Cleaning up Checkout auth (#64)

src/Web/Controllers/BasketController.cs

@@ -17,7 +17,6 @@ namespace Microsoft.eShopWeb.Controllers
     public class BasketController : Controller
     {
         private readonly IBasketService _basketService;
-        private const string _basketSessionKey = "basketId";
         private readonly IUriComposer _uriComposer;
         private readonly SignInManager<ApplicationUser> _signInManager;
         private readonly IAppLogger<BasketController> _logger;

src/WebRazorPages/Pages/Basket/Checkout.cshtml

@@ -1,4 +1,5 @@
 @page
+    @model CheckoutModel
 @{
     ViewData["Title"] = "Checkout Complete";
 }

src/WebRazorPages/Pages/Basket/Checkout.cshtml.cs

@@ -0,0 +1,85 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.eShopWeb.RazorPages.ViewModels;
+using Microsoft.eShopWeb.RazorPages.Interfaces;
+using ApplicationCore.Interfaces;
+using Microsoft.AspNetCore.Identity;
+using Infrastructure.Identity;
+using System;
+using Microsoft.AspNetCore.Http;
+using System.Collections.Generic;
+using ApplicationCore.Entities.OrderAggregate;
+
+namespace Microsoft.eShopWeb.RazorPages.Pages.Basket
+{
+    public class CheckoutModel : PageModel
+    {
+        private readonly IBasketService _basketService;
+        private readonly IUriComposer _uriComposer;
+        private readonly SignInManager<ApplicationUser> _signInManager;
+        private readonly IOrderService _orderService;
+        private string _username = null;
+        private readonly IBasketViewModelService _basketViewModelService;
+
+        public CheckoutModel(IBasketService basketService,
+            IBasketViewModelService basketViewModelService,
+            IUriComposer uriComposer,
+            SignInManager<ApplicationUser> signInManager,
+            IOrderService orderService)
+        {
+            _basketService = basketService;
+            _uriComposer = uriComposer;
+            _signInManager = signInManager;
+            _orderService = orderService;
+            _basketViewModelService = basketViewModelService;
+        }
+
+        public BasketViewModel BasketModel { get; set; } = new BasketViewModel();
+
+        public void OnGet()
+        {
+
+        }
+
+        public async Task<IActionResult> OnPost(Dictionary<string,int> items)
+        {
+            await SetBasketModelAsync();
+
+            await _basketService.SetQuantities(BasketModel.Id, items);
+
+            await _orderService.CreateOrderAsync(BasketModel.Id, new Address("123 Main St.", "Kent", "OH", "United States", "44240"));
+
+            await _basketService.DeleteBasketAsync(BasketModel.Id);
+
+            return RedirectToPage();
+        }
+
+        private async Task SetBasketModelAsync()
+        {
+            if (_signInManager.IsSignedIn(HttpContext.User))
+            {
+                BasketModel = await _basketViewModelService.GetOrCreateBasketForUser(User.Identity.Name);
+            }
+            else
+            {
+                GetOrSetBasketCookieAndUserName();
+                BasketModel = await _basketViewModelService.GetOrCreateBasketForUser(_username);
+            }
+        }
+
+        private void GetOrSetBasketCookieAndUserName()
+        {
+            if (Request.Cookies.ContainsKey(Constants.BASKET_COOKIENAME))
+            {
+                _username = Request.Cookies[Constants.BASKET_COOKIENAME];
+            }
+            if (_username != null) return;
+
+            _username = Guid.NewGuid().ToString();
+            var cookieOptions = new CookieOptions();
+            cookieOptions.Expires = DateTime.Today.AddYears(10);
+            Response.Cookies.Append(Constants.BASKET_COOKIENAME, _username, cookieOptions);
+        }
+    }
+}

src/WebRazorPages/Pages/Basket/Index.cshtml

@@ -69,7 +69,7 @@
                 <section class="esh-basket-item col-xs-push-8 col-xs-4">
                     <button class="btn esh-basket-checkout" name="updatebutton" value="" type="submit"
                             asp-page-handler="Update">[ Update ]</button>
-                    <input type="submit" asp-page-handler="Checkout"
+                    <input type="submit" asp-page="Checkout"
                            class="btn esh-basket-checkout"
                            value="[ Checkout ]" name="action" />
                 </section>

src/WebRazorPages/Pages/Basket/Index.cshtml.cs

@@ -9,7 +9,6 @@ using Infrastructure.Identity;
 using System;
 using Microsoft.AspNetCore.Http;
 using System.Collections.Generic;
-using ApplicationCore.Entities.OrderAggregate;
 
 namespace Microsoft.eShopWeb.RazorPages.Pages.Basket
 {
@@ -19,23 +18,17 @@ namespace Microsoft.eShopWeb.RazorPages.Pages.Basket
         private const string _basketSessionKey = "basketId";
         private readonly IUriComposer _uriComposer;
         private readonly SignInManager<ApplicationUser> _signInManager;
-        private readonly IAppLogger<IndexModel> _logger;
-        private readonly IOrderService _orderService;
         private string _username = null;
         private readonly IBasketViewModelService _basketViewModelService;
 
         public IndexModel(IBasketService basketService,
             IBasketViewModelService basketViewModelService,
             IUriComposer uriComposer,
-            SignInManager<ApplicationUser> signInManager,
+            SignInManager<ApplicationUser> signInManager)
-            IAppLogger<IndexModel> logger,
-            IOrderService orderService)
         {
             _basketService = basketService;
             _uriComposer = uriComposer;
             _signInManager = signInManager;
-            _logger = logger;
-            _orderService = orderService;
             _basketViewModelService = basketViewModelService;
         }
 
@@ -69,19 +62,6 @@ namespace Microsoft.eShopWeb.RazorPages.Pages.Basket
             await SetBasketModelAsync();
         }
 
-        public async Task<IActionResult> OnPostCheckout(Dictionary<string,int> items)
-        {
-            await SetBasketModelAsync();
-
-            await _basketService.SetQuantities(BasketModel.Id, items);
-
-            await _orderService.CreateOrderAsync(BasketModel.Id, new Address("123 Main St.", "Kent", "OH", "United States", "44240"));
-
-            await _basketService.DeleteBasketAsync(BasketModel.Id);
-
-            return RedirectToPage("/Basket/CheckoutComplete");
-        }
-
         private async Task SetBasketModelAsync()
         {
             if (_signInManager.IsSignedIn(HttpContext.User))

src/WebRazorPages/Startup.cs

@@ -108,6 +108,7 @@ namespace Microsoft.eShopWeb.RazorPages
                 .AddRazorPagesOptions(options =>
                 {
                     options.Conventions.AuthorizeFolder("/Order");
+                    options.Conventions.AuthorizePage("/Basket/Checkout");
                 });
 
             _services = services;

tests/FunctionalTests/Web/Controllers/ApiCatalogControllerList.cs

@@ -1,9 +1,8 @@
-using System.IO;
+using Microsoft.eShopWeb.ViewModels;
-using Xunit;
-using System.Threading.Tasks;
 using Newtonsoft.Json;
-using Microsoft.eShopWeb.ViewModels;
 using System.Linq;
+using System.Threading.Tasks;
+using Xunit;
 
 namespace FunctionalTests.Web.Controllers
 {