Add Admin Profile Management and Migrate Database to PostgreSQL #36
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Introduce a new Blazor component for managing the admin profile. - Define route `/admin/profile` with `@page` directive. - Add role-based authorization for "Admin" users. - Implement forms for updating profile info and changing passwords. - Include validation, loading states, and toast notifications. - Add password visibility toggles for better UX. - Display account information (User ID, Role) in a dedicated section. - Use dependency injection for services like `IAdminProfileService`. - Fetch and display authenticated admin data dynamically. - Ensure responsive and accessible UI design.
Reformatted the `<div>` structure in the "Admin identity / welcome" section for better indentation and alignment. Updated the "Navigation" section by adjusting the `<nav>` and `<ul>` elements, along with their child `<li>` elements, to ensure consistent spacing. Reformatted the "Actions" section to improve code structure and readability. Aligned the `<aside>` and `<section>` elements with the new formatting style. The `@Body` directive placement was slightly adjusted for consistency. These changes focus solely on improving code readability and maintainability without altering functionality or design.
Introduced a new `IAdminProfileService` interface in the `BlazorBlog.Application.Contracts` namespace to manage admin profiles. The interface includes methods for retrieving, updating, and changing passwords for admin profiles. This addition ensures a clear separation of concerns and supports dependency injection for admin profile-related operations.
Introduce two new ViewModel classes in the `BlazorBlog.Application.ViewModels` namespace: - `AdminProfileViewModel`: Handles user profile data with validation for `Name`, `Email`, and `PhoneNumber`. - `ChangePasswordViewModel`: Manages password change functionality with validation for `CurrentPassword`, `NewPassword`, and `ConfirmPassword`. Both classes include data annotations for input validation and user-friendly error messages.
Replaced SQL Server-specific migrations with a new PostgreSQL-compatible migration (`InitialPg`). Removed `InitialCreate` and `AddTags` migrations. Updated column types, annotations, and concurrency token handling to align with PostgreSQL standards. Updated `ApplicationDbContextModelSnapshot` to reflect the new schema, including the reintroduction of `Tags` and `BlogPostTags` tables with PostgreSQL-compatible configurations.
Added support for forwarded headers in non-DEBUG builds to enhance deployment readiness behind reverse proxies. Updated the `/health` endpoint formatting for consistency. Improved code readability with minor formatting changes. No functional changes were made to database migration logic.
Replaced the explicit RowVersion property with PostgreSQL's native xmin system column as the concurrency token in the BlogPostConfiguration class. This change leverages PostgreSQL's built-in mechanisms for handling concurrency, improving database integration and simplifying the model by removing the need for a dedicated RowVersion property.
The `RowVersion` property, previously marked with the `[Timestamp]` attribute, has been removed from the `BlogPost` entity class. This change eliminates the use of optimistic concurrency control for `BlogPost` records, which relied on the timestamp to track changes to database rows. Ensure that any required concurrency handling is addressed through alternative mechanisms if necessary.
- Switched database provider from SQL Server to PostgreSQL by replacing `UseSqlServer` with `UseNpgsql` in DbContext configuration. - Added `BlazorBlog.Infrastructure.Persistence` namespace for persistence-related functionality. - Added `Microsoft.AspNetCore.Identity` namespace to enable ASP.NET Core Identity features. - Registered `IAdminProfileService` and `AdminProfileService` in the service collection for admin profile management. - Updated Identity configuration to disable account confirmation requirement for sign-in.
Replaced `Microsoft.EntityFrameworkCore.SqlServer` with `Npgsql.EntityFrameworkCore.PostgreSQL` to migrate the database provider from SQL Server to PostgreSQL. Other project references and framework dependencies remain unchanged.
The `AdminProfileService` class was introduced in the `BlazorBlog.Infrastructure` namespace to implement the `IAdminProfileService` interface. This service provides functionality for managing admin profiles, including: - Retrieving admin profile details via `GetAdminProfileAsync`. - Updating admin profile information via `UpdateAdminProfileAsync`, with validation for email uniqueness and updates to normalized fields. - Changing admin passwords via `ChangePasswordAsync`, with validation for the current password and error handling. Dependencies injected include `UserManager<ApplicationUser>` for user management and `ApplicationDbContext` for database operations. The service uses `AdminProfileViewModel` and `ChangePasswordViewModel` for data transfer.
Replaced the original Tailwind CSS setup with a comprehensive, modern configuration. - Added utility classes for layout, typography, spacing, colors, borders, shadows, transitions, and animations. - Introduced responsive design support with `sm`, `md`, `lg`, and `xl` breakpoints. - Added dark mode classes (`dark:bg-*`, `dark:text-*`, `dark:border-*`). - Enhanced hover, focus, and active state utilities (`hover:bg-*`, `focus:ring-*`, `group-hover:*`). - Updated `prose` classes for rich text content styling. - Included accessibility classes like `sr-only` and `pointer-events-none`. - Added advanced features such as `aspect-ratio`, `line-clamp`, and `backdrop-filter`. This overhaul improves flexibility, responsiveness, and accessibility, aligning the framework with modern web development standards.
Updated the `ConnectionStrings` section in `appsettings.json`: - Replaced SQL Server connection string with PostgreSQL. - New configuration uses `localhost`, port `5432`, database `blazorblog`, and credentials for `postgres`. - Reflects migration from SQL Server to PostgreSQL for the application.
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 13609550 | Triggered | Generic Password | aa3949f | BlazorBlog/appsettings.json | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices.
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR Classification
New feature and database migration.
PR Summary
Introduces admin profile management functionality and migrates the database provider from SQL Server to PostgreSQL. Updates the admin layout and adds a new Razor page for managing admin profiles.
IAdminProfileServiceinterface and implemented it inAdminProfileServicefor admin profile operations.AdminProfileViewModelandChangePasswordViewModelfor profile and password management.AdminLayout.razorto include a navigation link for "Admin Profile" and addedAdminProfile.razorpage.Program.csto handle forwarded headers and improve logging for database migrations.