From 39e0d5ec8b58713f9aa5621aa9439b524f5a2c83 Mon Sep 17 00:00:00 2001
From: "Daniel J. Summers" <daniel@bitbadger.solutions>
Date: Sun, 27 Feb 2022 16:15:35 -0500
Subject: [PATCH] Log on/off works; WIP on layout

---
 .../Extensions/WebLogUserExtensions.cs        |  16 ++
 src/MyWebLog.Data/WebLogDbContext.cs          |   6 +
 .../Features/Admin/AdminController.cs         |  19 +++
 src/MyWebLog/Features/Admin/Index.cshtml      |   5 +
 .../Features/Shared/_AdminLayout.cshtml       |  48 ++++++
 .../Features/Shared/_LogOnOffPartial.cshtml   |  11 ++
 src/MyWebLog/Features/Users/LogOn.cshtml      |  30 ++++
 src/MyWebLog/Features/Users/LogOnModel.cs     |  24 +++
 src/MyWebLog/Features/Users/UserController.cs |  51 ++++++-
 src/MyWebLog/Features/_ViewImports.cshtml     |   6 +
 src/MyWebLog/GlobalUsings.cs                  |   1 +
 src/MyWebLog/MyWebLog.csproj                  |  17 ++-
 src/MyWebLog/Program.cs                       |  32 ++--
 src/MyWebLog/Properties/Resources.Designer.cs | 117 +++++++++++++++
 src/MyWebLog/Properties/Resources.resx        | 138 ++++++++++++++++++
 .../Default/Shared/_DefaultFooter.cshtml      |   6 +
 .../Default/Shared/_DefaultHeader.cshtml      |  23 +++
 .../Themes/Default/Shared/_Layout.cshtml      |  31 +++-
 src/MyWebLog/WebLogMiddleware.cs              |  19 +--
 src/MyWebLog/wwwroot/css/admin.css            |   5 +
 src/MyWebLog/wwwroot/img/logo-dark.png        | Bin 0 -> 3362 bytes
 src/MyWebLog/wwwroot/img/logo-light.png       | Bin 0 -> 4135 bytes
 22 files changed, 573 insertions(+), 32 deletions(-)
 create mode 100644 src/MyWebLog.Data/Extensions/WebLogUserExtensions.cs
 create mode 100644 src/MyWebLog/Features/Admin/AdminController.cs
 create mode 100644 src/MyWebLog/Features/Admin/Index.cshtml
 create mode 100644 src/MyWebLog/Features/Shared/_AdminLayout.cshtml
 create mode 100644 src/MyWebLog/Features/Shared/_LogOnOffPartial.cshtml
 create mode 100644 src/MyWebLog/Features/Users/LogOn.cshtml
 create mode 100644 src/MyWebLog/Features/Users/LogOnModel.cs
 create mode 100644 src/MyWebLog/Features/_ViewImports.cshtml
 create mode 100644 src/MyWebLog/Properties/Resources.Designer.cs
 create mode 100644 src/MyWebLog/Properties/Resources.resx
 create mode 100644 src/MyWebLog/Themes/Default/Shared/_DefaultFooter.cshtml
 create mode 100644 src/MyWebLog/Themes/Default/Shared/_DefaultHeader.cshtml
 create mode 100644 src/MyWebLog/wwwroot/css/admin.css
 create mode 100644 src/MyWebLog/wwwroot/img/logo-dark.png
 create mode 100644 src/MyWebLog/wwwroot/img/logo-light.png

diff --git a/src/MyWebLog.Data/Extensions/WebLogUserExtensions.cs b/src/MyWebLog.Data/Extensions/WebLogUserExtensions.cs
new file mode 100644
index 0000000..71d614e
--- /dev/null
+++ b/src/MyWebLog.Data/Extensions/WebLogUserExtensions.cs
@@ -0,0 +1,16 @@
+using Microsoft.EntityFrameworkCore;
+
+namespace MyWebLog.Data;
+
+public static class WebLogUserExtensions
+{
+    /// <summary>
+    /// Find a user by their log on information (non-tracked)
+    /// </summary>
+    /// <param name="email">The user's e-mail address</param>
+    /// <param name="pwHash">The hash of the password provided by the user</param>
+    /// <returns>The user, if the credentials match; null if they do not</returns>
+    public static async Task<WebLogUser?> FindByEmail(this DbSet<WebLogUser> db, string email) =>
+        await db.SingleOrDefaultAsync(wlu => wlu.UserName == email).ConfigureAwait(false);
+
+}
diff --git a/src/MyWebLog.Data/WebLogDbContext.cs b/src/MyWebLog.Data/WebLogDbContext.cs
index e4fcb92..3d63b97 100644
--- a/src/MyWebLog.Data/WebLogDbContext.cs
+++ b/src/MyWebLog.Data/WebLogDbContext.cs
@@ -56,6 +56,12 @@ public sealed class WebLogDbContext : DbContext
     /// <param name="options">Configuration options</param>
     public WebLogDbContext(DbContextOptions<WebLogDbContext> options) : base(options) { }
 
