JWT Validations works; Introduced more bugs to fix later

author: transtrike <transtrike@gmail.com> 2021-02-27 11:18:09 +0200
committer: transtrike <transtrike@gmail.com> 2021-02-27 11:18:09 +0200
commit: 83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839 (patch)
tree: 78711c29342fc3d5b5e643403a507c9b030afa4d /src
parent: 784b5fc621f71fa94eddf276b0b932ba7d1aa873 (diff)
download: DevHive-83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839.tar
DevHive-83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839.tar.gz
DevHive-83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839.zip
9 files changed, 225 insertions, 85 deletions
diff --git a/src/Common/DevHive.Common.Models/DevHive.Common.csproj b/src/Common/DevHive.Common.Models/DevHive.Common.csproj
deleted file mode 100644
index f6d662c..0000000
--- a/src/Common/DevHive.Common.Models/DevHive.Common.csproj
+++ /dev/null
@@ -1,13 +0,0 @@
-<Project Sdk="Microsoft.NET.Sdk">
-  <PropertyGroup>
-    <TargetFramework>net5.0</TargetFramework>
-  </PropertyGroup>
-  <ItemGroup>
-    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="5.0.2"/>
-    <PackageReference Include="SonarAnalyzer.CSharp" Version="8.18.0.27296"/>
-  </ItemGroup>
-  <PropertyGroup>
-    <EnableNETAnalyzers>true</EnableNETAnalyzers>
-    <AnalysisLevel>latest</AnalysisLevel>
-  </PropertyGroup>
-</Project>
-\ No newline at end of file
diff --git a/src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs b/src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs
new file mode 100644
index 0000000..d2f1756
--- /dev/null
+++ b/src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs
@@ -0,0 +1,11 @@
+using System;
+using System.Collections.Generic;
+
+namespace DevHive.Common.Jwt.Interfaces
+{
+	public interface IJwtService
+	{
+		string GenerateJwtToken(Guid userId, string username, List<string> roleNames);
+		bool ValidateToken(string authToken);
+	}
+}
diff --git a/src/Common/DevHive.Common/Jwt/JwtService.cs b/src/Common/DevHive.Common/Jwt/JwtService.cs
new file mode 100644
index 0000000..677353a
--- /dev/null
+++ b/src/Common/DevHive.Common/Jwt/JwtService.cs
@@ -0,0 +1,79 @@
+using System;
+using System.Buffers.Text;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Security.Principal;
+using System.Text;
+using DevHive.Common.Jwt.Interfaces;
+using Microsoft.IdentityModel.Tokens;
+
+namespace DevHive.Common.Jwt
+{
+	public class JwtService : IJwtService
+	{
+		private readonly string _validationIssuer;
+		private readonly string _audience;
+		private readonly byte[] _signingKey;
+
+		public JwtService(byte[] signingKey, string validationIssuer, string audience)
+		{
+			this._signingKey = signingKey;
+			this._validationIssuer = validationIssuer;
+			this._audience = audience;
+		}
+
+		public string GenerateJwtToken(Guid userId, string username, List<string> roleNames)
+		{
+			var securityKey = new SymmetricSecurityKey(this._signingKey);
+			var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+
+			HashSet<Claim> claims = new()
+			{
+				new Claim("ID", $"{userId}"),
+				new Claim("Username", username)
+			};
+
+			foreach (var roleName in roleNames)
+				claims.Add(new Claim(ClaimTypes.Role, roleName));
+
+			SecurityTokenDescriptor securityTokenDescriptor = new()
+			{
+				Issuer = this._validationIssuer,
+				Audience = this._audience,
+				Subject = new ClaimsIdentity(claims),
+				Expires = DateTime.Today.AddDays(7),
+				SigningCredentials = credentials,
+			};
+
+			JwtSecurityTokenHandler tokenHandler = new();
+			SecurityToken token = tokenHandler.CreateToken(securityTokenDescriptor);
+
+			return tokenHandler.WriteToken(token);
+		}
+
+		public bool ValidateToken(string authToken)
+		{
+			var tokenHandler = new JwtSecurityTokenHandler();
+			var validationParameters = GetValidationParameters();
+
+			//Validate edge case where user can delete other users
+
+			IPrincipal principal = tokenHandler.ValidateToken(authToken.Remove(0, 7), validationParameters, out _);
+			return principal.Identity.IsAuthenticated;
+		}
+
+		private TokenValidationParameters GetValidationParameters()
+		{
+			return new TokenValidationParameters()
+			{
+				ValidateLifetime = true,
+				ValidateAudience = true,
+				ValidateIssuer = true,
+				ValidIssuer = this._validationIssuer,
+				ValidAudience = this._audience,
+				IssuerSigningKey = new SymmetricSecurityKey(this._signingKey)
+			};
+		}
+	}
+}
diff --git a/src/DevHive.sln b/src/DevHive.sln
index 05bdcda..a202180 100644
--- a/src/DevHive.sln
+++ b/src/DevHive.sln
@@ -11,10 +11,6 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Data.Models", "Data
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Data.Tests", "Data\DevHive.Data.Tests\DevHive.Data.Tests.csproj", "{F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}"
 EndProject
-Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{F2864A9D-70F1-452F-AAAC-AAFD8102ABAD}"
-EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Common", "Common\DevHive.Common.Models\DevHive.Common.csproj", "{5C3DFE9B-9690-475E-A0AE-D62315D38337}"
-EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Services", "Services", "{7CA79114-C359-4871-BFA7-0EA898B50AE4}"
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Services", "Services\DevHive.Services\DevHive.Services.csproj", "{B5F22590-E3CE-4595-BE48-AA7F1797A6B8}"
@@ -31,6 +27,12 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Web.Models", "Web\D
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Web.Tests", "Web\DevHive.Web.Tests\DevHive.Web.Tests.csproj", "{608273FF-01ED-48B3-B912-66CCDBF5572E}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{49B4EAF5-8F45-493F-A25A-7F37DAAE6B1E}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Common", "Common\DevHive.Common\DevHive.Common.csproj", "{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Common.Models", "Common\DevHive.Common.Models\DevHive.Common.Models.csproj", "{3D63C965-A734-45D6-B75D-AFDCAB511293}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -80,18 +82,6 @@ Global
 		{F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}.Release|x64.Build.0 = Release|Any CPU
 		{F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}.Release|x86.ActiveCfg = Release|Any CPU
 		{F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}.Release|x86.Build.0 = Release|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x64.ActiveCfg = Debug|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x64.Build.0 = Debug|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x86.ActiveCfg = Debug|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x86.Build.0 = Debug|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|Any CPU.Build.0 = Release|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x64.ActiveCfg = Release|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x64.Build.0 = Release|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x86.ActiveCfg = Release|Any CPU
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x86.Build.0 = Release|Any CPU
 		{B5F22590-E3CE-4595-BE48-AA7F1797A6B8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{B5F22590-E3CE-4595-BE48-AA7F1797A6B8}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{B5F22590-E3CE-4595-BE48-AA7F1797A6B8}.Debug|x64.ActiveCfg = Debug|Any CPU
@@ -164,17 +154,42 @@ Global
 		{608273FF-01ED-48B3-B912-66CCDBF5572E}.Release|x64.Build.0 = Release|Any CPU
 		{608273FF-01ED-48B3-B912-66CCDBF5572E}.Release|x86.ActiveCfg = Release|Any CPU
 		{608273FF-01ED-48B3-B912-66CCDBF5572E}.Release|x86.Build.0 = Release|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x64.Build.0 = Debug|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x86.Build.0 = Debug|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|Any CPU.Build.0 = Release|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x64.ActiveCfg = Release|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x64.Build.0 = Release|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x86.ActiveCfg = Release|Any CPU
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x86.Build.0 = Release|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x64.Build.0 = Debug|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x86.Build.0 = Debug|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|Any CPU.Build.0 = Release|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x64.ActiveCfg = Release|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x64.Build.0 = Release|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x86.ActiveCfg = Release|Any CPU
+		{3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{70D0903D-C65F-4600-B6F8-F7BD00500A51} = {0C2AC7A9-AC68-4668-B88E-9370C596F498}
 		{56F85916-3955-4558-8809-376D20902B94} = {0C2AC7A9-AC68-4668-B88E-9370C596F498}
 		{F056B3F1-B72D-4935-87EA-F7BFEA96AFB0} = {0C2AC7A9-AC68-4668-B88E-9370C596F498}
-		{5C3DFE9B-9690-475E-A0AE-D62315D38337} = {F2864A9D-70F1-452F-AAAC-AAFD8102ABAD}
 		{B5F22590-E3CE-4595-BE48-AA7F1797A6B8} = {7CA79114-C359-4871-BFA7-0EA898B50AE4}
 		{2FFF985B-A26F-443D-A159-62ED2FD5A2BC} = {7CA79114-C359-4871-BFA7-0EA898B50AE4}
 		{6E58003B-E5E8-4AA4-8F70-A9442BBFC110} = {7CA79114-C359-4871-BFA7-0EA898B50AE4}
 		{A6D35BD9-A2A4-4937-89A8-DCB0D610B04A} = {768A592D-58EA-4CD3-A053-2E8F2DC7708A}
 		{D8C898F7-A0DE-4939-8708-3D4A5C383EFC} = {768A592D-58EA-4CD3-A053-2E8F2DC7708A}
 		{608273FF-01ED-48B3-B912-66CCDBF5572E} = {768A592D-58EA-4CD3-A053-2E8F2DC7708A}
+		{AAEC0516-A943-449E-A1E8-E0628BFFAA2E} = {49B4EAF5-8F45-493F-A25A-7F37DAAE6B1E}
+		{3D63C965-A734-45D6-B75D-AFDCAB511293} = {49B4EAF5-8F45-493F-A25A-7F37DAAE6B1E}
 	EndGlobalSection
 EndGlobal
diff --git a/src/Services/DevHive.Services/Services/UserService.cs b/src/Services/DevHive.Services/Services/UserService.cs
index dfd45cc..cbcb116 100644
--- a/src/Services/DevHive.Services/Services/UserService.cs
+++ b/src/Services/DevHive.Services/Services/UserService.cs
@@ -13,9 +13,9 @@ using DevHive.Common.Models.Identity;
 using DevHive.Services.Interfaces;
 using DevHive.Data.Interfaces;
 using System.Linq;
-using DevHive.Common.Models.Misc;
 using Microsoft.AspNetCore.Http;
-using Newtonsoft.Json;
+using DevHive.Common.Jwt;
+using DevHive.Common.Jwt.Interfaces;
 
