Auth ignore for non-content actions, precursor to private forums #86

POPWorldMedia · Mar 9, 2020 · bb330c4 · bb330c4
1 parent 88e2371
commit bb330c4
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/src/PopForums.Mvc/Areas/Forums/Controllers/AccountController.cs b/src/PopForums.Mvc/Areas/Forums/Controllers/AccountController.cs
@@ -8,6 +8,7 @@
 using PopForums.ExternalLogin;
 using PopForums.Feeds;
 using PopForums.Models;
+using PopForums.Mvc.Areas.Forums.Authorization;
 using PopForums.Mvc.Areas.Forums.Models;
 using PopForums.Mvc.Areas.Forums.Services;
 using PopForums.ScoringGame;
@@ -67,6 +68,7 @@ public AccountController(IUserService userService, IProfileService profileServic
 		private readonly IConfig _config;
 		private readonly IReCaptchaService _reCaptchaService;
 
+		[PopForumsAuthorizationIgnore]
 		public ViewResult Create()
 		{
 			SetupCreateData();
@@ -91,7 +93,8 @@ private void SetupCreateData()
 			ViewData[TosKey] = _settingsManager.Current.TermsOfService;
 			ViewData[ServerTimeZoneKey] = _settingsManager.Current.ServerTimeZone;
 		}
-
+
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public async Task<ViewResult> Create(SignupData signupData)
 		{
@@ -164,6 +167,7 @@ private async Task ValidateSignupData(SignupData signupData, ModelStateDictionar
 				modelState.AddModelError("Email", Resources.IPBanned);
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public async Task<ViewResult> Verify(string id)
 		{
 			var authKey = Guid.Empty;
@@ -179,12 +183,14 @@ public async Task<ViewResult> Verify(string id)
 			return View();
 		}
 
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public RedirectToActionResult VerifyCode(string authorizationCode)
 		{
 			return RedirectToAction("Verify", new { id = authorizationCode });
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public async Task<ViewResult> RequestCode(string email)
 		{
 			var user = await _userService.GetUserByEmail(email);
@@ -202,11 +208,13 @@ public async Task<ViewResult> RequestCode(string email)
 			return View("Verify", new { id = String.Empty });
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public ViewResult Forgot()
 		{
 			return View();
 		}
 
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public async Task<ViewResult> Forgot(string email)
 		{
@@ -224,6 +232,7 @@ public async Task<ViewResult> Forgot(string email)
 			return View();
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public async Task<ActionResult> ResetPassword(string id)
 		{
 			var authKey = Guid.Empty;
@@ -238,6 +247,7 @@ public async Task<ActionResult> ResetPassword(string id)
 			return View(container);
 		}
 
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public async Task<ActionResult> ResetPassword(string id, PasswordResetContainer resetContainer)
 		{
@@ -258,6 +268,7 @@ public async Task<ActionResult> ResetPassword(string id, PasswordResetContainer
 			return RedirectToAction("ResetPasswordSuccess");
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public ActionResult ResetPasswordSuccess()
 		{
 			var user = _userRetrievalShim.GetUser();
@@ -437,6 +448,7 @@ public async Task<JsonResult> ClientSettings()
 			return Json(_clientSettingsMapper.GetClientSettings(profile));
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public ViewResult Login()
 		{
 			string link;
@@ -490,6 +502,7 @@ public async Task<ActionResult> EmailUser(int id, string subject, string text)
 			return View("EmailSent");
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public async Task<ViewResult> Unsubscribe(int id, string key)
 		{
 			var user = await _userService.GetUser(id);

diff --git a/src/PopForums.Mvc/Areas/Forums/Controllers/IdentityController.cs b/src/PopForums.Mvc/Areas/Forums/Controllers/IdentityController.cs
@@ -55,6 +55,7 @@ public IdentityController(ILoginLinkFactory loginLinkFactory, IStateHashingServi
 
 		public static string Name = "Identity";
 
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public async Task<IActionResult> Login(string email, string password)
 		{
@@ -95,6 +96,7 @@ public async Task<JsonResult> LogoutAsync()
 			return Json(new BasicJsonMessage { Result = true });
 		}
 
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public IActionResult ExternalLogin(string provider, string returnUrl)
 		{
@@ -133,6 +135,7 @@ public IActionResult ExternalLogin(string provider, string returnUrl)
 			return Redirect(redirect);
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null)
 		{
 			var ip = HttpContext.Connection.RemoteIpAddress.ToString();
@@ -155,6 +158,7 @@ public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null)
 			return View();
 		}
 
+		[PopForumsAuthorizationIgnore]
 		[HttpPost]
 		public async Task<JsonResult> LoginAndAssociate(string email, string password)
 		{
@@ -197,6 +201,7 @@ public static async Task PerformSignInAsync(User user, HttpContext httpContext)
 			await httpContext.SignInAsync(PopForumsAuthorizationDefaults.AuthenticationScheme, new ClaimsPrincipal(id), props);
 		}
 
+		[PopForumsAuthorizationIgnore]
 		public async Task<IActionResult> CallbackHandler()
 		{
 			var loginState = _externalLoginTempService.Read();