+    /// <inheritdoc />
+    protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
+    {
+        optionsBuilder.UseQueryTrackingBehavior(QueryTrackingBehavior.NoTracking);
+    }
+
     /// <inheritdoc />
     protected override void OnModelCreating(ModelBuilder modelBuilder)
     {
diff --git a/src/MyWebLog/Features/Admin/AdminController.cs b/src/MyWebLog/Features/Admin/AdminController.cs
new file mode 100644
index 0000000..088ee6e
--- /dev/null
+++ b/src/MyWebLog/Features/Admin/AdminController.cs
@@ -0,0 +1,19 @@
+using Microsoft.AspNetCore.Mvc;
+
+namespace MyWebLog.Features.Admin;
+
+/// <summary>
+/// Controller for admin-specific displays and routes
+/// </summary>
+[Route("/admin")]
+public class AdminController : MyWebLogController
+{
+    /// <inheritdoc />
+    public AdminController(WebLogDbContext db) : base(db) { }
+
+    [HttpGet("")]
+    public IActionResult Index()
+    {
+        return View();
+    }
+}
diff --git a/src/MyWebLog/Features/Admin/Index.cshtml b/src/MyWebLog/Features/Admin/Index.cshtml
new file mode 100644
index 0000000..52fecf9
--- /dev/null
+++ b/src/MyWebLog/Features/Admin/Index.cshtml
@@ -0,0 +1,5 @@
+@{
+    Layout = "_AdminLayout";
+    ViewBag.Title = Resources.Dashboard;
+}
+<p>You're logged on!</p>
diff --git a/src/MyWebLog/Features/Shared/_AdminLayout.cshtml b/src/MyWebLog/Features/Shared/_AdminLayout.cshtml
new file mode 100644
index 0000000..d32e32f
--- /dev/null
+++ b/src/MyWebLog/Features/Shared/_AdminLayout.cshtml
@@ -0,0 +1,48 @@
+@inject IHttpContextAccessor ctxAcc
+@{
+    var details = WebLogCache.Get(ctxAcc.HttpContext!);
+}
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta name="viewport" content="width=device-width" />
+  <title>@ViewBag.Title &laquo; @Resources.Admin &laquo; @details.Name</title>
+  <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css"
+        integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
+  <link rel="stylesheet" href="~/css/admin.css">
+</head>
+<body>
+  <header>
+    <nav class="navbar navbar-dark bg-dark navbar-expand-md justify-content-start px-2">
+      <div class="container-fluid">
+        <a class="navbar-brand" href="~/">@details.Name</a>
+        <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarText"
+                aria-controls="navbarText" aria-expanded="false" aria-label="Toggle navigation">
+          <span class="navbar-toggler-icon"></span>
+        </button>
+        <div class="collapse navbar-collapse" id="navbarText">
+          <span class="navbar-text">@ViewBag.Title</span>
+          @await Html.PartialAsync("_LogOnOffPartial")
+        </div>
+      </div>
+    </nav>
+  </header>
+  <main>
+    <h2 class="pb-3">@ViewBag.Title</h2>
+    @* Each.Messages
+      @Current.ToDisplay
+    @EndEach *@
+    @RenderBody()
+  </main>
+  <footer>
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-xs-12 text-end"><img src="~/img/logo-light.png" alt="myWebLog"></div>
+      </div>
+    </div>
+  </footer>
+  <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js"
+          integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM"
+          crossorigin="anonymous"></script>
+</body>
+</html>
diff --git a/src/MyWebLog/Features/Shared/_LogOnOffPartial.cshtml b/src/MyWebLog/Features/Shared/_LogOnOffPartial.cshtml
new file mode 100644
index 0000000..c182a99
--- /dev/null
+++ b/src/MyWebLog/Features/Shared/_LogOnOffPartial.cshtml
@@ -0,0 +1,11 @@
+<ul class="navbar-nav flex-grow-1 justify-content-end">
+  @if (User is not null && (User.Identity?.IsAuthenticated ?? false))
+  {
+    <li class="nav-item"><a class="nav-link" asp-action="Index" asp-controller="Admin">@Resources.Dashboard</a></li>
+    <li class="nav-item"><a class="nav-link" asp-action="LogOff" asp-controller="User">@Resources.LogOff</a></li>
+  }
+  else
+  {
+    <li class="nav-item"><a class="nav-link" asp-action="LogOn" asp-controller="User">@Resources.LogOn</a></li>
+  }
+</ul>
diff --git a/src/MyWebLog/Features/Users/LogOn.cshtml b/src/MyWebLog/Features/Users/LogOn.cshtml
new file mode 100644
index 0000000..9a034e9
--- /dev/null
+++ b/src/MyWebLog/Features/Users/LogOn.cshtml
@@ -0,0 +1,30 @@
+@model LogOnModel
+@{
+    Layout = "_AdminLayout";
+    ViewBag.Title = @Resources.LogOn;
+}
+<article>
+  <form asp-action="DoLogOn" asp-controller="User" method="post">
+    <div class="container">
+      <div class="row pb-3">
+        <div class="col col-md-6 col-lg-4 offset-lg-2">
+          <div class="form-floating">
+            <input type="email" asp-for="EmailAddress" class="form-control" autofocus>
+            <label asp-for="EmailAddress"></label>
+          </div>
+        </div>
+        <div class="col col-md-6 col-lg-4">
+          <div class="form-floating">
+            <input type="password" asp-for="Password" class="form-control">
+            <label asp-for="Password"></label>
+          </div>
+        </div>
+      </div>
+      <div class="row pb-3">
+        <div class="col text-center">
+          <button type="submit" class="btn btn-primary">@Resources.LogOn</button>
+        </div>
+      </div>
+    </div>
+  </form>
+</article>
diff --git a/src/MyWebLog/Features/Users/LogOnModel.cs b/src/MyWebLog/Features/Users/LogOnModel.cs
new file mode 100644
index 0000000..b215ea8
--- /dev/null
+++ b/src/MyWebLog/Features/Users/LogOnModel.cs
@@ -0,0 +1,24 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace MyWebLog.Features.Users;
+
+/// <summary>
+/// The model to use to allow a user to log on
+/// </summary>
+public class LogOnModel
+{
+    /// <summary>
+    /// The user's e-mail address
+    /// </summary>
+    [Required(AllowEmptyStrings = false)]
+    [EmailAddress]
+    [Display(ResourceType = typeof(Resources), Name = "EmailAddress")]
+    public string EmailAddress { get; set; } = "";
+    
+    /// <summary>
+    /// The user's password
+    /// </summary>
+    [Required(AllowEmptyStrings = false)]
+    [Display(ResourceType = typeof(Resources), Name = "Password")]
+    public string Password { get; set; } = "";
+}
diff --git a/src/MyWebLog/Features/Users/UserController.cs b/src/MyWebLog/Features/Users/UserController.cs
index 7123c8a..5a2856c 100644
--- a/src/MyWebLog/Features/Users/UserController.cs
+++ b/src/MyWebLog/Features/Users/UserController.cs
@@ -1,4 +1,8 @@
-using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Security.Claims;
 using System.Security.Cryptography;
 using System.Text;
 
@@ -7,6 +11,7 @@ namespace MyWebLog.Features.Users;
 /// <summary>
 /// Controller for the users feature
 /// </summary>
+[Route("/user")]
 public class UserController : MyWebLogController
 {
     /// <summary>
@@ -19,15 +24,53 @@ public class UserController : MyWebLogController
     internal static string HashedPassword(string plainText, string email, Guid salt)
     {
         var allSalt = salt.ToByteArray().Concat(Encoding.UTF8.GetBytes(email)).ToArray();
-        using var alg = new Rfc2898DeriveBytes(plainText, allSalt, 2_048);
+        using Rfc2898DeriveBytes alg = new(plainText, allSalt, 2_048);
         return Convert.ToBase64String(alg.GetBytes(64));
     }
 
