project-real-resurrection-3/rr3-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Add admin panel authentication and login system

Browse Source 
Features:
- Login page with username/email + password
- Registration page for new accounts
- Logout functionality
- Cookie-based authentication (30-day sessions)
- Auto-redirect to login for unauthorized access
- User dropdown in navbar with logout link

Security:
- All admin pages now require authentication
- [Authorize] attribute on all admin PageModels
- Redirect to /Login if not authenticated
- Auto-login after registration

UI:
- Beautiful gradient login/register pages
- Consistent styling with admin panel
- User info displayed in navbar
- Logout link in dropdown menu

Starting resources for new users:
- 100,000 Gold
- 500,000 Cash
- Level 1
- Full admin panel access

Ready for production deployment!
This commit is contained in:
Daniel Elliott
2026-02-19 15:06:08 -08:00
parent a6bab92282
commit e03c1d9856
15 changed files with 639 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
RR3CommunityServer/Pages/Register.cshtml.cs Normal file
View File

@@ -0,0 +1,110 @@
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using System.Security.Claims;
using RR3CommunityServer.Services;
using RR3CommunityServer.Models;
namespace RR3CommunityServer.Pages;
public class RegisterModel : PageModel
{
private readonly IAuthService _authService;
private readonly ILogger<RegisterModel> _logger;
public RegisterModel(IAuthService authService, ILogger<RegisterModel> logger)
{
_authService = authService;
_logger = logger;
}
[BindProperty]
public string Username { get; set; } = string.Empty;
[BindProperty]
public string Email { get; set; } = string.Empty;
[BindProperty]
public string Password { get; set; } = string.Empty;
[BindProperty]
public string ConfirmPassword { get; set; } = string.Empty;
public string? ErrorMessage { get; set; }
public string? SuccessMessage { get; set; }
public void OnGet()
{
// If already logged in, redirect to admin panel
if (User.Identity?.IsAuthenticated == true)
{
Response.Redirect("/admin");
}
}
public async Task<IActionResult> OnPostAsync()
{
if (string.IsNullOrWhiteSpace(Username) || string.IsNullOrWhiteSpace(Email) ||
string.IsNullOrWhiteSpace(Password) || string.IsNullOrWhiteSpace(ConfirmPassword))
{
ErrorMessage = "All fields are required";
return Page();
}
var registerRequest = new RegisterRequest
{
Username = Username,
Email = Email,
Password = Password,
ConfirmPassword = ConfirmPassword
};
var (success, token, error) = await _authService.RegisterAsync(registerRequest);
if (!success || string.IsNullOrEmpty(token))
{
ErrorMessage = error ?? "Registration failed";
_logger.LogWarning("Failed registration attempt for: {Username}", Username);
return Page();
}
_logger.LogInformation("New account registered: {Username} ({Email})", Username, Email);
// Auto-login after registration
var loginRequest = new LoginRequest
{
UsernameOrEmail = Username,
Password = Password
};
var (loginSuccess, response, loginError) = await _authService.LoginAsync(loginRequest);
if (loginSuccess && response != null)
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.NameIdentifier, response.AccountId.ToString()),
new Claim(ClaimTypes.Name, response.Username),
new Claim(ClaimTypes.Email, response.Email)
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = response.ExpiresAt
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
return RedirectToPage("/Admin");
}
SuccessMessage = "Account created successfully! Please login.";
return RedirectToPage("/Login");
}
}