squidex/backend/src/Squidex/Areas/IdentityServer/Controllers/Setup/SetupController.cs


								// ==========================================================================

								//  Squidex Headless CMS

								// ==========================================================================

								//  Copyright (c) Squidex UG (haftungsbeschraenkt)

								//  All rights reserved. Licensed under the MIT license.

								// ==========================================================================


								using Microsoft.AspNetCore.Identity;

								using Microsoft.AspNetCore.Mvc;

								using Microsoft.Extensions.Options;

								using Squidex.Areas.Api.Controllers.UI;

								using Squidex.Assets;

								using Squidex.Config;

								using Squidex.Domain.Users;

								using Squidex.Hosting;

								using Squidex.Infrastructure;

								using Squidex.Infrastructure.Reflection;

								using Squidex.Infrastructure.Translations;

								using Squidex.Infrastructure.Validation;

								using Squidex.Web;


								namespace Squidex.Areas.IdentityServer.Controllers.Setup;


								[AutoValidateAntiforgeryToken]

								public class SetupController : IdentityServerController

								{

								    private readonly IAssetStore assetStore;

								    private readonly IUrlGenerator urlGenerator;

								    private readonly IUserService userService;

								    private readonly MyUIOptions uiOptions;

								    private readonly MyIdentityOptions identityOptions;


								    public SetupController(

								        IAssetStore assetStore,

								        IOptions<MyUIOptions> uiOptions,

								        IOptions<MyIdentityOptions> identityOptions,

								        IUrlGenerator urlGenerator,

								        IUserService userService)

								    {

								        this.assetStore = assetStore;

								        this.identityOptions = identityOptions.Value;

								        this.uiOptions = uiOptions.Value;

								        this.urlGenerator = urlGenerator;

								        this.userService = userService;

								    }


								    [HttpGet]

								    [Route("setup/")]

								    public async Task<IActionResult> Setup()

								    {

								        if (!await userService.IsEmptyAsync(HttpContext.RequestAborted))

								        {

								            return RedirectToReturnUrl(null);

								        }


								        return View(nameof(Setup), await GetVM(None.Value));

								    }


								    [HttpPost]

								    [Route("setup/")]

								    public async Task<IActionResult> Setup(CreateUserModel model)

								    {

								        if (!await userService.IsEmptyAsync(HttpContext.RequestAborted))

								        {

								            return RedirectToReturnUrl(null);

								        }


								        if (!ModelState.IsValid)

								        {

								            return View(nameof(Setup), await GetVM(model));

								        }


								        string errorMessage;

								        try

								        {

								            var user = await userService.CreateAsync(model.Email, new UserValues

								            {

								                Password = model.Password

								            }, ct: HttpContext.RequestAborted);


								            await SignInManager.SignInAsync((IdentityUser)user.Identity, true);


								            return RedirectToReturnUrl(null);

								        }

								        catch (ValidationException ex)

								        {

								            errorMessage = ex.Message;

								        }

								        catch (Exception)

								        {

								            errorMessage = T.Get("users.errorHappened");

								        }


								        return View(nameof(Setup), await GetVM(model, errorMessage));

								    }


								    private async Task<SetupVM> GetVM<TModel>(TModel? model = null, string? errorMessage = null) where TModel : class

								    {

								        var externalProviders = await SignInManager.GetExternalProvidersAsync();


								        var result = new SetupVM

								        {

								            BaseUrlConfigured = urlGenerator.BuildUrl(string.Empty, false),

								            BaseUrlCurrent = GetCurrentUrl(),

								            ErrorMessage = errorMessage,

								            EverybodyCanCreateApps = !uiOptions.OnlyAdminsCanCreateApps,

								            EverybodyCanCreateTeams = !uiOptions.OnlyAdminsCanCreateTeams,

								            IsValidHttps = HttpContext.Request.IsHttps,

								            IsAssetStoreFile = assetStore is FolderAssetStore,

								            IsAssetStoreFtp = assetStore is FTPAssetStore,

								            HasExternalLogin = externalProviders.Count != 0,

								            HasPasswordAuth = identityOptions.AllowPasswordAuth

								        };


								        if (model != null)

								        {

								            SimpleMapper.Map(model, result);

								        }


								        return result;

								    }


								    private string GetCurrentUrl()

								    {

								        var request = HttpContext.Request;


								        var url = $"{request.Scheme}://{request.Host}{request.PathBase}";


								        if (url.EndsWith(Constants.PrefixIdentityServer, StringComparison.Ordinal))

								        {

								            url = url[..^Constants.PrefixIdentityServer.Length];

								        }


								        return url.TrimEnd('/');

								    }

								}