     /// <inheritdoc />
     public UserController(WebLogDbContext db) : base(db) { }
 
-    public IActionResult Index()
+    [HttpGet("log-on")]
+    public IActionResult LogOn() =>
+        View(new LogOnModel());
+
+    [HttpPost("log-on")]
+    public async Task<IActionResult> DoLogOn(LogOnModel model)
     {
-        return View();
+        var user = await Db.Users.FindByEmail(model.EmailAddress);
+        
+        if (user == null || user.PasswordHash != HashedPassword(model.Password, user.UserName, user.Salt))
+        {
+            // TODO: make error, not 404
+            return NotFound();
+        }
+
+        List<Claim> claims = new()
+        {
+            new(ClaimTypes.NameIdentifier, user.Id),
+            new(ClaimTypes.Name, $"{user.FirstName} {user.LastName}"),
+            new(ClaimTypes.GivenName, user.PreferredName),
+            new(ClaimTypes.Role, user.AuthorizationLevel.ToString())
+        };
+        ClaimsIdentity identity = new(claims, CookieAuthenticationDefaults.AuthenticationScheme);
+
+        await HttpContext.SignInAsync(identity.AuthenticationType, new(identity),
+            new() { IssuedUtc = DateTime.UtcNow });
+
+        // TODO: confirmation message
+
+        return RedirectToAction("Index", "Admin");
+    }
+
+    [HttpGet("log-off")]
+    [Authorize]
+    public async Task<IActionResult> LogOff()
+    {
+        await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+
+        // TODO: confirmation message
+
+        return LocalRedirect("~/");
     }
 }
diff --git a/src/MyWebLog/Features/_ViewImports.cshtml b/src/MyWebLog/Features/_ViewImports.cshtml
new file mode 100644
index 0000000..65c93a1
--- /dev/null
+++ b/src/MyWebLog/Features/_ViewImports.cshtml
@@ -0,0 +1,6 @@
+@namespace MyWebLog.Features
+
+@using MyWebLog
+@using MyWebLog.Properties
+
+@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
diff --git a/src/MyWebLog/GlobalUsings.cs b/src/MyWebLog/GlobalUsings.cs
index f3f143e..45f4200 100644
--- a/src/MyWebLog/GlobalUsings.cs
+++ b/src/MyWebLog/GlobalUsings.cs
@@ -1,2 +1,3 @@
 global using MyWebLog.Data;
 global using MyWebLog.Features.Shared;
+global using MyWebLog.Properties;
diff --git a/src/MyWebLog/MyWebLog.csproj b/src/MyWebLog/MyWebLog.csproj
index c0b846f..0f4f91a 100644
--- a/src/MyWebLog/MyWebLog.csproj
+++ b/src/MyWebLog/MyWebLog.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <Folder Include="Features\Admin\" />
+    <Folder Include="wwwroot\img\" />
   </ItemGroup>
 
   <ItemGroup>
@@ -21,4 +21,19 @@
     <ProjectReference Include="..\MyWebLog.Data\MyWebLog.Data.csproj" />
   </ItemGroup>
 
+  <ItemGroup>
+    <Compile Update="Properties\Resources.Designer.cs">
+      <DesignTime>True</DesignTime>
+      <AutoGen>True</AutoGen>
+      <DependentUpon>Resources.resx</DependentUpon>
+    </Compile>
+  </ItemGroup>
+
+  <ItemGroup>
+    <EmbeddedResource Update="Properties\Resources.resx">
+      <Generator>PublicResXFileCodeGenerator</Generator>
+      <LastGenOutput>Resources.Designer.cs</LastGenOutput>
+    </EmbeddedResource>
+  </ItemGroup>
+
 </Project>
diff --git a/src/MyWebLog/Program.cs b/src/MyWebLog/Program.cs
index 6f3b234..2a16434 100644
--- a/src/MyWebLog/Program.cs
+++ b/src/MyWebLog/Program.cs
@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using MyWebLog;
 using MyWebLog.Features;
@@ -12,20 +13,23 @@ if (args.Length > 0 && args[0] == "init")
 
 var builder = WebApplication.CreateBuilder(args);
 
