Additional tests

Author: Kaliumhexacyanoferrat

Modules/Authentication.Web/Concern/WebAuthenticationConcern.cs

@@ -91,6 +91,9 @@ public WebAuthenticationConcern(IHandler parent, Func<IHandler, IHandler> conten
                                      .HandleAsync(request);
             }
 
+            // try to fetch and validate the token
+            var authenticated = false;
+
             var token = SessionHandling.ReadToken(request);
 
             if (token != null)
@@ -101,16 +104,8 @@ public WebAuthenticationConcern(IHandler parent, Func<IHandler, IHandler> conten
                 {
                     // we're logged in
                     request.SetUser(authenticatedUser);
-                    
-                    var response = await Content.HandleAsync(request);
-
-                    if (response != null)
-                    {
-                        // refresh the token, so the user will not be logged out eventually
-                        SessionHandling.WriteToken(response, token);
-                    }
 
-                    return response;
+                    authenticated = true;
                 }
             }
 
@@ -138,6 +133,18 @@ public WebAuthenticationConcern(IHandler parent, Func<IHandler, IHandler> conten
                 return loginResponse;
             }
 
+            if (authenticated)
+            {
+                var response = await Content.HandleAsync(request);
+
+                if ((response != null) && (token != null))
+                {
+                    // refresh the token, so the user will not be logged out eventually
+                    SessionHandling.WriteToken(response, token);
+                }
+
+                return response;
+            }
             if (Integration.AllowAnonymous)
             {
                 var response = await Content.HandleAsync(request);

Modules/Authentication.Web/Controllers/LoginController.cs

@@ -7,6 +7,7 @@
 
 using GenHTTP.Modules.Basics;
 using GenHTTP.Modules.Controllers;
+using GenHTTP.Modules.Placeholders;
 
 namespace GenHTTP.Modules.Authentication.Web.Controllers
 {
@@ -21,9 +22,15 @@ public LoginController(Func<IRequest, string, string, ValueTask<IUser?>> perform
             PerformLogin = performLogin;
         }
 
-        public IHandlerBuilder Index()
+        public IHandlerBuilder Index(IRequest request)
         {
-            // ToDo: already logged in
+            var user = request.GetUser<IUser>();
+
+            if (user != null)
+            {
+                return Page.From("Login", "You are already logged in.");
+            }
+
             return RenderLogin(status: ResponseStatus.Unauthorized);
         }
 

