Commit Graph

7 Commits

Author SHA1 Message Date
daniel-c-harvey 7917d56af3 feature: Manager Logos 2026-06-22 22:41:30 -04:00
daniel-c-harvey 1427c92092 feat(manager): adopt AuthBlocks.Web 10.3.37; repoint Provision User nav to /useradmin/users/new
10.3.37 retires /account/superregister in favour of the new canonical /useradmin/users/new route. Bump the package and update the CmsLayout nav link accordingly.
2026-06-20 02:31:38 -04:00
daniel-c-harvey d6dcd82a53 fix: gate SuperRegister nav link to UserAdmin role
Provision User nav link was visible to all authenticated CMS users but its target page is UserAdmin-gated. Wraps the MudNavLink in HierarchicalRoleAuthorizeView matching the UserAdminMenu pattern.
2026-06-19 21:57:00 -04:00
daniel-c-harvey f1276faabc feat(cms): add nav drawer to CmsLayout
Add a MudDrawer with app-bar toggle linking Catalogue, Releases, Upload, SuperRegister, and the self-gating UserAdminMenu fragment so user-admin pages are reachable.
2026-06-19 21:06:47 -04:00
daniel-c-harvey 80220d06f0 feat(cms): add public landing splash at /, move catalogue to /catalogue 2026-06-17 12:17:18 -04:00
Daniel Harvey 95772c655e fix(manager): redirect unauth nav to login instead of 401
AddAuthBlocks installs JwtBearer as the default challenge scheme; the
authorization middleware 401s unauthenticated nav requests before the
Blazor router runs. Tokens live in localStorage and are only readable
via JS interop after the SignalR circuit is live.

- Program.cs: MapRazorComponents .AllowAnonymous() so nav reaches the
  Blazor router; API surfaces (MapAuthBlocks, MapControllers) still
  enforce JWT. Fix middleware order to UseAuthentication -> UseAntiforgery
  -> UseAuthorization per Blazor Web App template.
- App.razor: InteractiveServerRenderMode(prerender:false) on Routes and
  HeadOutlet so AuthorizeRouteView evaluates after JS interop is ready;
  extract to static field (was two inline allocations per render cycle).
- CmsLayout/Pages: drop conflicting per-component @rendermode directives
  (parent now owns the render mode).
- Routes.razor: break authenticated-but-wrong-role redirect loop; split
  NotAuthorized into unauthenticated -> RedirectToLogin and
  authenticated-wrong-role -> RedirectToAccessDenied (new component).
- Pages/Index.razor: deleted — NavigateTo('/cms') was unreachable for
  unauthenticated users and racey for authorized ones.
2026-05-24 18:29:07 -04:00
Daniel Harvey ce1cbccad5 inline DeepDrftCms RCL into DeepDrftManager and delete the project 2026-05-21 20:36:00 -04:00