-builder.Services.AddMvc(opts => opts.Conventions.Add(new FeatureControllerModelConvention()))
-    .AddRazorOptions(opts =>
-    {
-        opts.ViewLocationFormats.Clear();
-        opts.ViewLocationFormats.Add("/Themes/{3}/{0}.cshtml");
-        opts.ViewLocationFormats.Add("/Themes/{3}/Shared/{0}.cshtml");
-        opts.ViewLocationFormats.Add("/Themes/Default/{0}.cshtml");
-        opts.ViewLocationFormats.Add("/Themes/Default/Shared/{0}.cshtml");
-        opts.ViewLocationFormats.Add("/Features/{2}/{1}/{0}.cshtml");
-        opts.ViewLocationFormats.Add("/Features/{2}/{0}.cshtml");
-        opts.ViewLocationFormats.Add("/Features/Shared/{0}.cshtml");
-        opts.ViewLocationExpanders.Add(new FeatureViewLocationExpander());
-        opts.ViewLocationExpanders.Add(new ThemeViewLocationExpander());
-    });
+builder.Services.AddMvc(opts =>
+{
+    opts.Conventions.Add(new FeatureControllerModelConvention());
+    opts.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
+}).AddRazorOptions(opts =>
+{
+    opts.ViewLocationFormats.Clear();
+    opts.ViewLocationFormats.Add("/Themes/{3}/{0}.cshtml");
+    opts.ViewLocationFormats.Add("/Themes/{3}/Shared/{0}.cshtml");
+    opts.ViewLocationFormats.Add("/Themes/Default/{0}.cshtml");
+    opts.ViewLocationFormats.Add("/Themes/Default/Shared/{0}.cshtml");
+    opts.ViewLocationFormats.Add("/Features/{2}/{1}/{0}.cshtml");
+    opts.ViewLocationFormats.Add("/Features/{2}/{0}.cshtml");
+    opts.ViewLocationFormats.Add("/Features/Shared/{0}.cshtml");
+    opts.ViewLocationExpanders.Add(new FeatureViewLocationExpander());
+    opts.ViewLocationExpanders.Add(new ThemeViewLocationExpander());
+});
 builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
     .AddCookie(opts =>
     {
diff --git a/src/MyWebLog/Properties/Resources.Designer.cs b/src/MyWebLog/Properties/Resources.Designer.cs
new file mode 100644
index 0000000..a087989
--- /dev/null
+++ b/src/MyWebLog/Properties/Resources.Designer.cs
@@ -0,0 +1,117 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//     Runtime Version:4.0.30319.42000
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated.
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace MyWebLog.Properties {
+    using System;
+    
+    
+    /// <summary>
+    ///   A strongly-typed resource class, for looking up localized strings, etc.
+    /// </summary>
+    // This class was auto-generated by the StronglyTypedResourceBuilder
+    // class via a tool like ResGen or Visual Studio.
+    // To add or remove a member, edit your .ResX file then rerun ResGen
+    // with the /str option, or rebuild your VS project.
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
+    [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
+    [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
+    public class Resources {
+        
+        private static global::System.Resources.ResourceManager resourceMan;
+        
+        private static global::System.Globalization.CultureInfo resourceCulture;
+        
+        [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
+        internal Resources() {
+        }
+        
+        /// <summary>
+        ///   Returns the cached ResourceManager instance used by this class.
+        /// </summary>
+        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+        public static global::System.Resources.ResourceManager ResourceManager {
+            get {
+                if (object.ReferenceEquals(resourceMan, null)) {
+                    global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("MyWebLog.Properties.Resources", typeof(Resources).Assembly);
+                    resourceMan = temp;
+                }
+                return resourceMan;
+            }
+        }
+        
+        /// <summary>
+        ///   Overrides the current thread's CurrentUICulture property for all
+        ///   resource lookups using this strongly typed resource class.
+        /// </summary>
+        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+        public static global::System.Globalization.CultureInfo Culture {
+            get {
+                return resourceCulture;
+            }
+            set {
+                resourceCulture = value;
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to Admin.
+        /// </summary>
+        public static string Admin {
+            get {
+                return ResourceManager.GetString("Admin", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to Dashboard.
+        /// </summary>
+        public static string Dashboard {
+            get {
+                return ResourceManager.GetString("Dashboard", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to E-mail Address.
+        /// </summary>
+        public static string EmailAddress {
+            get {
+                return ResourceManager.GetString("EmailAddress", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to Log Off.
+        /// </summary>
+        public static string LogOff {
+            get {
+                return ResourceManager.GetString("LogOff", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to Log On.
+        /// </summary>
+        public static string LogOn {
+            get {
+                return ResourceManager.GetString("LogOn", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to Password.
+        /// </summary>
+        public static string Password {
+            get {
+                return ResourceManager.GetString("Password", resourceCulture);
+            }
+        }
+    }
+}
diff --git a/src/MyWebLog/Properties/Resources.resx b/src/MyWebLog/Properties/Resources.resx
new file mode 100644
index 0000000..8a5e1ba
--- /dev/null
+++ b/src/MyWebLog/Properties/Resources.resx
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="Admin" xml:space="preserve">
+    <value>Admin</value>
+  </data>
+  <data name="Dashboard" xml:space="preserve">
+    <value>Dashboard</value>
+  </data>
+  <data name="EmailAddress" xml:space="preserve">
+    <value>E-mail Address</value>
+  </data>
+  <data name="LogOff" xml:space="preserve">
+    <value>Log Off</value>
+  </data>
+  <data name="LogOn" xml:space="preserve">
+    <value>Log On</value>
+  </data>
+  <data name="Password" xml:space="preserve">
+    <value>Password</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/src/MyWebLog/Themes/Default/Shared/_DefaultFooter.cshtml b/src/MyWebLog/Themes/Default/Shared/_DefaultFooter.cshtml
new file mode 100644
index 0000000..b9f86bb
--- /dev/null
+++ b/src/MyWebLog/Themes/Default/Shared/_DefaultFooter.cshtml
@@ -0,0 +1,6 @@
+<footer>
+  <hr>
+  <div class="container-fluid text-end">
+    <img src="img/logo-dark.png" alt="myWebLog">
+  </div>
+</footer>
diff --git a/src/MyWebLog/Themes/Default/Shared/_DefaultHeader.cshtml b/src/MyWebLog/Themes/Default/Shared/_DefaultHeader.cshtml
new file mode 100644
index 0000000..6a958c4
--- /dev/null
+++ b/src/MyWebLog/Themes/Default/Shared/_DefaultHeader.cshtml
@@ -0,0 +1,23 @@
+@inject IHttpContextAccessor ctxAcc
+@{
+    var details = WebLogCache.Get(ctxAcc.HttpContext!);
+}
+<header>
+  <nav class="navbar navbar-light bg-light navbar-expand-md justify-content-start px-2">
+    <div class="container-fluid">
+      <a class="navbar-brand" href="~/">@details.Name</a>
+      <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarText"
+              aria-controls="navbarText" aria-expanded="false" aria-label="Toggle navigation">
+        <span class="navbar-toggler-icon"></span>
+      </button>
+      <div class="collapse navbar-collapse" id="navbarText">
+        @if (details.Subtitle is not null)
+        {
+          <span class="navbar-text">@details.Subtitle</span>
+        }
+        @* TODO: list pages for current web log *@
+        @await Html.PartialAsync("_LogOnOffPartial")
+      </div>
+    </div>
+  </nav>
+</header>
diff --git a/src/MyWebLog/Themes/Default/Shared/_Layout.cshtml b/src/MyWebLog/Themes/Default/Shared/_Layout.cshtml
index 52c9886..bc16fbe 100644
--- a/src/MyWebLog/Themes/Default/Shared/_Layout.cshtml
+++ b/src/MyWebLog/Themes/Default/Shared/_Layout.cshtml
@@ -1,14 +1,37 @@
 @inject IHttpContextAccessor ctxAcc
+@{
+    var details = WebLogCache.Get(ctxAcc.HttpContext!);
+}
 <!DOCTYPE html>
-
 <html lang="en">
 <head>
   <meta name="viewport" content="width=device-width">
-  <title>@ViewBag.Title &laquo; @WebLogCache.Get(ctxAcc.HttpContext!).Name</title>
+  <meta name="generator" content="myWebLog 2">
+  <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css"
+        integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
+  <link rel="stylesheet" href="~/css/@details.ThemePath/style.css">
+  @await RenderSectionAsync("Style", false)
+  <title>@ViewBag.Title &laquo; @details.Name</title>
 </head>
 <body>
-  <div>
+  @if (IsSectionDefined("Header"))
+  {
+    @await RenderSectionAsync("Header")
+  }
+  else
+  {
+    @await Html.PartialAsync("_DefaultHeader")
+  }
+  <main>
     @RenderBody()
-  </div>
+  </main>
+  @if (IsSectionDefined("Footer"))
+  {
+    @await RenderSectionAsync("Footer")
+  } else
+  {
+    @await Html.PartialAsync("_DefaultFooter")
+  }
+  @await RenderSectionAsync("Script", false)
 </body>
 </html>
diff --git a/src/MyWebLog/WebLogMiddleware.cs b/src/MyWebLog/WebLogMiddleware.cs
index c285b79..bc24d0e 100644
--- a/src/MyWebLog/WebLogMiddleware.cs
+++ b/src/MyWebLog/WebLogMiddleware.cs
@@ -73,17 +73,18 @@ public class WebLogMiddleware
     {
         var host = WebLogCache.HostToDb(context);
 
