Added client side functionality and created register page

HopFrame.Web/Components/AuthorizedView.razor

@@ -0,0 +1,34 @@
+@using HopFrame.Security.Authorization
+@using HopFrame.Security.Claims
+@using Microsoft.AspNetCore.Http
+
+@if (IsAuthorized()) {
+    @ChildContent
+}
+
+@inject ITokenContext Auth
+@inject IHttpContextAccessor HttpAccessor
+
+@code {
+    [Parameter]
+    public string[] Permissions { get; set; }
+    
+    [Parameter]
+    public string Permission { get; set; }
+    
+    [Parameter]
+    public RenderFragment ChildContent { get; set; }
+
+    private bool IsAuthorized() {
+        if (!Auth.IsAuthenticated) return false;
+        if (Permissions.Length == 0 && string.IsNullOrEmpty(Permission)) return true;
+        
+        var perms = new List<string>(Permissions);
+        if (!string.IsNullOrEmpty(Permission)) perms.Add(Permission);
+        
+        var permissions = HttpAccessor.HttpContext?.User.GetPermissions();
+        if (!perms.All(perm => PermissionValidator.IncludesPermission(perm, permissions))) return false;
+
+        return true;
+    }
+}

HopFrame.Web/HopFrame.Web.csproj

@@ -0,0 +1,24 @@
+<Project Sdk="Microsoft.NET.Sdk.Razor">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <Nullable>disable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <AddRazorSupportForMvc>true</AddRazorSupportForMvc>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <FrameworkReference Include="Microsoft.AspNetCore.App"/>
+    </ItemGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\HopFrame.Database\HopFrame.Database.csproj" />
+      <ProjectReference Include="..\HopFrame.Security\HopFrame.Security.csproj" />
+    </ItemGroup>
+
+    <ItemGroup>
+      <PackageReference Include="Microsoft.AspNetCore.Components" Version="8.0.7" />
+    </ItemGroup>
+
+
+</Project>

HopFrame.Web/Model/RegisterData.cs

@@ -0,0 +1,7 @@
+using HopFrame.Security.Models;
+
+namespace HopFrame.Web.Model;
+
+public class RegisterData : UserRegister {
+    public string RepeatedPassword { get; set; }
+}

HopFrame.Web/Pages/Register.razor

@@ -0,0 +1,99 @@
+@page "/register"
+@using HopFrame.Security.Services
+@using HopFrame.Web.Model
+@using HopFrame.Web.Services
+@using Microsoft.AspNetCore.Components.Forms
+
+@implements IDisposable
+
+<div class="register-wrapper">
+    <EditForm EditContext="_context" OnValidSubmit="OnRegister" FormName="register-form">
+        @*<AntiforgeryToken/>*@
+        <div class="field-wrapper">
+            <div class="mb-3">
+                <label for="email" class="form-label">Email address</label>
+                <InputText type="email" class="form-control" id="email" required @bind-Value="RegisterData.Email"/>
+                <ValidationMessage For="() => RegisterData.Email"/>
+            </div>
+            <div class="mb-3">
+                <label for="username" class="form-label">Username</label>
+                <InputText type="text" class="form-control" id="username" required @bind-Value="RegisterData.Username"/>
+                <ValidationMessage For="() => RegisterData.Username"/>
+            </div>
+            <div class="mb-3">
+                <label for="password" class="form-label">Password</label>
+                <InputText type="password" class="form-control" id="password" aria-describedby="passwordHelp" required @bind-Value="RegisterData.Password"/>
+                <div id="passwordHelp" class="form-text">The password needs to be at least 8 characters long</div>
+                <ValidationMessage For="() => RegisterData.Password"/>
+            </div>
+            <div class="mb-3">
+                <label for="passwordRepeat" class="form-label">Repeat password</label>
+                <InputText type="password" class="form-control" id="passwordRepeat" aria-describedby="passwordHelp" required @bind-Value="RegisterData.RepeatedPassword"/>
+                <ValidationMessage For="() => RegisterData.RepeatedPassword"/>
+            </div>
+            <button type="submit" class="btn btn-primary">Register</button>
+        </div>
+    </EditForm>
+</div>
+
+@inject NavigationManager Navigation
+@inject IUserService Users
+@inject IAuthService Auth
+
+@code {
+    public static string RedirectAfterRegister { get; set; } = "/";
+    private const string RefreshTokenType = "HopFrame.Security.RefreshToken";
+
+    [SupplyParameterFromForm]
+    private RegisterData RegisterData { get; set; }
+
+    private EditContext _context;
+    private ValidationMessageStore _messages;
+
+    protected override void OnInitialized() {
+        RegisterData ??= new();
+
+        _context = new EditContext(RegisterData);
+        _context.OnValidationRequested += ValidateForm;
+        _messages = new ValidationMessageStore(_context);
+    }
+
+    private async Task OnRegister() {
+        var hasConflict = false;
+        
+        if (await Users.GetUserByEmail(RegisterData.Email) is not null) {
+            _messages.Add(() => RegisterData.Email, "Email is already in use");
+            hasConflict = true;
+        }
+        
+        if (await Users.GetUserByUsername(RegisterData.Username) is not null) {
+            _messages.Add(() => RegisterData.Username, "Username is already in use");
+            hasConflict = true;
+        }
+        
+        if (hasConflict) return;
+
+        await Auth.Register(RegisterData);
+        Navigation.NavigateTo(RedirectAfterRegister, true);
+    }
+
+    private void ValidateForm(object sender, ValidationRequestedEventArgs e) {
+        _messages.Clear();
+
+        if (RegisterData.Password != RegisterData.RepeatedPassword) {
+            _messages.Add(() => RegisterData.RepeatedPassword,  "Passwords doesn't mach");
+        }
+
+        if (RegisterData.Password.Length < 8) {
+            _messages.Add(() => RegisterData.Password, "Password needs to be at least 8 characters long");
+        }
+
+        if (!RegisterData.Email.Contains("@") || !RegisterData.Email.Contains(".") || RegisterData.Email.EndsWith(".")) {
+            _messages.Add(() => RegisterData.Email, "Please enter a valid email address");
+        }
+    }
+
+    public void Dispose() {
+        _context.OnValidationRequested -= ValidateForm;
+    }
+}

