PetSite updates (#350)

* useId in querystring, userId in trace context, and new layout + more

* Basecontroller changes to avoid dual redirect

* Change SSM approach

* Change SSM Access and change petitem layout slightly

* Comment cuteness rate for testing

* TryParse check

* Comment Food stuff

* Aggressive logging for debugging purposes

* Add app wide error page

* Adding logging to AdoptionController

* Add DataProtection dependency for TempData

* Make TempData use Session

* Get rid of TempData altogether

* Logging for ViewData checks

* Change from HttpSession Cookies for Payment

* Moved userId management to ViewData and  hidden controls

* Validate querystring in URLs, use inline input fields for userIds

* Add Helpers

* App wide Error page

Author: awsimaya

PetAdoptions/petsite/petsite/Controllers/AdoptionController.cs

@@ -33,24 +33,18 @@ public IActionResult Index([FromQuery] Pet pet)
         {
             if (EnsureUserId()) return new EmptyResult(); // Redirect happened, stop processing
 
-            // Check if pet data exists in TempData (from TakeMeHome redirect)
-            if (TempData["SelectedPet"] != null)
-            {
-                var petJson = TempData["SelectedPet"].ToString();
-                pet = JsonSerializer.Deserialize<Pet>(petJson);
-            }
-            
-            _logger.LogInformation($"In Index Adoption/Index method and about to render the View with: {TempData["SelectedPet"]}");
+            _logger.LogInformation($"In Index Adoption/Index method with pet: {JsonSerializer.Serialize(pet)}");
 
             return View(pet);
         }
 
 
 
         [HttpPost]
-        public async Task<IActionResult> TakeMeHome([FromForm] SearchParams searchParams)
+        public async Task<IActionResult> TakeMeHome([FromForm] SearchParams searchParams, string userId)
         {
-            EnsureUserId();
+            if(string.IsNullOrEmpty(userId)) EnsureUserId();
+            
             // Add custom span attributes using Activity API
             var currentActivity = Activity.Current;
             if (currentActivity != null)
@@ -76,7 +70,7 @@ public async Task<IActionResult> TakeMeHome([FromForm] SearchParams searchParams
                         activity.SetTag("pet.color", searchParams.petcolor);
                     }
                     _logger.LogInformation($"Inside Adoption/TakeMeHome with - pettype: {searchParams.pettype}, petcolor: {searchParams.petcolor}, petid: {searchParams.petid}");
-                    pets = await _petSearchService.GetPetDetails(searchParams.pettype, searchParams.petcolor, searchParams.petid);
+                    pets = await _petSearchService.GetPetDetails(searchParams.pettype, searchParams.petcolor, searchParams.petid, "userxxx");
                 }
             }
             catch (Exception e)
@@ -89,11 +83,18 @@ public async Task<IActionResult> TakeMeHome([FromForm] SearchParams searchParams
             var selectedPet = pets.FirstOrDefault();
             if (selectedPet != null)
             {
-                TempData["SelectedPet"] = JsonSerializer.Serialize(selectedPet);
+                return RedirectToAction("Index", new { 
+                    userId = userId,
+                    petid = selectedPet.petid,
+                    pettype = selectedPet.pettype,
+                    petcolor = selectedPet.petcolor,
+                    peturl = selectedPet.peturl,
+                    price = selectedPet.price,
+                    cuteness_rate = selectedPet.cuteness_rate
+                });
             }
-            _logger.LogInformation($"Redirecting to Index page with : {JsonSerializer.Serialize(selectedPet)}");
 
-            return RedirectToAction("Index", new { userId = ViewBag.UserId });
+            return RedirectToAction("Index", new { userId = userId });
         }
     }
 }

PetAdoptions/petsite/petsite/Controllers/BaseController.cs

@@ -22,38 +22,41 @@ public class BaseController : Controller
         protected bool EnsureUserId()
         {
             string userId = Request.Query["userId"].ToString();
-            bool needsRedirect = false;
 