Modules/Authentication.Web/GenHTTP.Modules.Authentication.Web.csproj

@@ -1,63 +1,64 @@
-<Project Sdk="Microsoft.NET.Sdk">
-
-  <PropertyGroup>
-    
-    <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
-
-    <LangVersion>10.0</LangVersion>
-    <Nullable>enable</Nullable>
-    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
-
-    <AssemblyVersion>8.3.0.0</AssemblyVersion>
-    <FileVersion>8.3.0.0</FileVersion>
-    <Version>8.3.0</Version>
-
-    <Authors>Andreas Nägeli</Authors>
-    <Company />
-
-    <PackageLicenseFile>LICENSE</PackageLicenseFile>
-    <PackageProjectUrl>https://genhttp.org/</PackageProjectUrl>
-
-    <Description>Adds web based login capabilities to the GenHTTP webserver.</Description>
-    <PackageTags>HTTP Webserver C# Module Authentication Authorization Security Web Registration Login</PackageTags>
-
-    <PublishRepositoryUrl>true</PublishRepositoryUrl>
-    <IncludeSymbols>true</IncludeSymbols>
-    <SymbolPackageFormat>snupkg</SymbolPackageFormat>
-
-    <GenerateDocumentationFile>true</GenerateDocumentationFile>
-    <NoWarn>CS1591,CS1587,CS1572,CS1573</NoWarn>
-
-    <PackageIcon>icon.png</PackageIcon>
-    
-  </PropertyGroup>
-
-  <ItemGroup>
-    <None Remove="Resources\style.css" />
-  </ItemGroup>
-
-  <ItemGroup>
-    <EmbeddedResource Include="Resources\style.css" />
-    <EmbeddedResource Include="Views\EnterAccount.cshtml" />
-  </ItemGroup>
-
-  <ItemGroup>
-
-    <None Include="..\..\LICENSE" Pack="true" PackagePath="\" />
-    <None Include="..\..\Resources\icon.png" Pack="true" PackagePath="\" />
-
-  </ItemGroup>
-
-  <ItemGroup>
-    
-    <ProjectReference Include="..\..\API\GenHTTP.Api.csproj" />
-
-    <ProjectReference Include="..\Authentication\GenHTTP.Modules.Authentication.csproj" />
-    <ProjectReference Include="..\Controllers\GenHTTP.Modules.Controllers.csproj" />
-    <ProjectReference Include="..\Razor\GenHTTP.Modules.Razor.csproj" />
-    
-    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0" PrivateAssets="All" />
-    
-  </ItemGroup>
-
-</Project>
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    
+    <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
+
+    <LangVersion>10.0</LangVersion>
+    <Nullable>enable</Nullable>
+    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+
+    <AssemblyVersion>8.3.0.0</AssemblyVersion>
+    <FileVersion>8.3.0.0</FileVersion>
+    <Version>8.3.0</Version>
+
+    <Authors>Andreas Nägeli</Authors>
+    <Company />
+
+    <PackageLicenseFile>LICENSE</PackageLicenseFile>
+    <PackageProjectUrl>https://genhttp.org/</PackageProjectUrl>
+
+    <Description>Adds web based login capabilities to the GenHTTP webserver.</Description>
+    <PackageTags>HTTP Webserver C# Module Authentication Authorization Security Web Registration Login</PackageTags>
+
+    <PublishRepositoryUrl>true</PublishRepositoryUrl>
+    <IncludeSymbols>true</IncludeSymbols>
+    <SymbolPackageFormat>snupkg</SymbolPackageFormat>
+
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <NoWarn>CS1591,CS1587,CS1572,CS1573</NoWarn>
+
+    <PackageIcon>icon.png</PackageIcon>
+    
+  </PropertyGroup>
+
+  <ItemGroup>
+    <None Remove="Resources\style.css" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <EmbeddedResource Include="Resources\style.css" />
+    <EmbeddedResource Include="Views\EnterAccount.cshtml" />
+  </ItemGroup>
+
+  <ItemGroup>
+
+    <None Include="..\..\LICENSE" Pack="true" PackagePath="\" />
+    <None Include="..\..\Resources\icon.png" Pack="true" PackagePath="\" />
+
+  </ItemGroup>
+
+  <ItemGroup>
+    
+    <ProjectReference Include="..\..\API\GenHTTP.Api.csproj" />
+
+    <ProjectReference Include="..\Authentication\GenHTTP.Modules.Authentication.csproj" />
+    <ProjectReference Include="..\Controllers\GenHTTP.Modules.Controllers.csproj" />
+    <ProjectReference Include="..\Razor\GenHTTP.Modules.Razor.csproj" />
+    <ProjectReference Include="..\Placeholders\GenHTTP.Modules.Placeholders.csproj" />
+    
+    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0" PrivateAssets="All" />
+    
+  </ItemGroup>
+
+</Project>

Testing/Acceptance/Modules/Authentication/Web/WebAuthenticationTests.cs

@@ -185,6 +185,22 @@ public async Task TestResourcesCanBeFetched()
             await response.AssertStatusAsync(HttpStatusCode.OK);
         }
 
+        [TestMethod]
+        public async Task TestCannotLoginIfAlreadyDone()
+        {
+            var integration = new TestIntegration().AddUser("a", "b");
+
+            using var host = GetHost(integration);
+
+            await Post(host, "/login/", "a", "b");
+
+            var response = await host.GetResponseAsync("/login/");
+
+            await response.AssertStatusAsync(HttpStatusCode.OK);
+
+            AssertX.Contains("You are already logged in.", await response.GetContentAsync());
+        }
+
         #endregion
 
         #region Test setup