 namespace DevHive.Services.Services
 {
@@ -28,6 +28,7 @@ namespace DevHive.Services.Services
 		private readonly IMapper _userMapper;
 		private readonly JwtOptions _jwtOptions;
 		private readonly ICloudService _cloudService;
+		private readonly IJwtService _jwtService;
 
 		public UserService(IUserRepository userRepository,
 			ILanguageRepository languageRepository,
@@ -35,7 +36,8 @@ namespace DevHive.Services.Services
 			ITechnologyRepository technologyRepository,
 			IMapper mapper,
 			JwtOptions jwtOptions,
-			ICloudService cloudService)
+			ICloudService cloudService,
+			IJwtService jwtService)
 		{
 			this._userRepository = userRepository;
 			this._roleRepository = roleRepository;
@@ -44,6 +46,7 @@ namespace DevHive.Services.Services
 			this._languageRepository = languageRepository;
 			this._technologyRepository = technologyRepository;
 			this._cloudService = cloudService;
+			this._jwtService = jwtService;
 		}
 
 		#region Authentication
@@ -65,8 +68,10 @@ namespace DevHive.Services.Services
 		}
 
 		/// <summary>
-		/// Returns a new JSON Web Token (that can be used for authorization) for the given user
+		/// Register a user in the database and return a
 		/// </summary>
+		/// <param name="registerModel">Register model, containing registration information</param>
+		/// <returns>A Token model, containing JWT Token for further verification</returns>
 		public async Task<TokenModel> RegisterUser(RegisterServiceModel registerModel)
 		{
 			if (await this._userRepository.DoesUsernameExistAsync(registerModel.UserName))
@@ -86,7 +91,12 @@ namespace DevHive.Services.Services
 				throw new ArgumentException("Unable to add role to user");
 
 			User createdUser = await this._userRepository.GetByUsernameAsync(registerModel.UserName);
-			return new TokenModel(WriteJWTSecurityToken(createdUser.Id, createdUser.UserName, createdUser.Roles));
+			List<string> roleNames = createdUser
+						.Roles
+						.Select(x => x.Name)
+						.ToList();
+
+			return new TokenModel(this._jwtService.GenerateJwtToken(createdUser.Id, createdUser.UserName, roleNames));
 		}
 		#endregion
 
@@ -173,34 +183,38 @@ namespace DevHive.Services.Services
 		/// is the same user as the one in the token (unless the user in the token has the admin role)
 		/// and the roles in the token are the same as those in the user, gotten by the id in the token
 		/// </summary>
+		/// <param name="id"></param>
+		/// <param name="rawTokenData"></param>
+		/// <returns></returns>
 		public async Task<bool> ValidJWT(Guid id, string rawTokenData)
 		{
+			return this._jwtService.ValidateToken(rawTokenData);
 			// There is authorization name in the beginning, i.e. "Bearer eyJh..."
-			var jwt = new JwtSecurityTokenHandler().ReadJwtToken(rawTokenData.Remove(0, 7));
+			// var jwt = new JwtSecurityTokenHandler().ReadJwtToken(rawTokenData.Remove(0, 7));
 
