using Microsoft.AspNetCore.Components.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.EntityFrameworkCore; using WatchLog.Components; using WatchLog.Components.Account; using WatchLog.Data; var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddRazorComponents() .AddInteractiveServerComponents(); builder.Services.AddCascadingAuthenticationState(); builder.Services.AddScoped(); builder.Services.AddScoped(); builder.Services.AddScoped(); builder.Services.AddAuthentication(options => { options.DefaultScheme = IdentityConstants.ApplicationScheme; options.DefaultSignInScheme = IdentityConstants.ExternalScheme; }) .AddIdentityCookies(); var connectionString = builder.Configuration.GetConnectionString("WatchLogDB") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found."); builder.Services.AddDbContext(options => options.UseSqlite(connectionString)); builder.Services.AddDatabaseDeveloperPageExceptionFilter(); builder.Services.AddIdentityCore(options => options.SignIn.RequireConfirmedAccount = true) .AddRoles() // <-- Das ist der wichtige Zusatz .AddEntityFrameworkStores() .AddSignInManager() .AddDefaultTokenProviders(); builder.Services.AddSingleton, IdentityNoOpEmailSender>(); var app = builder.Build(); // Configure the HTTP request pipeline. if (app.Environment.IsDevelopment()) { app.UseMigrationsEndPoint(); } else { app.UseExceptionHandler("/Error", createScopeForErrors: true); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } app.UseHttpsRedirection(); app.UseAntiforgery(); app.MapStaticAssets(); app.MapRazorComponents() .AddInteractiveServerRenderMode(); // Add additional endpoints required by the Identity /Account Razor components. app.MapAdditionalIdentityEndpoints(); using (var scope = app.Services.CreateScope()) { var roleManager = scope.ServiceProvider.GetRequiredService>(); var userManager = scope.ServiceProvider.GetRequiredService>(); // UserManager hinzufügen string[] roleNames = { "Admin", "User" }; IdentityResult roleResult; foreach (var roleName in roleNames) { var roleExist = await roleManager.RoleExistsAsync(roleName); if (!roleExist) { roleResult = await roleManager.CreateAsync(new IdentityRole(roleName)); } } // --- HIER BEGINNT DER NEUE TEIL --- // Erstellt den Admin-Benutzer und weist ihm die Admin-Rolle zu. // WICHTIG: Ändere hier die E-Mail-Adresse und das Passwort! var adminEmail = "admin@deine-app.de"; var adminPassword = "EinSehrSicheresPasswort123!"; // Nur für lokale Entwicklung, besser aus Konfiguration laden var normalUserEmail = "user@deine-app.de"; // Sucht nach dem Benutzer anhand der E-Mail. var adminUser = await userManager.FindByEmailAsync(adminEmail); var normalUser = await userManager.FindByEmailAsync(normalUserEmail); // Wenn der Admin-Benutzer NICHT existiert, erstellen wir ihn. if (adminUser == null) { adminUser = new ApplicationUser { UserName = adminEmail, Email = adminEmail, EmailConfirmed = true // Wichtig, damit er sich direkt einloggen kann }; // Erstellt den Benutzer mit dem definierten Passwort. var createResult = await userManager.CreateAsync(adminUser, adminPassword); // Wenn die Erstellung erfolgreich war, weisen wir die Admin-Rolle zu. if (createResult.Succeeded) { await userManager.AddToRoleAsync(adminUser, "Admin"); } } else if (normalUser == null) { normalUser = new ApplicationUser { UserName = normalUserEmail, Email = normalUserEmail, EmailConfirmed = true }; var createResult = await userManager.CreateAsync(normalUser, adminPassword); if (createResult.Succeeded) { await userManager.AddToRoleAsync(adminUser, "User"); } } else if (!await userManager.IsInRoleAsync(normalUser, "User")) { await userManager.AddToRoleAsync(normalUser, "User"); } // Optional: Wenn der Benutzer bereits existiert, aber kein Admin ist. else if (!await userManager.IsInRoleAsync(adminUser, "Admin")) { await userManager.AddToRoleAsync(adminUser, "Admin"); } } app.Run();