santhoshsnair/DamageAssessment_Backend
1
0
Fork 0
forked from MDCPS/DamageAssessment_Backend
Code Pull Requests Activity

implementation of Authentication using JWT. Security applied on all microservices endpoints.

Browse Source
This commit is contained in:
Reginald Cherenfant Jasmin
2023-09-20 00:32:30 -04:00
parent 8d386af40a
commit 77816605d1
75 changed files with 1744 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
DamageAssesmentApi/DamageAssesment.Api.UsersAccess/Controllers/UsersAccessController.cs Normal file
View File

@ -0,0 +1,127 @@
using DamageAssesment.Api.UsersAccess.Interfaces;
using DamageAssesment.Api.UsersAccess.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.IdentityModel.Tokens.Jwt;
using System.IO;
namespace DamageAssesment.Api.UsersAccess.Controllers
{
[ApiController]
public class UsersAccessController : ControllerBase
{
private IUsersAccessProvider userAccessProvider;
public UsersAccessController(IUsersAccessProvider userAccessProvider)
{
this.userAccessProvider = userAccessProvider;
}
[Authorize(Policy = "Dadeschools")]
[HttpPost("token/{employecode}")]
public async Task<ActionResult> AuthenticateAsync(string employecode)
{
/* if (Request.Headers.TryGetValue("Authorization", out var headerAuth))
{
var jwtToken = headerAuth.First().Split(new[] { ' ' }, StringSplitOptions.RemoveEmptyEntries)[1];
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(jwtToken) as JwtSecurityToken;
return Ok(jsonToken.Payload.Sub);
} */
var result = await userAccessProvider.AuthenticateAsync(employecode);
if (result.IsSuccess)
{
return Ok(result.TokenResponse);
}
return Unauthorized(result.ErrorMessage);
}
[Authorize(Policy = "Dadeschools")]
[HttpPost("refreshtoken")]
public async Task<ActionResult> RefreshTokenAsync(TokenResponse tokenResponse)
{
var result = await userAccessProvider.RefreshTokenAsync(tokenResponse);
if (result.IsSuccess)
{
return Ok(result.TokenResponse);
}
return Unauthorized(result.ErrorMessage);
}
[Authorize(Policy = "DamageApp", Roles ="admin")]
[HttpGet("users")]
public async Task<ActionResult> GetUsersAsync()
{
var result = await userAccessProvider.GetUsersAsync();
if (result.IsSuccess)
{
return Ok(result.Users);
}
return NoContent();
}
[Authorize(Policy = "DamageApp", Roles = "admin")]
[HttpGet("users/{Id}")]
public async Task<ActionResult> GetUsersAsync(int Id)
{
var result = await userAccessProvider.GetUsersAsync(Id);
if (result.IsSuccess)
{
return Ok(result.User);
}
return NotFound();
}
[Authorize(Policy = "DamageApp", Roles = "admin")]
[HttpGet("roles")]
public async Task<ActionResult> GetRolesAsync()
{
var result = await userAccessProvider.GetRolesAsync();
if (result.IsSuccess)
{
return Ok(result.Roles);
}
return NoContent();
}
[Authorize(Policy = "DamageApp", Roles = "admin")]
[HttpPost("users")]
public async Task<ActionResult> PostUserAsync(User user)
{
var result = await userAccessProvider.PostUserAsync(user);
if (result.IsSuccess)
{
return Ok(result.User);
}
return BadRequest(result.ErrorMessage);
}
[Authorize(Policy = "DamageApp", Roles = "admin")]
[HttpPut("users/{Id}")]
public async Task<ActionResult> PutUserAsync(int Id, User user)
{
var result = await userAccessProvider.PutUserAsync(Id, user);
if (result.IsSuccess)
{
return Ok(result.User);
}
if (result.ErrorMessage == "Not Found")
return NotFound(result.ErrorMessage);
return BadRequest(result.ErrorMessage);
}
[Authorize(Policy = "DamageApp", Roles = "admin")]
[HttpDelete("users/{Id}")]
public async Task<ActionResult> DeleteSurveysAsync(int Id)
{
var result = await userAccessProvider.DeleteUserAsync(Id);
if (result.IsSuccess)
{
return Ok(result.User);
}
return NotFound();
}
}
}