forked from MDCPS/DamageAssessment_Backend
user access module with latest dev branch changes
This commit is contained in:
uppuv
@ -1,6 +1,7 @@
|
||||
using Azure;
|
||||
using DamageAssesment.Api.Attachments.Interfaces;
|
||||
using DamageAssesment.Api.Attachments.Models;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using System.Net.Http.Headers;
|
||||
@ -21,7 +22,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
|
||||
/// <summary>
|
||||
/// Get all attachments.
|
||||
/// </summary>
|
||||
|
||||
[Authorize(Roles = "admin")]
|
||||
[HttpGet("attachments")]
|
||||
public async Task<ActionResult> GetAttachmentsAsync()
|
||||
{
|
||||
@ -37,6 +38,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
|
||||
/// <summary>
|
||||
/// Get all attachments by attachmentId.
|
||||
/// </summary>
|
||||
[Authorize(Roles = "admin")]
|
||||
[HttpGet("attachments/{id}")]
|
||||
public async Task<ActionResult> GetAttachmentbyIdAsync(int id)
|
||||
{
|
||||
@ -80,7 +82,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
|
||||
/// <summary>
|
||||
/// Save new Attachment(s)
|
||||
/// </summary>
|
||||
|
||||
[Authorize(Roles = "admin")]
|
||||
[HttpPost("attachments"), DisableRequestSizeLimit]
|
||||
public async Task<IActionResult> UploadAttachmentAsync(AttachmentInfo attachmentInfo)
|
||||
{
|
||||
@ -107,7 +109,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
|
||||
/// <summary>
|
||||
/// Modify an new attachment.
|
||||
/// </summary>
|
||||
|
||||
[Authorize(Roles = "admin")]
|
||||
[HttpPut("attachments"), DisableRequestSizeLimit]
|
||||
public async Task<IActionResult> UpdateAttachmentAsync(AttachmentInfo attachmentInfo)
|
||||
{
|
||||
@ -138,6 +140,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
|
||||
/// <summary>
|
||||
/// Delete an existing attachment.
|
||||
/// </summary>
|
||||
[Authorize(Roles = "admin")]
|
||||
[HttpDelete("attachments/{id}")]
|
||||
public async Task<IActionResult> DeleteAttachment(int id)
|
||||
{
|
||||
|
||||
@ -1,25 +1,75 @@
|
||||
using DamageAssesment.Api.Attachments.Db;
|
||||
using DamageAssesment.Api.Attachments.Interfaces;
|
||||
using DamageAssesment.Api.Attachments.Providers;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Http.Features;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.FileProviders;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using Microsoft.OpenApi.Models;
|
||||
using System.Reflection;
|
||||
using System.Text;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
var authkey = builder.Configuration.GetValue<string>("JwtSettings:securitykey");
|
||||
builder.Services.AddAuthentication(item =>
|
||||
{
|
||||
item.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
item.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
}).AddJwtBearer(item =>
|
||||
{
|
||||
item.RequireHttpsMetadata = true;
|
||||
item.SaveToken = true;
|
||||
item.TokenValidationParameters = new TokenValidationParameters()
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authkey)),
|
||||
ValidateIssuer = false,
|
||||
ValidateAudience = false,
|
||||
ClockSkew = TimeSpan.Zero
|
||||
};
|
||||
});
|
||||
// Add services to the container.
|
||||
|
||||
builder.Services.AddControllers();
|
||||
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
|
||||
builder.Services.AddEndpointsApiExplorer();
|
||||
//builder.Services.AddSwaggerGen();
|
||||
builder.Services.AddSwaggerGen(c =>
|
||||
builder.Services.AddSwaggerGen(options =>
|
||||
{
|
||||
// Include XML comments from your assembly
|
||||
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
|
||||
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
|
||||
c.IncludeXmlComments(xmlPath);
|
||||
options.IncludeXmlComments(xmlPath);
|
||||
|
||||
OpenApiSecurityScheme securityDefinition = new OpenApiSecurityScheme()
|
||||
{
|
||||
Name = "Bearer",
|
||||
BearerFormat = "JWT",
|
||||
Scheme = "bearer",
|
||||
Description = "Specify the authorization token.",
|
||||
In = ParameterLocation.Header,
|
||||
Type = SecuritySchemeType.Http,
|
||||
};
|
||||
|
||||
options.AddSecurityDefinition("jwt_auth", securityDefinition);
|
||||
|
||||
// Make sure swagger UI requires a Bearer token specified
|
||||
OpenApiSecurityScheme securityScheme = new OpenApiSecurityScheme()
|
||||
{
|
||||
Reference = new OpenApiReference()
|
||||
{
|
||||
Id = "jwt_auth",
|
||||
Type = ReferenceType.SecurityScheme
|
||||
}
|
||||
};
|
||||
|
||||
OpenApiSecurityRequirement securityRequirements = new OpenApiSecurityRequirement()
|
||||
{
|
||||
{securityScheme, new string[] { }},
|
||||
};
|
||||
|
||||
options.AddSecurityRequirement(securityRequirements);
|
||||
});
|
||||
builder.Services.AddScoped<IAttachmentsProvider, AttachmentsProvider>();
|
||||
builder.Services.AddScoped<IUploadService, UploadService>();
|
||||
@ -45,6 +95,7 @@ if (app.Environment.IsDevelopment())
|
||||
app.UseSwaggerUI();
|
||||
}
|
||||
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
app.UseHttpsRedirection();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user