Add authentication

Website/Controllers/BlogController.cs

@@ -1,6 +1,7 @@
 using System;
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Website.Data;
 using Website.Models;
@@ -38,6 +39,7 @@ namespace Website.Controllers
 			}
 		}
 
+		[Authorize]
 		public async Task<IActionResult> Edit(int? id) {
 			if (!id.HasValue)
 				return View();
@@ -56,6 +58,7 @@ namespace Website.Controllers
 			}
 		}
 
+		[Authorize]
 		[HttpPost]
 		public async Task<IActionResult> Save(BlogPostSubmission submission) {
 			var post = submission.Id.HasValue ? await _repo.GetPostByIdAsync(submission.Id.Value) : new BlogPost();
@@ -68,12 +71,14 @@ namespace Website.Controllers
 			return RedirectToAction(nameof(Edit), new{savedPost.Id});
 		}
 
+		[Authorize]
 		public async Task<IActionResult> Manage() {
 			var posts = await _repo.GetAllPostsAsync();
 			var models = posts.OrderByDescending(post => post.Timestamp).Select(post => new BlogPostViewModel(post));
 			return View(models);
 		}
 
+		[Authorize]
 		public async Task<IActionResult> Publish(int id) {
 			var post = await _repo.GetPostByIdAsync(id);
 			post.Publish();
@@ -82,6 +87,7 @@ namespace Website.Controllers
 			return RedirectToAction(nameof(Manage));
 		}
 
+		[Authorize]
 		public async Task<IActionResult> Delete(int id) {
 			await _repo.DeletePostAsync(id);