResult> HandleAsync(LoginRequest login, CancellationToken ct = default) {
+    public async Task<ActionResult> HandleAsync([FromForm] LoginRequest login, CancellationToken ct = default) {
         var user = await db.Users.FirstOrDefaultAsync(c => c.Name == login.Username, ct);
         if (user?.PasswordHash is null) return Unauthorized();
 
@@ -47,6 +48,6 @@ public class LoginEndpoint(AppDatabase db, IConfiguration configuration) : BaseE
         var tokenString = tokenHandler.WriteToken(token);
         user.SetLastSeen();
         await db.SaveChangesAsync(ct);
-        return Ok(tokenString);
+        return Redirect("what://lcb?code=" + tokenString);
     }
 }
\ No newline at end of file
diff --git a/api/WhatApi/Program.cs b/api/WhatApi/Program.cs
index 7d9c1b4..3375e09 100644
--- a/api/WhatApi/Program.cs
+++ b/api/WhatApi/Program.cs
@@ -93,7 +93,7 @@ app.UseMiddleware<UserLastSeenMiddleware>();
 app.UseAuthentication();
 app.UseAuthorization();
 app.MapControllers();
-app.MapGet("/", () => Results.Redirect("/map"));
+app.MapGet("/", () => Results.Redirect("/login"));
 app.Run();
 
 return 0;
\ No newline at end of file
diff --git a/api/WhatApi/Properties/launchSettings.json b/api/WhatApi/Properties/launchSettings.json
index 581ee7b..73724a7 100644
--- a/api/WhatApi/Properties/launchSettings.json
+++ b/api/WhatApi/Properties/launchSettings.json
@@ -5,7 +5,7 @@
       "commandName": "Project",
       "dotnetRunMessages": true,
       "launchBrowser": false,
-      "applicationUrl": "http://localhost:5281",
+      "applicationUrl": "http://0.0.0.0:5281",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }
diff --git a/api/WhatApi/Templates/TemplateFulfiller.cs b/api/WhatApi/Templates/TemplateFulfiller.cs
index 19d3bde..3433701 100644
--- a/api/WhatApi/Templates/TemplateFulfiller.cs
+++ b/api/WhatApi/Templates/TemplateFulfiller.cs
@@ -8,6 +8,7 @@ public class TemplateFulfiller
     private static readonly string TemplateDirectory = Path.Combine(Directory.GetCurrentDirectory(), "Templates");
     private static string WebMapTemplate => File.ReadAllText(Path.Combine(TemplateDirectory, "web_map.liquid"));
     private static string WebUploadTemplate => File.ReadAllText(Path.Combine(TemplateDirectory, "web_upload.liquid"));
+    private static string WebLoginTemplate => File.ReadAllText(Path.Combine(TemplateDirectory, "web_login.liquid"));
 
     public static string WebMapPage(object? data = null) {
         Parser.TryParse(WebMapTemplate, out var template);
@@ -20,4 +21,9 @@ public class TemplateFulfiller
         var context = data is null ? new TemplateContext() : new TemplateContext(data);
         return template.Render(context);
     }
+    public static string WebLoginPage(object? data = null) {
+        Parser.TryParse(WebLoginTemplate, out var template);
+        var context = data is null ? new TemplateContext() : new TemplateContext(data);
+        return template.Render(context);
+    }
 }
\ No newline at end of file
diff --git a/api/WhatApi/Templates/web_login.liquid b/api/WhatApi/Templates/web_login.liquid
new file mode 100644
index 0000000..e9e545d
--- /dev/null
+++ b/api/WhatApi/Templates/web_login.liquid
@@ -0,0 +1,37 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport"
+          content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
+    <meta http-equiv="X-UA-Compatible"
+          content="ie=edge">
+    <style>
+        form {
+            margin: 12px 10px;
+            display: grid;
+            grid-template-columns: 1fr;
+            grid-template-rows: 1fr 1fr;
+            max-width: 420px;
+            width: 100%;
+            grid-row-gap: 6px;
+        }
+    </style>
+    <title>Login</title>
+</head>
+<body>
+<form action="" method="post" accept-charset="utf-8" autocomplete="off">
+    <label for="username">username
+        <input type="text"
+               name="username"
+               required>
+    </label>
+    <label for="password">password
+        <input type="password"
+               name="password"
+               required>
+    </label>
+    <input type="submit" value="Login" style="width: 50px;">
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/api/WhatApi/WhatApi.csproj b/api/WhatApi/WhatApi.csproj
index 91f3d3f..52044a1 100644
--- a/api/WhatApi/WhatApi.csproj
+++ b/api/WhatApi/WhatApi.csproj
@@ -13,6 +13,7 @@
         <Content Include="..\.dockerignore">
             <Link>.dockerignore</Link>
         </Content>
+        <Content Include="Templates\web_login.liquid" />
     </ItemGroup>
 
     <ItemGroup>
-- 
cgit v1.3