-        if (WebLogCache.Exists(host)) return;
-
-        var db = context.RequestServices.GetRequiredService<WebLogDbContext>();
-        var details = await db.WebLogDetails.FindByHost(context.Request.Host.ToUriComponent());
-        if (details == null)
+        if (!WebLogCache.Exists(host))
         {
-            context.Response.StatusCode = 404;
-            return;
+            var db = context.RequestServices.GetRequiredService<WebLogDbContext>();
+            var details = await db.WebLogDetails.FindByHost(context.Request.Host.ToUriComponent());
+            if (details == null)
+            {
+                context.Response.StatusCode = 404;
+                return;
+            }
+
+            WebLogCache.Set(host, details);
         }
-        
-        WebLogCache.Set(host, details);
 
         await _next.Invoke(context);
     }
diff --git a/src/MyWebLog/wwwroot/css/admin.css b/src/MyWebLog/wwwroot/css/admin.css
new file mode 100644
index 0000000..f720fda
--- /dev/null
+++ b/src/MyWebLog/wwwroot/css/admin.css
@@ -0,0 +1,5 @@
+footer {
+  background-color: #808080;
+  border-top: solid 1px black;
+  color: white;
+}
diff --git a/src/MyWebLog/wwwroot/img/logo-dark.png b/src/MyWebLog/wwwroot/img/logo-dark.png
new file mode 100644
index 0000000000000000000000000000000000000000..19bdcca2af3095d7f18345a28fbf9c6da0363daa
GIT binary patch
literal 3362
zcmV+-4c+pIP)<h;3K|Lk000e1NJLTq006T9001)x1^@s6+@v`x00006VoOIv00000
z008+zyMF)x010qNS#tmY3ljhU3ljkVnw%H_000McNliru;0p^B913U5xZMB%03B&m
zSad^gZEa<4bN~PV002XBWnpw>WFU8GbZ8()Nlj2>E@cM*01SpnL_t(|+U=ZskQCJw
z#(zC5Ao3EC2oXWEf}*0J5)f1n<q<Vy#Q-HL5oU%h2?QesVoF7#F$T$_eBc9jm!(A1
zEad}?5MMk*MNtU>K`<y71%(x47u*25bMr@^8P3dh&-B19%;Np3ruI(X$M)_1`rLEA
zdwRga!otGB!otGhdj=z)FYKiVhEP2}{|)M<-;-tE0jlr1Ec;GUeLt}eh$VAv;3ZWa
zoMqoDRrw5{W0ns>94}j&Xi*#JudGcqa6%S+KT&-RP!O=+F+ip2H>e(2QR}+oFd72i
zs+)9Oz<!-mh-`r80`|RJ_1Pojwq&+$#vx-r@QV5#)Jkd>W2^kV49E*e<~SAs|Fbs5
zlDRJY=7E3{pwAWZ_d8&@lv@B7W=ZA+mO>V_i4(+MjxV9zGPG|7?3K2QfIC#*do%QH
zo$|j<t!K)Ebu)4tWy-n+Q8fktjime<@J1GW`>SiV9{9}K5=-W~bTu*&Qv1s<1MdPm
z<$HIaO+XhTlO)#$xE**4*aqwaz6O@y>eMX`VxFe}(||QV1+WYF7p}&B!V$Rc?PO(J
z0&I~LZzr%8cm(Km5M%xXm?MUw64(wb1;UE2NA(KRRZVao&^%4sFQwfU<zGLe`rnYI
z@29HWfHdt!3(-uP&vvo&L0y6&qMrDT_YH9AVRADZ;7*byO25z3z_9_wY!1xNFxCQ~
z3Eu;Wag&<l)jn;yt2V{z_%GD)**<-Lq}uET8vC^SgK8HOwPgx$3vj<!RsG=g3_!er
zGS)ued9nBtffAscWU27%!$9VzQb_hLa33&1R*6M&zVZ6ElxydOM$$&_87u_u0&WFn
z06V0v@cTgK>1vXX__Wc%-Vk;C2kPQ~?W2eksJ`=j#viWQY><b?%c@OK?biFad-3{j
zapl8x!0A3q{d=nY+jUIl->7kRh+E)=K5{MNZKtLg^KR8{3(&)(O)KD^DG$*hk~zXv
zL?|Xo8Bs>(5Sa(7NpAFM^N!T-2U@1otx)~X_vl-y>TmL>Z=!DAHsFUD&bK(jN}_LC
zS%&f2h}#lx-?NU$+)AwkRb-Yjdq_KjD}%Q78M9K|mvhsMcdYp10p}5>4-sY(Wi?T@
zGD7^Fp&TQ}jrzn0)A^8T7^X8378B(g!nE^kS3naY+)soGA}nMmO;v4US^nb_?UY8s
zTav*#-0l%5m#O-W87%jh0JH9)+CQ3s%o75PH$}C-ua3xkvl`=xfPH4GKEL#+AFJwT
z1Q_pHzj=fdp_&n8Dh^9=7%9G2Tk<%aDA&@G&*k_&43&u`GnC{zI)s@-gfEEjmq39;