-			Guid jwtUserID = new(UserService.GetClaimTypeValues("ID", jwt.Claims).First());
-			List<string> jwtRoleNames = UserService.GetClaimTypeValues("role", jwt.Claims);
+			// Guid jwtUserID = new(UserService.GetClaimTypeValues("ID", jwt.Claims).First());
+			// List<string> jwtRoleNames = UserService.GetClaimTypeValues("role", jwt.Claims);
 
-			User user = await this._userRepository.GetByIdAsync(jwtUserID)
-				?? throw new ArgumentException("User does not exist!");
+			// User user = await this._userRepository.GetByIdAsync(jwtUserID)
+			// 	?? throw new ArgumentException("User does not exist!");
 
-			/* Check if he is an admin */
-			if (user.Roles.Any(x => x.Name == Role.AdminRole))
-				return true;
+			// /* Check if he is an admin */
+			// if (user.Roles.Any(x => x.Name == Role.AdminRole))
+			// 	return true;
 
-			if (!jwtRoleNames.Contains(Role.AdminRole) && user.Id != id)
-				return false;
+			// if (!jwtRoleNames.Contains(Role.AdminRole) && user.Id != id)
+			// 	return false;
 
-			// Check if jwt contains all user roles (if it doesn't, jwt is either old or tampered with)
-			foreach (var role in user.Roles)
-				if (!jwtRoleNames.Contains(role.Name))
-					return false;
+			// // Check if jwt contains all user roles (if it doesn't, jwt is either old or tampered with)
+			// foreach (var role in user.Roles)
+			// 	if (!jwtRoleNames.Contains(role.Name))
+			// 		return false;
 
-			// Check if jwt contains only roles of user
-			if (jwtRoleNames.Count != user.Roles.Count)
-				return false;
+			// // Check if jwt contains only roles of user
+			// if (jwtRoleNames.Count != user.Roles.Count)
+			// 	return false;
 
-			return true;
+			// return true;
 		}
 
 		/// <summary>
@@ -294,9 +308,13 @@ namespace DevHive.Services.Services
 			user.Roles.Add(admin);
 			await this._userRepository.EditAsync(user.Id, user);
 
-			User newUser = await this._userRepository.GetByIdAsync(userId);
+			User createdUser = await this._userRepository.GetByIdAsync(userId);
+			List<string> roleNames = createdUser
+						.Roles
+						.Select(x => x.Name)
+						.ToList();
 
-			return new TokenModel(WriteJWTSecurityToken(newUser.Id, newUser.UserName, newUser.Roles));
+			return new TokenModel(this._jwtService.GenerateJwtToken(createdUser.Id, createdUser.UserName, roleNames));
 		}
 
 		private async Task PopulateUserModel(User user, UpdateUserServiceModel updateUserServiceModel)
diff --git a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs
index c547951..660a416 100644
--- a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs
+++ b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs
@@ -1,3 +1,6 @@
+using System.Text;
+using DevHive.Common.Jwt;
+using DevHive.Common.Jwt.Interfaces;
 using DevHive.Data.Interfaces;
 using DevHive.Data.Repositories;
 using DevHive.Services.Interfaces;
@@ -27,12 +30,19 @@ namespace DevHive.Web.Configurations.Extensions
 			services.AddTransient<IPostService, PostService>();
 			services.AddTransient<ICommentService, CommentService>();
 			services.AddTransient<IFeedService, FeedService>();
+			services.AddTransient<IRateService, RateService>();
+
 			services.AddTransient<ICloudService, CloudinaryService>(options =>
 				new CloudinaryService(
 					cloudName: configuration.GetSection("Cloud").GetSection("cloudName").Value,
 					apiKey: configuration.GetSection("Cloud").GetSection("apiKey").Value,
 					apiSecret: configuration.GetSection("Cloud").GetSection("apiSecret").Value));
-			services.AddTransient<IRateService, RateService>();
+
+			services.AddSingleton<IJwtService, JwtService>(options =>
+				new JwtService(
+					signingKey: Encoding.ASCII.GetBytes(configuration.GetSection("Jwt").GetSection("signingKey").Value),
+					validationIssuer: configuration.GetSection("Jwt").GetSection("validationIssuer").Value,
+					audience: configuration.GetSection("Jwt").GetSection("audience").Value));
 		}
 	}
 }
diff --git a/src/Web/DevHive.Web/Controllers/ProfilePictureController.cs b/src/Web/DevHive.Web/Controllers/ProfilePictureController.cs
new file mode 100644
index 0000000..d3971ff
--- /dev/null
+++ b/src/Web/DevHive.Web/Controllers/ProfilePictureController.cs
@@ -0,0 +1,32 @@
+using System;
+using System.Threading.Tasks;
+using DevHive.Services.Models.User;
+using DevHive.Web.Models.User;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace DevHive.Web.Controllers
+{
+	[ApiController]
+	[Route("api/[controller]")]
+	public class ProfilePictureController
+	{
+		[HttpPut]
+		[Route("ProfilePicture")]
+		[Authorize(Roles = "User,Admin")]
+		public async Task<IActionResult> UpdateProfilePicture(Guid userId, [FromForm] UpdateProfilePictureWebModel updateProfilePictureWebModel, [FromHeader] string authorization)
+		{
+			throw new NotImplementedException();
+			// if (!await this._userService.ValidJWT(userId, authorization))
+			// 	return new UnauthorizedResult();
+
+			// UpdateProfilePictureServiceModel updateProfilePictureServiceModel = this._userMapper.Map<UpdateProfilePictureServiceModel>(updateProfilePictureWebModel);
+			// updateProfilePictureServiceModel.UserId = userId;
+
+			// ProfilePictureServiceModel profilePictureServiceModel = await this._userService.UpdateProfilePicture(updateProfilePictureServiceModel);
+			// ProfilePictureWebModel profilePictureWebModel = this._userMapper.Map<ProfilePictureWebModel>(profilePictureServiceModel);
+
+			// return new AcceptedResult("UpdateProfilePicture", profilePictureWebModel);
+		}
+	}
+}
diff --git a/src/Web/DevHive.Web/Controllers/UserController.cs b/src/Web/DevHive.Web/Controllers/UserController.cs
index 214fba7..a1e87f4 100644
--- a/src/Web/DevHive.Web/Controllers/UserController.cs
+++ b/src/Web/DevHive.Web/Controllers/UserController.cs
@@ -93,23 +93,6 @@ namespace DevHive.Web.Controllers
 