-            // Get or generate userId
+            // Generate userId only on Home/Index if not provided
             if (string.IsNullOrEmpty(userId))
             {
-                userId = HttpContext.Session.GetString("userId");
-                if (string.IsNullOrEmpty(userId))
+                // Only generate on Home/Index, otherwise require userId
+                if (ControllerContext.ActionDescriptor.ControllerName == "Home" && 
+                    ControllerContext.ActionDescriptor.ActionName == "Index")
                 {
                     userId = UserIds[Random.Next(UserIds.Count)];
+                    
+                    if (Request.Method == "GET")
+                    {
+                        var queryString = Request.QueryString.HasValue ? Request.QueryString.Value + "&userId=" + userId : "?userId=" + userId;
+                        Response.Redirect(Request.Path + queryString);
+                        return true;
+                    }
+                }
+                else
+                {
+                    // Redirect to Home/Index if userId is missing on other pages
+                    Response.Redirect("/Home/Index");
+                    return true;
                 }
-                // Only redirect for GET requests, not POST
-                needsRedirect = Request.Method == "GET";
             }
 
-            // Always set session, ViewBag, and OTEL
-            HttpContext.Session.SetString("userId", userId);
+            // Set ViewBag and ViewData for all views
             ViewBag.UserId = userId;
+            ViewData["UserId"] = userId;
 
             var currentActivity = Activity.Current;
             if (currentActivity != null && !currentActivity.Tags.Any(tag => tag.Key == "userId"))
             {
                 currentActivity.SetTag("userId", userId);
             }
 
-            // Redirect only for GET requests
-            if (needsRedirect)
-            {
-                var queryString = Request.QueryString.HasValue ? Request.QueryString.Value + "&userId=" + userId : "?userId=" + userId;
-                Response.Redirect(Request.Path + queryString);
-                return true;
-            }
-            
             return false;
         }
     }

PetAdoptions/petsite/petsite/Controllers/FoodServiceController.cs

@@ -8,6 +8,7 @@
 using Microsoft.Extensions.Logging;
 using Microsoft.AspNetCore.Http;
 using PetSite.Models;
+using PetSite.Helpers;
 
 namespace PetSite.Controllers
 {
@@ -33,9 +34,9 @@ public async Task<IActionResult> GetFoods()
             {
                 using var httpClient = _httpClientFactory.CreateClient();
                 var foodApiUrl = _configuration["FOOD_API_URL"] ?? "https://api.example.com/foods";
-                var userId = ViewBag.UserId?.ToString() ?? HttpContext.Session.GetString("userId");
-                var separator = foodApiUrl.Contains("?") ? "&" : "?";
-                var response = await httpClient.GetAsync($"{foodApiUrl}{separator}userId={userId}");
+                var userId = ViewBag.UserId?.ToString();
+                var url = UrlHelper.BuildUrl(foodApiUrl, ("userId", userId));
+                var response = await httpClient.GetAsync(url);
                 response.EnsureSuccessStatusCode();
 
                 var jsonContent = await response.Content.ReadAsStringAsync();
@@ -51,28 +52,28 @@ public async Task<IActionResult> GetFoods()
         }
 
         [HttpPost]
-        public async Task<IActionResult> BuyFood(string foodId)
+        public async Task<IActionResult> BuyFood(string foodId, string userId)
         {
             if (EnsureUserId()) return new EmptyResult();
 
             try
             {
                 using var httpClient = _httpClientFactory.CreateClient();
                 var purchaseApiUrl = _configuration["FOOD_PURCHASE_API_URL"] ?? "https://api.example.com/purchase";
-                var userId = ViewBag.UserId?.ToString() ?? HttpContext.Session.GetString("userId");
-                var response = await httpClient.PostAsync($"{purchaseApiUrl}?foodId={foodId}&userId={userId}", null);
+               // var userId = ViewBag.UserId?.ToString();
+                var url = UrlHelper.BuildUrl(purchaseApiUrl, ("foodId", foodId), ("userId", userId));
+                var response = await httpClient.PostAsync(url, null);
                 response.EnsureSuccessStatusCode();
 
-                TempData["FoodPurchaseStatus"] = "success";
-                TempData["PurchasedFoodId"] = foodId;
+                // Food purchase successful - could add ViewData or redirect with status
             }
             catch (Exception ex)
             {
                 _logger.LogError(ex, "Error purchasing food");
-                TempData["FoodPurchaseStatus"] = "error";
+                // Food purchase failed - could add ViewData or redirect with error
             }
 
-            return RedirectToAction("Index", "Payment", new { userId = ViewBag.UserId });
+            return RedirectToAction("Index", "Payment", new { userId = userId });
         }
     }
 }