zm?$CM$DuE9JjQ2xI6^n7S&hR)9Gc-Ui01TGE%u7k=BH{5R`c~zBJ{CA9=>+ms;mVz
z`$XY!!aNgT?rT*!lQ#ZrfbsPCpI=9--({*iD`20$tMWx2_5D<NPJr=VPcO}dIR}Sz
zz$6?hF?^Y5(SUm-B5eb_Koy;nZdNrNB!oJi2(J-hDh?;%Fo7Fr>w8MWX-$MBgm@yM
zJ{Ue=W{P$@l!k<vjKjM)<foi{c@`4gl^JBU_e2pumQO961<8`@u6*Jh0iyifs&DHw
zH?Le2m`qro;z!p7&Pm*Lct2pD4^{azkNR%P2&@P&URioFJ3NU)d*De7C#T%7D*=OH
z5{3MX5;o%~YaF7Ap){o-FXPZdB5oIXHT+T+QHIf!bvRs{QuAQaw~?Gk3*I8c?>(a7
z9qeLF%CUdQMTtN0jT4XL0c-mOu-fCS;>v@2=E<6JkS**shd`1hY3eEhj<H9To7EAS
z<68DEg6E`^rTE8w*R4Ed4(WnePvj+TwqYto+(wkHm?W*$5aV8ondUR}Zd&j<(3L8B
zlE;f8V?myW922DkxDmrL97O=bGRl=K7GXRN_lSl3FNQfdoSm?+hIy3MnEY0;1m{bz
zaIv@^z14+WkYTAFu3U}haI@n2C}O?o)3<^A-7OkyHmIltqUrcycO8+rp|Z?Dp~>gf
zFaF>ia>ABN<|5H1-GHhTM=XWm6C56+n7^j<YpyKw8yG?udQrj}qG~59#wiIaSU?l1
z`I8X&RgsV`Qd6EtDKSRVi5Pd`a6N`iz&y&iiQVkyB=wXVKJb~-OUh>)BxJrKfSZ6w
zKQURc;+Fhk4y1X$E)lmEb^>js?SnE-Z6N3_Z3k7}UPol!A#-dc+^NdKnxot}QXagP
z1m6*D9_&K3pg2j(Gz_P(29d!e`FM?Rm`bsb%P1ElCh3)<=t7KzIE)8YQp7+UvEFW<
zH;A#42xBp<6e3RtE~khQl(L6*T&^Z!sNiv*InDR*o8$iSzLX#_72B0B*b(SL@Ga~O
z%0Sd+0Cv2x`swgvRbE*~WY%-+9<YxNZvX93zg4+frv(`AjLc*n#XuZ}DS|~41g)t-
z>`jVlcQH9p<EW=EkJE`To)Bw*OE4^;lD<;gM~%^uJl5mzFosRUh)~3@C{lW{qZ028
z?@;P%AwR?w-VsISY~1Z`fMo%eVC{zVPl>kExhP9j`Nmo#P-Ebd0PVDExTKEAyyzh2
zI82qj42cf<ejZ@FA(_b>QWnTCjv|WE47eh()Q1>DX<|t=7~V<J7#$wK!2zaV7{*iL
z9~$NFx++CG3=dMy1r#SX6b>jK$r}rgXYkRq1sxaAvU(A=H*lVmS7*>?OO$Idnqaxn
zL2*w8>-<yo&~2ga-b<XRT#EwWf(-4?<G|ZLpX0rA`n)RNO8SJUPIzn8DP%TmOFVr=
zOiz1?`*;Au$HW-HjD+SK$EuX?>wt49<o6USt7sSlY{sw=xQ%MMQN+!ZdISPZD8P|G
z!LWgiJeA=hYKiXZEXlk=Mc{)}ken$Ie<LIeKqF~?E&eYH#1)oB0nVup?&gD+N-+SE
zuE(7Lec6M-X5b+e3@*e!;i{LYOY!SB(I?)Rr`(q|a*w=rJG+Y7RPJ|jj#3Zufw!sV
zGD>PlUfIAQ%xyT_jKeCbxt^K++F&3=cviVUcT>n+0V4ZvNKOXYMDS$#*}(NF$NB|W
zzMDuJom=o9xe1$vWUYX+B=~Jp<37|>0lvgd!Wo9UO+Hs1oaR7Zk~8Jz0z(5R3zb<|
z?;#$F#w#iA*K*vv@G{^yncJmmUej>XUj1+(uvp2j6`~}4B>%6c1o0u<jhjX4+O((M
zU^JbGQkB>~kC0E4o`kuDFp~*$4gEZq-~}XaQaqByf4wfH?=FJ99~gg-W|N#XmhSUn
z8sf#bY+DFf(v4HBq%$&%na#(~k1q@`#|mJ4!0R?h6rpsROhbgw@nfHP>CCwc!;J}l
z(O_^`hQScxE8Lx~w&XL9#Wj+3=99b&n2jH)B|3mtvsk+KNHF$iV5C^j4kABQ%8K!^
zNRx9(-q!X*Ic^$gM8-Tr2(?uL&mswK4;S_VQIR0S5-7J9H)w~r4GV?v+p@Ukoq=CV
z3~;It_H!{z(`9u%PWAcL+s(*DL^%(`avZTZF@8&oXDN}~hywD6u?jeoU9_as-=DHL
zYS2|le6MMrJ$GN53NsnQiUg5i6~#<T5E)<wRa7w!_=-mU+ng3h6?Aghhq>-%I7FC=
z!^D*1lRbU75*AT+i8U6vXyy)JY3{li{b)cwvn2;(KJYv7mEWW&(8htq(T%ad!&2T1
z<fHOEa?8!gXBKcKF$PM2p@TV#qZiA7Yw&-svMKJ%2M?)ZcaoC0lsj%lm~l7^rixzV
z(Vw^mYuL&DjGH7D^&5TUQ;w_hd?ZRmGf_A$O;Ir(1)i+wpXLH0<m0fG7=8Ja738x9
zM-oa5k5LrpH6)Ari(LfEnybKlWBYGjmAPP<9USIhm`E|pi7-|Xc|XSU{Wy!G3n$@j
zhz!Jip|!oZ7T@9O@~d!n{brG(E$0@Q!xR7=h{^k34iQy5jbhKVL5rgcyKxh>N)Ba^
zBTMFyoJfd!sV2%y${58Z=sZ~y_&1X+ERL|6k;fk~tYaoG0MLLbs<zNKpW4DAr^q~l
zlQE1Sp1v62Dh_0T?I6Z2_V!rR4>C96J{-PcW8%j|^lu~Ios|1*VUfdRc7UsiF^k1i
z6JZoi;x`$dqcG(s2P`ZClIrkd6kTY*TB_-dVLN$z1T?}>iJ?EmNk1NLVUfd@xq%4e
zA=;A1T;gvSINV{0Y*D`~^H7eV1@Gf<mOA<<h5j!qT3BSZkw*e+sp2$d(}<Qp7aX1@
s#27xPwI5Egu&}VOu&}VOu&6EkAMef(^C99|x&QzG07*qoM6N<$f-6!%w*UYD

