From 8b4e3f1ca1d6aa51a0b24a6936eee5069680b907 Mon Sep 17 00:00:00 2001
From: Amelia <77553571+Fesaa@users.noreply.github.com>
Date: Wed, 10 Dec 2025 12:24:47 +0100
Subject: [PATCH] Don't serve any files unless authenticated
---
API/Controllers/FallbackController.cs | 4 +++-
API/Extensions/IdentityServiceExtensions.cs | 7 ++++++-
API/Startup.cs | 15 +++++++++++----
In-Out.sln.DotSettings.user | 1 +
4 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/API/Controllers/FallbackController.cs b/API/Controllers/FallbackController.cs
index 28584f6..9a1ce86 100644
--- a/API/Controllers/FallbackController.cs
+++ b/API/Controllers/FallbackController.cs
@@ -1,10 +1,12 @@
-using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
using Swashbuckle.AspNetCore.Annotations;
namespace API.Controllers;
public class FallbackController: Controller
{
+ [Authorize]
[SwaggerIgnore]
public PhysicalFileResult Index()
{
diff --git a/API/Extensions/IdentityServiceExtensions.cs b/API/Extensions/IdentityServiceExtensions.cs
index 6f9e61a..0056913 100644
--- a/API/Extensions/IdentityServiceExtensions.cs
+++ b/API/Extensions/IdentityServiceExtensions.cs
@@ -72,6 +72,11 @@ public static IServiceCollection AddIdentityServices(this IServiceCollection ser
{
ctx.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
+ else
+ {
+ ctx.Response.Redirect($"/Auth/login?returnUrl={Uri.EscapeDataString(ctx.Request.Path)}");
+ }
+
return Task.CompletedTask;
}
};
@@ -120,7 +125,7 @@ public static IServiceCollection AddIdentityServices(this IServiceCollection ser
}
return Task.CompletedTask;
- }
+ },
};
});
diff --git a/API/Startup.cs b/API/Startup.cs
index 98b403b..114c34d 100644
--- a/API/Startup.cs
+++ b/API/Startup.cs
@@ -165,16 +165,23 @@ public void Configure(IApplicationBuilder app, IServiceProvider serviceProvider,
app.UseResponseCaching();
app.UseAuthentication();
app.UseAuthorization();
- app.UseDefaultFiles();
app.UseStaticFiles(new StaticFileOptions
{
HttpsCompression = HttpsCompressionMode.Compress,
OnPrepareResponse = ctx =>
{
- ctx.Context.Response.Headers[HeaderNames.CacheControl] = "public,max-age=" + TimeSpan.FromHours(24);
- ctx.Context.Response.Headers["X-Robots-Tag"] = "noindex,nofollow";
- }
+ if (ctx.Context.User.Identity?.IsAuthenticated ?? false)
+ {
+ ctx.Context.Response.Headers[HeaderNames.CacheControl] = "public,max-age=" + TimeSpan.FromHours(24);
+ ctx.Context.Response.Headers["X-Robots-Tag"] = "noindex,nofollow";
+ }
+ else
+ {
+ ctx.Context.Response.Redirect($"/Auth/login?returnUrl={Uri.EscapeDataString(ctx.Context.Request.Path)}");
+ }
+ },
});
+ app.UseDefaultFiles();
diff --git a/In-Out.sln.DotSettings.user b/In-Out.sln.DotSettings.user
index a6397a4..5c7bf28 100644
--- a/In-Out.sln.DotSettings.user
+++ b/In-Out.sln.DotSettings.user
@@ -8,6 +8,7 @@
ForceIncluded
ForceIncluded
ForceIncluded
+ ForceIncluded
ForceIncluded
ForceIncluded
ForceIncluded