Authorization fixed

author: transtrike <transtrike@gmail.com> 2020-12-16 19:00:00 +0200
committer: transtrike <transtrike@gmail.com> 2020-12-16 19:00:00 +0200
commit: fb2803789e012cda1aca4c5f8bef779923f5db61 (patch)
tree: 05a0e24af85915dc8698ebc3bdce6e934a73da4e /src/DevHive.Web
parent: e46bfcf0d9ef6e927b2922c63dacde9442fe82d3 (diff)
download: DevHive-fb2803789e012cda1aca4c5f8bef779923f5db61.tar
DevHive-fb2803789e012cda1aca4c5f8bef779923f5db61.tar.gz
DevHive-fb2803789e012cda1aca4c5f8bef779923f5db61.zip
5 files changed, 14 insertions, 5 deletions
diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs
index 0fe32de..e656137 100644
--- a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs
+++ b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs
@@ -6,6 +6,7 @@ using DevHive.Data.Models;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Builder;
 using System;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 
 namespace DevHive.Web.Configurations.Extensions
 {
@@ -40,8 +41,12 @@ namespace DevHive.Web.Configurations.Extensions
 
 			services.AddAuthorization(options =>
 			{
-				options.AddPolicy($"{Role.DefaultRole}",
-					policy => policy.RequireRole($"{Role.DefaultRole}"));
+				options.AddPolicy("User", options => 
+				{
+					options.RequireAuthenticatedUser();
+					options.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme);
+					options.RequireRole("User");
+				});
 			});
 		}
 
diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs
index bc5ac15..d422bc8 100644
--- a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs
+++ b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs
@@ -43,7 +43,7 @@ namespace DevHive.Web.Configurations.Extensions
 				x.SaveToken = true;
 				x.TokenValidationParameters = new TokenValidationParameters
 				{
-					ValidateIssuerSigningKey = true,
+					//ValidateIssuerSigningKey = false,
 					IssuerSigningKey = new SymmetricSecurityKey(key),
 					ValidateIssuer = false,
 					ValidateAudience = false
diff --git a/src/DevHive.Web/Controllers/RoleController.cs b/src/DevHive.Web/Controllers/RoleController.cs
index 1e11ee1..610d370 100644
--- a/src/DevHive.Web/Controllers/RoleController.cs
+++ b/src/DevHive.Web/Controllers/RoleController.cs
@@ -6,11 +6,13 @@ using DevHive.Web.Models.Identity.Role;
 using AutoMapper;
 using DevHive.Services.Models.Identity.Role;
 using System;
+using Microsoft.AspNetCore.Authorization;
 
 namespace DevHive.Web.Controllers
 {
     [ApiController]
 	[Route("/api/[controller]")]
+	//[Authorize(Roles = "Admin")]
 	public class RoleController
 	{
 		private readonly RoleService _roleService;
diff --git a/src/DevHive.Web/Controllers/UserController.cs b/src/DevHive.Web/Controllers/UserController.cs
index f952355..80e1bde 100644
--- a/src/DevHive.Web/Controllers/UserController.cs
+++ b/src/DevHive.Web/Controllers/UserController.cs
@@ -14,6 +14,7 @@ namespace DevHive.Web.Controllers
 {
 	[ApiController]
 	[Route("/api/[controller]")]
+	[Authorize(Roles = "User")]
 	public class UserController: ControllerBase
 	{
 		private readonly UserService _userService;
@@ -27,6 +28,7 @@ namespace DevHive.Web.Controllers
 
 		[HttpPost]
 		[Route("Login")]
+		[AllowAnonymous]
 		public async Task<IActionResult> Login([FromBody] LoginWebModel loginModel)
 		{
 			LoginServiceModel loginServiceModel = this._userMapper.Map<LoginServiceModel>(loginModel);
@@ -39,6 +41,7 @@ namespace DevHive.Web.Controllers
 
 		[HttpPost]
 		[Route("Register")]
+		[AllowAnonymous]
 		public async Task<IActionResult> Register([FromBody] RegisterWebModel registerModel)
 		{
 			RegisterServiceModel registerServiceModel = this._userMapper.Map<RegisterServiceModel>(registerModel);
@@ -61,7 +64,6 @@ namespace DevHive.Web.Controllers
 
 		//Update
 		[HttpPut]
-		[Authorize(Roles = Role.DefaultRole)]
 		public async Task<IActionResult> Update(Guid id, [FromBody] UpdateUserWebModel updateModel)
 		{
 			UpdateUserServiceModel updateUserServiceModel = this._userMapper.Map<UpdateUserServiceModel>(updateModel);
@@ -76,7 +78,6 @@ namespace DevHive.Web.Controllers
 
 		//Delete
 		[HttpDelete]
-		[Authorize(Roles = Role.DefaultRole)]
 		public async Task<IActionResult> Delete(Guid id)
 		{
 			await this._userService.DeleteUser(id);
diff --git a/src/DevHive.Web/Startup.cs b/src/DevHive.Web/Startup.cs
index 104ba4a..35dd5c3 100644
--- a/src/DevHive.Web/Startup.cs
+++ b/src/DevHive.Web/Startup.cs
@@ -46,6 +46,7 @@ namespace DevHive.Web
 			}
 
 			app.UseDatabaseConfiguration();
+
 			
 			app.UseEndpoints(endpoints =>
 			{
author	transtrike <transtrike@gmail.com>	2020-12-16 19:00:00 +0200
committer	transtrike <transtrike@gmail.com>	2020-12-16 19:00:00 +0200
commit	fb2803789e012cda1aca4c5f8bef779923f5db61 (patch)
tree	05a0e24af85915dc8698ebc3bdce6e934a73da4e /src/DevHive.Web
parent	e46bfcf0d9ef6e927b2922c63dacde9442fe82d3 (diff)
download	DevHive-fb2803789e012cda1aca4c5f8bef779923f5db61.tar DevHive-fb2803789e012cda1aca4c5f8bef779923f5db61.tar.gz DevHive-fb2803789e012cda1aca4c5f8bef779923f5db61.zip