literal 0
HcmV?d00001

diff --git a/src/MyWebLog/wwwroot/img/logo-light.png b/src/MyWebLog/wwwroot/img/logo-light.png
new file mode 100644
index 0000000000000000000000000000000000000000..c2d3357fae1b842fc92a60c595f71ce0fba6f07a
GIT binary patch
literal 4135
zcmV+?5ZLdDP)<h;3K|Lk000e1NJLTq006T9001)x1^@s6+@v`x00006VoOIv00000
z008+zyMF)x010qNS#tmY3ljhU3ljkVnw%H_000McNliru;0p^B8X^QEx1j(403B&m
zSad^gZEa<4bN~PV002XBWnpw>WFU8GbZ8()Nlj2>E@cM*01t~vL_t(|+U=ZsbXC=z
z$3Oern-~HFP@qszX~72yB0h==Dk_4nSuQ%l@?FWjI`uJjX)EoFikVWzQk>3=Gu75Y
zfGJ`PKI&t@I>^I<FQWJ$up-*Vsv$xW67GfM-h1|M&mWu{HrM+&5mE!5?^>*|&)&b^
zIeYK#`R(8S?ccc&AV7cs0RjXF5a8<s<3U6|4MxKsoP+t{MdSl((r0x>)^**BEZNPS
zk=0tyuw=IcFGxV<1A!N;|6kmxjyuj}>HjOGPH1m$KgO@DQtBeBxGb=V0htekWwyzD
zYAhD(-wE-{>_Smd(PTeDpM3I32{7JzhJefg_8&DhHAN!Ql3qTw*4OxvOC%D<nGA@?
z(>~pkiI&VRkK6}^OAz?s-QPM_S(CKLr_Xz*B~$PHZLO}Z4*R&@&n?*(4krIL@R_^+
zrp6}Jq>73P<-_N_)RWx}yzX5q8$EjTSw3z#(Yp8Yz?=j)V2H(H{Y6BltxhtTJSAWI
z#>U28B9ibd)GDp@y_UtAUEp3v*!OC0Z~s<cnFGswz|gyQ@5Z!s1qg*gd7~PA`}Vy^
zDOK!E?g|lE={F)$T3UL6Qp)jUYfDN>{t}pzfXrRyYAB`h64DOIX|0#7Tet2FW6Tck
z(wKNWJ|K^KGSMpLjbg;(@c~-vdqiZNh-?#)q=<YjB5SnPGn$*5%R1Z7_V)InA~IJ*
zHi}40L|R4U9TAz;$w<xt!S3C=2WzeG6_GU}QZFJ25!oRkn?&T{R4R35XLY)+dx?lF
z5s|-$NSlak7m-)A*5y@IRn8&5!X%T)QC0_&O-)U`^K9TgOK<$r{<Vnw-inA^mq+%`
z>2|K`UX*8pd6S5=nmiDZ?XK%y;MXN^UH3{6*_B6Mlk2+Y|1I2%ii!%QwZ2b8+Drk6
z$m0zS4W)&2HZ?W%7Ln%*=vrQ1U*F@9kIINhokg@Oa*%$EH4v2+`EIbTFV0~VziqXN
z*VWY>mg6~oX0;O$c}YYnwAOcu$S*`>qy6HgQmL_pi08WQBu`gTM4r)F-=np@TSOL$
z$WA*{m`o-|b~Twr<gpBry&)nGXsz!Oky#?LN<_q}U$<q;mf~Fcwrtr_EF$Zy_F6<<
z6p{P2);|=HM@6LBtDE<AAoH)RPClH&V%}>J{z}Uw7?>V>5&1k@L_}+Sv!(yJ9Qv=e
z+I)~qCdcHkYIj-fYSYVS4&t?l$W{^AoJb^&&$iTy$eULCSG$tTTI(NKdYWC=y(C+^
zR4O%2L_W9L&dD=(Kea=psZ{EW%r>p9t^Gvgj~Oq~ev&!D<wU3?N+VHj>Mmq<UH4+E
zlON?6wAZ})R7*=spNzWoY57ztby^nLrIsu5{mlCM`uZN}$rF)nyLa#YW`UQlGT%y)
zF=>tY^u^=x0V1;9dj7FpL1vFoJ3Sq4DwWC`%1otFXNZXFwcj0!#g53Kvn@R@$z*bL
zE`1FR4W%No$$vk}8ApT#M0uYmTe+S+{?1fNyz9pLCzNyCelxM0<A|`DC{2_zIA^<?
z=|O~F5Fti{7nw@WbX8ql-C-gUPj@ttNF19hgeM|v@>vJ1^*wf7RaKQEB8^r^?wEX*
zTWftwp)RLVsWYrec_bg1wbpm}SeYs;eGha6nYGqGuyp*^=Zd-5>c_2Fblzs^eALG?
zT$QUIjzy?mM45x)6%;oDBY{DLIi4t2(TBf!*OM69(i?mnY~N8)&I}@aN`!y&(N{$|
zQ5>pKoCh3^p(MwOa0;6DQQVE97mCUB=InI!(4j*Uz>0J^91dTc5mvj{3ac&4GDyp;
zsKq{c8dIiB8Kaas!js)pQd079mPp4XX~M+g@!uEf_>LVrHd)2IvGGJA@q~{_w)=Ei
zSFC<YsSB<9E%Hg`DocKR7M&BUwo3}>YinzJIe%!boRd*(24<jW!|+*0ix9Jb$AJOB
zA8<Ji*gIL8qXD>q!-=p0hdC&YL~$3_F(~I#UCj|hScAiFfj!X&!&@w1-`MR`iYR9$
ziZ@UU%Xs>oenWIhsmpRqJOIx;^URyZm?p1ymK{2C9LG<V+!*gZs;sQ6xzH|uz<>d9
zOZJF7e(uiF($dcgP4cc?yK1fC;4bp!PWGNjH#9U<`w>W`Qg2(u;aQrTk~RX(&CTlz
z>3i_O2OIN~S@Am*LxA65I4WbpE&~jP8O&n}3;7sjSz`y6sr00XWhl-7k{xwn`eeOp
zlxg&2Gm3LEY989BbR*xOjCDBt3y`@RZl;xu85Zn+jWNb6PDn=_R<B+i0w#Nd_Gxi(
z@%x#NG;P{60bcS587?a;o0u)WEF!s%um|i1NqXd|i}_LT;fEjYvWmUBh|K9&cI#0`
z9o6nfps}&hCSSii<F<3)z=6Abgau8mx^Rd6HOyf?KOxE}40f#5Ak3zcx!FwzamsiZ
