santhoshsnair/DamageAssessment_Backend
1
0
Fork 0
forked from MDCPS/DamageAssessment_Backend
Code Pull Requests Activity

implementation of Authentication using JWT. Security applied on all microservices endpoints.

Browse Source
This commit is contained in:
Reginald Cherenfant Jasmin
2023-09-20 00:32:30 -04:00
parent 8d386af40a
commit 77816605d1
75 changed files with 1744 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
DamageAssesmentApi/DamageAssesment.Api.Documents/Controllers/DocumentsController.cs
View File

@ -2,6 +2,7 @@
using DamageAssesment.Api.Documents.Interfaces;
using DamageAssesment.Api.Documents.Models;
using DamageAssesment.Api.Documents.Providers;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
@ -24,6 +25,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// Get all document link type.
/// </summary>
[HttpGet]
[Authorize(Roles = "admin")]
[Route("doculinks/types")]
public async Task<IActionResult> GetLinkTypesAsync()
{
@ -37,6 +39,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Get a document link type by id.
/// </summary>
[Authorize(Roles = "admin")]
[HttpGet]
[Route("doculinks/types/{id}")]
public async Task<IActionResult> GetLinkTypeAsync(int id)
@ -51,6 +54,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Update a existing document link type.
/// </summary>
[Authorize(Roles = "admin")]
[HttpPut]
[Route("doculinks/types")]
public async Task<IActionResult> UpdateLinkType(Models.LinkType linkType)
@ -72,6 +76,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Create a new document link type.
/// </summary>
[Authorize(Roles = "admin")]
[HttpPost]
[Route("doculinks/types")]
public async Task<IActionResult> CreateLinkType(Models.LinkType linkType)
@ -90,6 +95,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Delete a existing document link type by id.
/// </summary>
[Authorize(Roles = "admin")]
[HttpDelete]
[Route("doculinks/types/{id}")]
public async Task<IActionResult> DeleteLinkType(int id)
@ -101,11 +107,12 @@ namespace DamageAssesment.Api.Documents.Controllers
}
return NotFound();
}
/// <summary>
/// Get all documents.
/// </summary>
///
[Route("doculinks")]
/// <summary>
/// Get all documents.
/// </summary>
[Authorize(Roles = "admin")]
[Route("doculinks")]
[Route("doculinks/{linktype:alpha}")]
[Route("doculinks/{linktype:alpha}/{language:alpha}")]
[HttpGet]
@ -138,6 +145,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Get a document by id.
/// </summary>
[Authorize(Roles = "admin")]
[HttpGet]
[Route("doculinks/{id}")]
[Route("doculinks/{id}/{linktype:alpha}")]
@ -154,6 +162,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Upload new document.
/// </summary>
[Authorize(Roles = "admin")]
[HttpPut]
[Route("doculinks/{id}")]
public async Task<IActionResult> UpdateDocument(int id,DocumentInfo documentInfo)
@ -178,6 +187,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// update existing document.
/// </summary>
[Authorize(Roles = "admin")]
[HttpPost]
[Route("doculinks")]
public async Task<IActionResult> CreateDocument(DocumentInfo documentInfo)
@ -205,6 +215,7 @@ namespace DamageAssesment.Api.Documents.Controllers
/// <summary>
/// Delete document by id.
/// </summary>
[Authorize(Roles = "admin")]
[HttpDelete]
[Route("doculinks/{id}")]
public async Task<IActionResult> DeleteDocument(int id)

1
DamageAssesmentApi/DamageAssesment.Api.Documents/DASA_Documents/Active/Document_1.txt
View File

@ -1 +0,0 @@
sample

1
DamageAssesmentApi/DamageAssesment.Api.Documents/DamageAssesment.Api.DocuLinks.csproj
View File

@ -10,6 +10,7 @@
<ItemGroup>
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
<PackageReference Include="Azure.Storage.Blobs" Version="12.16.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
<PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.9" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.9">

59
DamageAssesmentApi/DamageAssesment.Api.Documents/Program.cs
View File

@ -2,23 +2,73 @@ using DamageAssesment.Api.Documents.Db;
using DamageAssesment.Api.Documents.Interfaces;
using DamageAssesment.Api.Documents.Providers;
using Microsoft.EntityFrameworkCore;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Reflection;
using System.Text;
using Microsoft.OpenApi.Models;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
var authkey = builder.Configuration.GetValue<string>("JwtSettings:securitykey");
builder.Services.AddAuthentication(item =>
{
item.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
item.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(item =>
{
item.RequireHttpsMetadata = true;
item.SaveToken = true;
item.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authkey)),
ValidateIssuer = false,
ValidateAudience = false,
ClockSkew = TimeSpan.Zero
};
});
builder.Services.AddControllers();
builder.Services.AddSwaggerGen(c =>
builder.Services.AddSwaggerGen(options =>
{
// Include XML comments from your assembly
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath);
options.IncludeXmlComments(xmlPath);
OpenApiSecurityScheme securityDefinition = new OpenApiSecurityScheme()
{
Name = "Bearer",
BearerFormat = "JWT",
Scheme = "bearer",
Description = "Specify the authorization token.",
In = ParameterLocation.Header,
Type = SecuritySchemeType.Http,
};
options.AddSecurityDefinition("jwt_auth", securityDefinition);
// Make sure swagger UI requires a Bearer token specified
OpenApiSecurityScheme securityScheme = new OpenApiSecurityScheme()
{
Reference = new OpenApiReference()
{
Id = "jwt_auth",
Type = ReferenceType.SecurityScheme
}
};
OpenApiSecurityRequirement securityRequirements = new OpenApiSecurityRequirement()
{
{securityScheme, new string[] { }},
};
options.AddSecurityRequirement(securityRequirements);
});
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
//builder.Services.AddSwaggerGen();
builder.Services.AddScoped<IDocumentsProvider, documentsProvider>();
builder.Services.AddScoped<IUploadService, UploadService>();
builder.Services.AddScoped<IAzureBlobService, AzureBlobService>();
@ -36,6 +86,7 @@ if (app.Environment.IsDevelopment())
app.UseSwaggerUI();
}
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();

2
DamageAssesmentApi/DamageAssesment.Api.Documents/Properties/launchSettings.json
View File

@ -14,7 +14,7 @@
"dotnetRunMessages": true,
"launchBrowser": true,
"launchUrl": "swagger",
"applicationUrl": "http://localhost:5133",
"applicationUrl": "http://localhost:5136",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}

4
DamageAssesmentApi/DamageAssesment.Api.Documents/appsettings.json
View File

@ -6,8 +6,12 @@
}
},
"AllowedHosts": "*",
"JwtSettings": {
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
},
"Fileupload": {
"folderpath": "DASA_Documents/Active",
"Deletepath": "DASA_Documents/Deleted"
}
}