PetAdoptions/petsite/petsite/Controllers/HomeController.cs

@@ -12,6 +12,7 @@
 using Microsoft.AspNetCore.Mvc.Rendering;
 using Microsoft.Extensions.Configuration;
 using Microsoft.AspNetCore.Http;
+using PetSite.Helpers;
 using Prometheus;
 
 namespace PetSite.Controllers
@@ -78,8 +79,9 @@ public async Task<IActionResult> HouseKeeping()
             string cleanupadoptionsurl = _configuration["cleanupadoptionsurl"];
 
             using var httpClient = _httpClientFactory.CreateClient();
-            var userId = ViewBag.UserId?.ToString() ?? HttpContext.Session.GetString("userId");
-            await httpClient.PostAsync($"{cleanupadoptionsurl}?userId={userId}", null);
+            var userId = ViewBag.UserId?.ToString();
+            var url = UrlHelper.BuildUrl(cleanupadoptionsurl, ("userId", userId));
+            await httpClient.PostAsync(url, null);
 
             return View();
         }
@@ -112,8 +114,9 @@ public async Task<IActionResult> Index(string selectedPetType, string selectedPe
                         activity.SetTag("pet.color", selectedPetColor);
                         activity.SetTag("pet.id", petid);
                     }
-                    
-                    Pets = await _petSearchService.GetPetDetails(selectedPetType, selectedPetColor, petid);
+
+                    var userId = Request.Query["userId"].ToString();
+                    Pets = await _petSearchService.GetPetDetails(selectedPetType, selectedPetColor, petid, userId);
                 }
             }
             catch (HttpRequestException e)
@@ -159,8 +162,16 @@ public async Task<IActionResult> Index(string selectedPetType, string selectedPe
         }
 
         [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
-        public IActionResult Error()
+        public IActionResult Error(string userId, string message)
         {
+            if (!string.IsNullOrEmpty(userId))
+            {
+                ViewBag.UserId = userId;
+                ViewData["UserId"] = userId;
+            }
+            
+            ViewBag.ErrorMessage = message;
+            
             return View(new ErrorViewModel {RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier});
         }
     }

PetAdoptions/petsite/petsite/Controllers/PaymentController.cs

@@ -7,14 +7,15 @@
 using Amazon.SQS;
 using Microsoft.Extensions.Configuration;
 using Microsoft.AspNetCore.Http;
+using PetSite.Helpers;
 using Prometheus;
 
 namespace PetSite.Controllers
 {
     public class PaymentController : BaseController
     {
         private static string _txStatus = String.Empty;
-        
+
         private readonly ILogger<PaymentController> _logger;
 
         private readonly IHttpClientFactory _httpClientFactory;
@@ -24,7 +25,8 @@ public class PaymentController : BaseController
         private static readonly Counter PetAdoptionCount =
             Metrics.CreateCounter("petsite_petadoptions_total", "Count the number of Pets adopted");
 
-        public PaymentController(ILogger<PaymentController> logger, IConfiguration configuration, IHttpClientFactory httpClientFactory)
+        public PaymentController(ILogger<PaymentController> logger, IConfiguration configuration,
+            IHttpClientFactory httpClientFactory)
         {
             _configuration = configuration;
             _httpClientFactory = httpClientFactory;
@@ -33,40 +35,39 @@ public PaymentController(ILogger<PaymentController> logger, IConfiguration confi
 
         // GET: Payment
         [HttpGet]
-        public ActionResult Index()
+        public ActionResult Index([FromQuery] string userId, string status)
         {
             if (EnsureUserId()) return new EmptyResult();
 
-            // Transfer TempData to ViewData for the view
-            if (TempData["txStatus"] != null)
-            {
-                ViewData["txStatus"] = TempData["txStatus"];
-                ViewData["error"] = TempData["error"];
-            }
-            
-            // Handle food purchase status
-            if (TempData["FoodPurchaseStatus"] != null)
-            {
-                ViewData["FoodPurchaseStatus"] = TempData["FoodPurchaseStatus"];
-                ViewData["PurchasedFoodId"] = TempData["PurchasedFoodId"];
-            }
+            // Transfer Session to ViewData for the view
+            ViewData["txStatus"] = status;
 
+            // ViewData["FoodPurchaseStatus"] = HttpContext.Session.GetString("FoodPurchaseStatus");
+            // ViewData["PurchasedFoodId"] = HttpContext.Session.GetString("PurchasedFoodId");
+            //
+            // Clear session data after reading
+            // HttpContext.Session.Remove("FoodPurchaseStatus");
+            // HttpContext.Session.Remove("PurchasedFoodId");
+            //
             return View();
         }
 