HopFrame.Web/Pages/Register.razor.css

@@ -0,0 +1,14 @@
+.register-wrapper {
+    display: flex;
+    justify-content: center;
+    align-items: center;
+}
+
+.field-wrapper {
+    margin-top: 25vh;
+    min-width: 30vw;
+    
+    padding: 30px;
+    border: 2px solid #ced4da;
+    border-radius: 10px;
+}

HopFrame.Web/ServiceCollectionExtensions.cs

@@ -0,0 +1,20 @@
+using HopFrame.Database;
+using HopFrame.Web.Services;
+using HopFrame.Web.Services.Implementation;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace HopFrame.Web;
+
+public static class ServiceCollectionExtensions {
+    public static IServiceCollection AddHopFrameServices<TDbContext>(this IServiceCollection services) where TDbContext : HopDbContextBase {
+        services.AddHttpClient();
+        services.AddScoped<IAuthService, AuthService<TDbContext>>();
+
+        return services;
+    }
+
+    public static RazorComponentsEndpointConventionBuilder AddHopFramePages(this RazorComponentsEndpointConventionBuilder builder) {
+        return builder.AddAdditionalAssemblies(typeof(ServiceCollectionExtensions).Assembly);
+    }
+}

HopFrame.Web/Services/IAuthService.cs

@@ -0,0 +1,12 @@
+using HopFrame.Security.Models;
+
+namespace HopFrame.Web.Services;
+
+public interface IAuthService {
+    Task Register(UserRegister register);
+    Task<bool> Login(UserLogin login);
+    Task Logout();
+
+    Task<bool> RefreshLogin();
+    Task<bool> IsLoggedIn();
+}

