Change filter to middleware

Author: davidfowl

src/FrontEnd/Areas/Identity/Pages/Account/Logout.cshtml.cs

@@ -8,7 +8,6 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.Extensions.Logging;
-using FrontEnd.Filters;
 
 namespace FrontEnd.Areas.Identity.Pages.Account
 {

src/FrontEnd/Filters/RequireLoginFilter.cs

@@ -0,0 +1,46 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
+
+namespace FrontEnd
+{
+    public class RequireLoginMiddleware
+    {
+        private readonly RequestDelegate _next;
+        private readonly LinkGenerator _linkGenerator;
+
+        public RequireLoginMiddleware(RequestDelegate next, LinkGenerator linkGenerator)
+        {
+            _next = next;
+            _linkGenerator = linkGenerator;
+        }
+
+        public Task Invoke(HttpContext context)
+        {
+            var endpoint = context.GetEndpoint();
+
+            // If the user is authenticated but not a known attendee *and* we've not marked this page
+            // to skip attendee welcome, then redirect to the Welcome page
+            if (context.User.Identity.IsAuthenticated &&
+                endpoint?.Metadata.GetMetadata<SkipWelcomeAttribute>() == null)
+            {
+                var isAttendee = context.User.IsAttendee();
+
+                if (!isAttendee)
+                {
+                    var url = _linkGenerator.GetUriByPage(context, page: "/Welcome");
+                    // No attendee registerd for this user
+                    context.Response.Redirect(url);
+
+                    return Task.CompletedTask;
+                }
+            }
+
+            return _next(context);
+        }
+    }
+}

src/FrontEnd/Filters/SkipWelcomeAttribute.cs

@@ -0,0 +1,10 @@
+using System;
+
+namespace FrontEnd
+{
+    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
+    public class SkipWelcomeAttribute : Attribute
+    {
+
+    }
+}

src/FrontEnd/Middleware/RequireLoginMiddleware.cs

@@ -3,7 +3,6 @@
 using FrontEnd.Pages.Models;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
-using FrontEnd.Filters;
 using System.Net.Http;
 using System.Security.Claims;
 using Microsoft.AspNetCore.Authentication;

src/FrontEnd/Middleware/SkipWelcomeAttribute.cs

@@ -22,8 +22,6 @@ public Startup(IConfiguration configuration)
 
         public void ConfigureServices(IServiceCollection services)
         {
-            services.AddTransient<RequireLoginFilter>();
-
             services.AddAuthorization(options =>
             {
                 options.AddPolicy("Admin", policy =>
@@ -42,10 +40,6 @@ public void ConfigureServices(IServiceCollection services)
             {
                 options.Conventions.AuthorizeFolder("/Admin", "Admin");
             })
-            .AddMvcOptions(options =>
-            {
-                options.Filters.AddService<RequireLoginFilter>();
-            })
             .SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
 
             services.AddHealthChecks()
@@ -78,6 +72,8 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
             app.UseAuthentication();
             app.UseAuthorization();
 
+            app.UseMiddleware<RequireLoginMiddleware>();
+
             app.UseEndpoints(endpoints =>
             {
                 endpoints.MapRazorPages();