z7=_DN!aNIn+tXg0g~$tm?_pSrvIt;U%T5+sZp9raW&vfuCm5EX7)d&H)9@Ti*_Gi+
zY!#8Wfzy;yr9*}cIR{uVZrr%Dl~U<}T%N}YE>lWf?OEf=z|&q<+&Hg3R$E*9rySxT
zuT9(-b6+P(65C&v4Ie(dr@bfaA~F|stjGTSY@2-9<kBx*`~E)M9x~5oq_?E^1eT&a
zOJUf8;@4F2%M7{RmStXv!NG7Q3)x7Ny(dw^P~iQJ&70=u9+CeKcoi!z7{lExMYxG$
z5$;EEErvSaId<}W;-ol|Myvf>Ir{WM+Gq3#xgrz_U20j@WqJIuKbDr3isxHT1{gee
z@HtAUv>*TSNhh6@%H;+FgMgB!o_gvb&(a?V_&TL6EiFCTDsJy0GB<mD>{ne~9X|c^
z)7?S>0|ySYPbQnP1!I6dp3y3Zd<SCt4pbSH!0{Ggu4djBhzw>QAFmk294b9>8OsF`
zwgNDn5eP4$xC7Y0d?ukh>%B*2CBg<G+=gL;N911t6PeHTEM*sinP|O4h8VxeVF{kM
ziWgh162_QhOH0d&T!Yc8SFi0rwdYzKlSm{+IF4gy$>lr3{vhq5Oqnv}KyJVe_uQns
z2!%r5v5FhIh|C>*96fsU7(W8V#l`mK_Ps1kwt6~yBoc|?h4ht`m7P$S%+r~KVwy#;
zXa_;R7=uVyrA4$dv!g~?Z(o?>iEsxF8-a5%ET@h0yxMV=j$;T@i{igA)FDKe&p$Gs
zkF0xMV?EnzEG4UjoIQK?+s2rBZ-7Q7lgW`vsZn0_+W!6f7g~asTM>~9fR5dEGMUVm
z^7)EItnVGb2*P3G$B#ePN4x8+)n`o?k$F{T`{+2%H0!yt8ItwZc>leRm-foSWOnxE
z>0-E@`OMFwbA88B?{EuCkq$}2YgW6(DE<?L0xB>}<1x=aG?u@+CrU9G!$a)kbSkL?
z%s!D1un!h~Q(%Lz%o?EEeOlJEWnXR)<ZR$nPxk#DJ$mGf&nA<}g~pilINVg|K%rB9
zhU3i2XPsTw{kwFC%NSGt&O7gP$){Y&WO9KqChc0>oJyrmFVOx}*kgo@F@LSCt$i*_
z=<XS7ynmQ4Vahu@xYf_W#gDv$kd+17-oQ7Bu$k$M$Py2}FXLck6H!KGx!*XV)DhuB
zqWn0kuDxylsY73cS|*Tp*>zp_3M;U_)jCKSQK)O)0m=6C$(x_!SZiV)wU42-)>q~F
zSYY+))gjk)CyU6c9GlTEB<wUcHulQW*Ng1@46Su}o(=AP9|McXFYS}bTnSgHRO(E7
z?6ua@a*czC)LJ^<%y!zDOeRNpnRK7!>W8vOI1G3d&4n!7H{{jXm639Og5n1#-bHgQ
z3uxRglMvwv%LV!=^SD1>^KIL<_3Yojf0I(`Fl!>~9LM>V&k0+sl)5&<VowN%!+DqQ
z`uh4Fg9Z&+qm(+sy6=a;OU9Uw0oRMFoCJ(lN)1TIrn3>x`}-NNPAN6b7_$v{(iroR
zQmQv_o>J<3OXf+(ai-=Yv-h_RpI?<bj<e6QUQ<(3G-AYvm+Zq1W6bNoN@Gl;QmU`F
zu|GfEFJsJH$8l!liAA3k3WZi%dFC<TX=6+cP^6R^3tS2~B649U6k3%Y8^>{maM0i;
zjwOoQaeN+O7*WPj&YhGqlXAYB%~FfV@(j!Na3{h^*JQ~0`aUrIB8kXiJ8P^!TH~{Y
ztY~v{bD4;&ETE^drlzJS-?N!7foyub)PZ@0`Y0kXt@Ry##?4!$cI43&cU||&s;Vl-
zx^|F#91-PbmW!c@vXuz+M0uMiTfOVgW+CLQ_F%ZKd%5qRZ^q|QBJ$*y@Gnmhk^c~p
z4I<JcBCeNEUne3jYOQA`lgShPx&+nL)nTpmKZwX{UIP4X5&1|&7Nk<C@qV7^K#|$%
z<H=qh-xHB$FGaP%OQ!$lcsxF^Gh^l@OwIQ6#YAMM_aVaE_V)In04*&oeXX(CkloGb
zo<u$s!|Nz7STFn-;RzP<u@}1zBfJZoNGp9<y6^FJfI|<-WO7tdQPF$e%elf%HR!&d
zO_ehf!}<;)!@E>6w}Z$4kK*ETJJ3KeCYb6&AE8j_Y^!MJeGu-3&#Q<q2gThP*Jth%
zu1jMftLVDKngHF697>g2`=VE}$C<kWCJ-XR5)_vJ4_I;UKQWKzf~ov^Lu-ATQtCUN
zi}CT=wQFDOzGNQ8BH%=XNkG)9c|MrRLl+{l)^*+Q=K8MEix5>PrT)v>%-%O)!UWwt
zH-P2bjza}5XA)*Cco}qt9i$k^|4<)H`=JRd{=Jhu31~IOm=>i}FW@-##H{;T?H_R*
z=hiR!r`-V&hN0Mma2|hVJ;T_D;slS(zh*wS1XF%UTjo}!RGAOb$BZ%eheDx$&sN_Z
zHh>Dn5)5}!$?HV8%_4FN!z00TAKGYcZa%VKzkXLLr6vKRfgwOoU^jcxM&C8Ytct~A
zi~9EM+mcJqS5M}0ZU&A<Ske*8*o(PTW=$Ima0tQ6WL)U|`_lMo$$TT<z+pC;C<|z0
zI_KhjOXpeUr-P{u;1^$QG$YKvV%W?A{s2IT3afTr&V1?s0lF2LujeQX*8`7vo50I~
zbOu;6!kxkN1UNXzT+9O~8u*CxkBQj7jr>z8yX>RP00Ef~a0COcKv=|TG!dqw_WULT
z@HF!>esUl{0H37#+haN-2(byx*%-DHrUod+(1zgxD);_)cz^)i+cJl|&&nMJ5#~wK
zKk%ZsHz0C=gUd2crGzr7QJiF5eS~>_K2{76AeW8&DzFKc;Vh<@KEMbRkK=F)Zy~{y
l1PBlyK!5-N0tD!0_<#2<S_NsRXUPBn002ovPDHLkV1hj3^1T26

literal 0
HcmV?d00001