HopFrame.Web/Services/Implementation/AuthService.cs

@@ -0,0 +1,153 @@
+using HopFrame.Database;
+using HopFrame.Database.Models.Entries;
+using HopFrame.Security.Authentication;
+using HopFrame.Security.Claims;
+using HopFrame.Security.Models;
+using HopFrame.Security.Services;
+using Microsoft.AspNetCore.Http;
+using Microsoft.EntityFrameworkCore;
+
+namespace HopFrame.Web.Services.Implementation;
+
+public class AuthService<TDbContext>(
+    IUserService userService,
+    IHttpContextAccessor httpAccessor,
+    TDbContext context)
+    : IAuthService where TDbContext : HopDbContextBase {
+    
+    public async Task Register(UserRegister register) {
+        var user = await userService.AddUser(register);
+        if (user is null) return;
+        
+        var refreshToken = new TokenEntry {
+            CreatedAt = DateTime.Now,
+            Token = Guid.NewGuid().ToString(),
+            Type = TokenEntry.RefreshTokenType,
+            UserId = user.Id.ToString()
+        };
+        var accessToken = new TokenEntry {
+            CreatedAt = DateTime.Now,
+            Token = Guid.NewGuid().ToString(),
+            Type = TokenEntry.AccessTokenType,
+            UserId = user.Id.ToString()
+        };
+        
+        context.Tokens.AddRange(refreshToken, accessToken);
+        await context.SaveChangesAsync();
+        
+        httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<HopDbContextBase>.RefreshTokenTime,
+            HttpOnly = true,
+            Secure = true
+        });
+        httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<TDbContext>.AccessTokenTime,
+            HttpOnly = false,
+            Secure = true
+        });
+    }
+
+    public async Task<bool> Login(UserLogin login) {
+        var user = await userService.GetUserByEmail(login.Email);
+
+        if (user == null) return false;
+        if (await userService.CheckUserPassword(user, login.Password)) return false;
+        
+        var refreshToken = new TokenEntry {
+            CreatedAt = DateTime.Now,
+            Token = Guid.NewGuid().ToString(),
+            Type = TokenEntry.RefreshTokenType,
+            UserId = user.Id.ToString()
+        };
+        var accessToken = new TokenEntry {
+            CreatedAt = DateTime.Now,
+            Token = Guid.NewGuid().ToString(),
+            Type = TokenEntry.AccessTokenType,
+            UserId = user.Id.ToString()
+        };
+        
+        context.Tokens.AddRange(refreshToken, accessToken);
+        await context.SaveChangesAsync();
+        
+        httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<HopDbContextBase>.RefreshTokenTime,
+            HttpOnly = true,
+            Secure = true
+        });
+        httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<TDbContext>.AccessTokenTime,
+            HttpOnly = false,
+            Secure = true
+        });
+
+        return true;
+    }
+
+    public async Task Logout() {
+        var accessToken = httpAccessor.HttpContext?.Request.Cookies[ITokenContext.AccessTokenType];
+        var refreshToken = httpAccessor.HttpContext?.Request.Cookies[ITokenContext.RefreshTokenType];
+        
+        var tokenEntries = await context.Tokens.Where(token =>
+                (token.Token == accessToken && token.Type == TokenEntry.AccessTokenType) ||
+                (token.Token == refreshToken && token.Type == TokenEntry.RefreshTokenType))
+            .ToArrayAsync();
+        
+        context.Tokens.Remove(tokenEntries[0]);
+        context.Tokens.Remove(tokenEntries[1]);
+        await context.SaveChangesAsync();
+        
+        httpAccessor.HttpContext?.Response.Cookies.Delete(ITokenContext.RefreshTokenType);
+        httpAccessor.HttpContext?.Response.Cookies.Delete(ITokenContext.AccessTokenType);
+    }
+
+    public async Task<bool> RefreshLogin() {
+        if (await IsLoggedIn()) {
+            var oldToken = httpAccessor.HttpContext?.Request.Cookies[ITokenContext.AccessTokenType];
+            var entry = await context.Tokens.SingleOrDefaultAsync(token => token.Token == oldToken);
+
+            if (entry is not null) {
+                context.Tokens.Remove(entry);
+            }
+        }
+        
+        var refreshToken = httpAccessor.HttpContext?.Request.Cookies[ITokenContext.AccessTokenType];
+
+        if (string.IsNullOrWhiteSpace(refreshToken)) return false;
+        
+        var token = await context.Tokens.SingleOrDefaultAsync(token => token.Token == refreshToken && token.Type == TokenEntry.RefreshTokenType);
+
+        if (token is null) return false;
+        if (token.CreatedAt + HopFrameAuthentication<TDbContext>.RefreshTokenTime < DateTime.Now) return false;
+        
+        var accessToken = new TokenEntry {
+            CreatedAt = DateTime.Now,
+            Token = Guid.NewGuid().ToString(),
+            Type = TokenEntry.AccessTokenType,
+            UserId = token.UserId
+        };
+
+        await context.Tokens.AddAsync(accessToken);
+        await context.SaveChangesAsync();
+        
+        httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<TDbContext>.AccessTokenTime,
+            HttpOnly = false,
+            Secure = true
+        });
+
+        return true;
+    }
+
+    public async Task<bool> IsLoggedIn() {
+        var accessToken = httpAccessor.HttpContext?.Request.Cookies[ITokenContext.AccessTokenType];
+        if (string.IsNullOrEmpty(accessToken)) return false;
+        
+        var tokenEntry = await context.Tokens.SingleOrDefaultAsync(token => token.Token == accessToken);
+        
+        if (tokenEntry is null) return false;
+        if (tokenEntry.CreatedAt + HopFrameAuthentication<TDbContext>.AccessTokenTime < DateTime.Now) return false;
+        if (!await context.Users.AnyAsync(user => user.Id == tokenEntry.UserId)) return false;
+
+        return true;
+    }
+}