Add additional safeties for the fallback user
This commit is contained in:
parent
496706ea59
commit
a2864eab92
|
@ -1,4 +1,7 @@
|
||||||
<!DOCTYPE html>
|
@using trainav.web.Utils
|
||||||
|
@using trainav.web.database
|
||||||
|
@using Microsoft.AspNetCore.Mvc.TagHelpers
|
||||||
|
<!DOCTYPE html>
|
||||||
<html lang="en">
|
<html lang="en">
|
||||||
<head>
|
<head>
|
||||||
<meta charset="utf-8"/>
|
<meta charset="utf-8"/>
|
||||||
|
@ -31,6 +34,11 @@
|
||||||
</header>
|
</header>
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<main role="main" class="pb-3">
|
<main role="main" class="pb-3">
|
||||||
|
@if (AuthUtil.GetRemoteUser(Context, new Database.DbConn()) == "_debuguser") {
|
||||||
|
<div class="alert alert-warning" role="alert">
|
||||||
|
You are connected as the fallback user '@AuthUtil.GetRemoteUser(Context, new Database.DbConn())' because no 'Remote-User' header was received. If this is a production deployment, please make sure your configuration is correct.
|
||||||
|
</div>
|
||||||
|
}
|
||||||
@RenderBody()
|
@RenderBody()
|
||||||
</main>
|
</main>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -8,11 +8,7 @@ namespace trainav.web.Utils;
|
||||||
|
|
||||||
public static class AuthUtil {
|
public static class AuthUtil {
|
||||||
public static string GetRemoteUser(HttpContext ctx, Database.DbConn db) {
|
public static string GetRemoteUser(HttpContext ctx, Database.DbConn db) {
|
||||||
#if (DEBUG)
|
var remoteUser = ctx.Request.Headers.ContainsKey("Remote-User") ? ctx.Request.Headers["Remote-User"].ToString() : "_debuguser";
|
||||||
const string remoteUser = "debuguser";
|
|
||||||
#else
|
|
||||||
var remoteUser = ctx.Request.Headers["Remote-User"];
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if (!db.Users.Any(p => p.Username == remoteUser)) {
|
if (!db.Users.Any(p => p.Username == remoteUser)) {
|
||||||
db.InsertWithInt32Identity(new User { Username = remoteUser });
|
db.InsertWithInt32Identity(new User { Username = remoteUser });
|
||||||
|
|
Reference in a new issue