         // POST: Payment/MakePayment
         [HttpPost]
         // [ValidateAntiForgeryToken]
-        public async Task<IActionResult> MakePayment(string petId, string pettype)
+        public async Task<IActionResult> MakePayment(string petId, string pettype, string userId)
         {
-            if (EnsureUserId()) return new EmptyResult();
+            //if (EnsureUserId()) return new EmptyResult();
+
+            if (string.IsNullOrEmpty(userId)) EnsureUserId();
+            
             // Add custom span attributes using Activity API
             var currentActivity = Activity.Current;
             if (currentActivity != null)
             {
                 currentActivity.SetTag("pet.id", petId);
                 currentActivity.SetTag("pet.type", pettype);
-                
+
                 _logger.LogInformation($"Inside MakePayment Action method - PetId:{petId} - PetType:{pettype}");
             }
 
@@ -80,29 +81,27 @@ public async Task<IActionResult> MakePayment(string petId, string pettype)
                         activity.SetTag("pet.id", petId);
                         activity.SetTag("pet.type", pettype);
                     }
-                    var userId = ViewBag.UserId?.ToString() ?? HttpContext.Session.GetString("userId");
+
+                    // userId parameter is already available
 
                     using var httpClient = _httpClientFactory.CreateClient();
 
-                    await httpClient.PostAsync($"{_configuration["paymentapiurl"]}?petId={petId}&petType={pettype}&userId={userId}",
-                        null);
+                    var url = UrlHelper.BuildUrl(_configuration["paymentapiurl"], 
+                        ("petId", petId), ("petType", pettype), ("userId", userId));
+                    await httpClient.PostAsync(url, null);
                 }
 
                 //Increase purchase metric count
                 PetAdoptionCount.Inc();
-                TempData["txStatus"] = "success";
-                return RedirectToAction("Index", new { userId = ViewBag.UserId });
+                return RedirectToAction("Index", new { userId = userId, status = "success" });
             }
             catch (Exception ex)
             {
-                TempData["txStatus"] = "failure";
-                TempData["error"] = ex.Message;
-                
                 // Log the exception
                 _logger.LogError(ex, $"Error in MakePayment: {ex.Message}");
-                
-                return RedirectToAction("Index", new { userId = ViewBag.UserId });
+
+                return RedirectToAction("Index", new { userId = userId, status = ex.Message });
             }
         }
     }
-}
+}

PetAdoptions/petsite/petsite/Controllers/PetHistoryController.cs

@@ -6,6 +6,7 @@
 using System.Diagnostics;
 using Microsoft.Extensions.Logging;
 using Microsoft.AspNetCore.Http;
+using PetSite.Helpers;
 
 namespace PetSite.Controllers;
 
@@ -45,8 +46,9 @@ public async Task<IActionResult> Index()
             using (var activity = Activity.Current?.Source?.StartActivity("Calling GetPetAdoptionsHistory API"))
             {
                 using var httpClient = _httpClientFactory.CreateClient();
-                var userId = HttpContext.Session.GetString("userId") ?? "unknown";
-                ViewData["pethistory"] = await httpClient.GetStringAsync($"{_pethistoryurl}/api/home/transactions?userId={userId}");
+                var userId = ViewBag.UserId?.ToString() ?? "unknown";
+                var url = UrlHelper.BuildUrl($"{_pethistoryurl}/api/home/transactions", ("userId", userId));
+                ViewData["pethistory"] = await httpClient.GetStringAsync(url);
             }
         }
         catch (Exception e)
@@ -79,8 +81,9 @@ public async Task<IActionResult> DeletePetAdoptionsHistory()
             using (var activity = Activity.Current?.Source?.StartActivity("Calling DeletePetAdoptionsHistory API"))
             {
                 using var httpClient = _httpClientFactory.CreateClient();
-                var userId = HttpContext.Session.GetString("userId") ?? "unknown";
-                ViewData["pethistory"] = await httpClient.DeleteAsync($"{_pethistoryurl}/api/home/transactions?userId={userId}");
+                var userId = ViewBag.UserId?.ToString() ?? "unknown";
+                var url = UrlHelper.BuildUrl($"{_pethistoryurl}/api/home/transactions", ("userId", userId));
+                ViewData["pethistory"] = await httpClient.DeleteAsync(url);
             }
         }
         catch (Exception e)