Add additional safeties for the fallback user
This commit is contained in:
parent
496706ea59
commit
a2864eab92
|
@ -1,4 +1,7 @@
|
|||
<!DOCTYPE html>
|
||||
@using trainav.web.Utils
|
||||
@using trainav.web.database
|
||||
@using Microsoft.AspNetCore.Mvc.TagHelpers
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8"/>
|
||||
|
@ -31,6 +34,11 @@
|
|||
</header>
|
||||
<div class="container">
|
||||
<main role="main" class="pb-3">
|
||||
@if (AuthUtil.GetRemoteUser(Context, new Database.DbConn()) == "_debuguser") {
|
||||
<div class="alert alert-warning" role="alert">
|
||||
You are connected as the fallback user '@AuthUtil.GetRemoteUser(Context, new Database.DbConn())' because no 'Remote-User' header was received. If this is a production deployment, please make sure your configuration is correct.
|
||||
</div>
|
||||
}
|
||||
@RenderBody()
|
||||
</main>
|
||||
</div>
|
||||
|
|
|
@ -8,11 +8,7 @@ namespace trainav.web.Utils;
|
|||
|
||||
public static class AuthUtil {
|
||||
public static string GetRemoteUser(HttpContext ctx, Database.DbConn db) {
|
||||
#if (DEBUG)
|
||||
const string remoteUser = "debuguser";
|
||||
#else
|
||||
var remoteUser = ctx.Request.Headers["Remote-User"];
|
||||
#endif
|
||||
var remoteUser = ctx.Request.Headers.ContainsKey("Remote-User") ? ctx.Request.Headers["Remote-User"].ToString() : "_debuguser";
|
||||
|
||||
if (!db.Users.Any(p => p.Username == remoteUser)) {
|
||||
db.InsertWithInt32Identity(new User { Username = remoteUser });
|
||||
|
|
Reference in a new issue