 			return new AcceptedResult("UpdateUser", userWebModel);
 		}
-
-		[HttpPut]
-		[Route("ProfilePicture")]
-		[Authorize(Roles = "User,Admin")]
-		public async Task<IActionResult> UpdateProfilePicture(Guid userId, [FromForm] UpdateProfilePictureWebModel updateProfilePictureWebModel, [FromHeader] string authorization)
-		{
-			if (!await this._userService.ValidJWT(userId, authorization))
-				return new UnauthorizedResult();
-
-			UpdateProfilePictureServiceModel updateProfilePictureServiceModel = this._userMapper.Map<UpdateProfilePictureServiceModel>(updateProfilePictureWebModel);
-			updateProfilePictureServiceModel.UserId = userId;
-
-			ProfilePictureServiceModel profilePictureServiceModel = await this._userService.UpdateProfilePicture(updateProfilePictureServiceModel);
-			ProfilePictureWebModel profilePictureWebModel = this._userMapper.Map<ProfilePictureWebModel>(profilePictureServiceModel);
-
-			return new AcceptedResult("UpdateProfilePicture", profilePictureWebModel);
-		}
 		#endregion
 
 		#region Delete
diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json
index bcdcae7..b7e0ce5 100644
--- a/src/Web/DevHive.Web/appsettings.json
+++ b/src/Web/DevHive.Web/appsettings.json
@@ -1,20 +1,25 @@
 {
-	"AppSettings": {
-		"Secret": "gXfQlU6qpDleFWyimscjYcT3tgFsQg3yoFjcvSLxG56n1Vu2yptdIUq254wlJWjm"
-	},
-	"ConnectionStrings": {
-		"DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;"
+  "AppSettings": {
+    "Secret": ""
+  },
+  "Jwt": {
+    "signingKey": "",
+    "validationIssuer": "",
+    "audience": ""
+  },
+  "ConnectionStrings": {
+    "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;"
   },
   "Cloud": {
     "cloudName": "devhive",
     "apiKey": "488664116365813",
     "apiSecret": ""
   },
-	"Logging": {
-		"LogLevel": {
-			"Default": "Information",
-			"Microsoft": "Warning",
-			"Microsoft.Hosting.Lifetime": "Information"
-		}
-	}
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  }
 }
author	transtrike <transtrike@gmail.com>	2021-02-27 11:18:09 +0200
committer	transtrike <transtrike@gmail.com>	2021-02-27 11:18:09 +0200
commit	83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839 (patch)
tree	78711c29342fc3d5b5e643403a507c9b030afa4d /src
parent	784b5fc621f71fa94eddf276b0b932ba7d1aa873 (diff)
download	DevHive-83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839.tar DevHive-83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839.tar.gz DevHive-83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839.zip