santhoshsnair/DamageAssessment_Backend
1
0
Fork 0
forked from MDCPS/DamageAssessment_Backend
Code Pull Requests Activity

implementation of Authentication using JWT. Security applied on all microservices endpoints.

Browse Source
This commit is contained in:
Reginald Cherenfant Jasmin
2023-09-20 00:32:30 -04:00
parent 8d386af40a
commit 77816605d1
75 changed files with 1744 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
DamageAssesmentApi/DamageAssesment.Api.Surveys/Controllers/SurveysController.cs
View File

@ -1,4 +1,5 @@
using DamageAssesment.Api.Surveys.Interfaces;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace DamageAssesment.Api.Surveys.Controllers
@ -15,7 +16,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
/// <summary>
/// GET request for retrieving surveys.
/// </summary>
[Authorize(Roles ="admin,survey,user,report")]
[Route("Surveys")]
[Route("Surveys/{language:alpha}")]
[HttpGet]
@ -32,6 +33,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
/// <summary>
/// GET request for retrieving surveys by ID.
/// </summary>
[Authorize(Roles = "admin,survey,user,report")]
[Route("Surveys/{id:int}")]
[Route("Surveys/{id:int}/{language:alpha}")]
[HttpGet]
@ -47,7 +49,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
/// <summary>
/// POST request for creating a new survey.
/// </summary>
[Authorize(Roles = "admin,survey,user,report")]
[HttpPost("Surveys")]
public async Task<ActionResult> PostSurveysAsync(Models.Survey survey)
{
@ -62,7 +64,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
/// PUT request for updating an existing survey (surveyId,Updated Survey data).
/// </summary>
[Authorize(Roles = "admin,survey")]
[HttpPut("Surveys/{id}")]
public async Task<ActionResult> PutSurveysAsync(int id, Models.Survey survey)
{
@ -80,6 +82,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
/// <summary>
/// DELETE request for deleting a survey by ID.
/// </summary>
[Authorize(Roles = "admin,survey")]
[HttpDelete("Surveys/{id}")]
public async Task<ActionResult> DeleteSurveysAsync(int id)
{

37
DamageAssesmentApi/DamageAssesment.Api.Surveys/Program.cs
View File

@ -6,6 +6,7 @@ using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using System.Text;
using System.Reflection;
using Microsoft.OpenApi.Models;
var builder = WebApplication.CreateBuilder(args);
@ -34,14 +35,44 @@ builder.Services.AddControllers();
builder.Services.AddScoped<ISurveyProvider, SurveysProvider>();
builder.Services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
builder.Services.AddEndpointsApiExplorer();
//builder.Services.AddSwaggerGen();
builder.Services.AddSwaggerGen(c =>
builder.Services.AddSwaggerGen(options =>
{
// Include XML comments from your assembly
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath);
options.IncludeXmlComments(xmlPath);
OpenApiSecurityScheme securityDefinition = new OpenApiSecurityScheme()
{
Name = "Bearer",
BearerFormat = "JWT",
Scheme = "bearer",
Description = "Specify the authorization token.",
In = ParameterLocation.Header,
Type = SecuritySchemeType.Http,
};
options.AddSecurityDefinition("jwt_auth", securityDefinition);
// Make sure swagger UI requires a Bearer token specified
OpenApiSecurityScheme securityScheme = new OpenApiSecurityScheme()
{
Reference = new OpenApiReference()
{
Id = "jwt_auth",
Type = ReferenceType.SecurityScheme
}
};
OpenApiSecurityRequirement securityRequirements = new OpenApiSecurityRequirement()
{
{securityScheme, new string[] { }},
};
options.AddSecurityRequirement(securityRequirements);
});
builder.Services.AddDbContext<SurveysDbContext>(option =>
{
option.UseInMemoryDatabase("Surveys");