4 files changed, 12 insertions, 7 deletions

diff --git a/API/Controllers/UserController.cs b/API/Controllers/UserController.cs
index 187b4e9..eda4a5a 100644
--- a/API/Controllers/UserController.cs
+++ b/API/Controllers/UserController.cs
@@ -6,6 +6,7 @@ using Microsoft.AspNetCore.Mvc;
 using Data.Models.DTOs;
 using Microsoft.AspNetCore.Authorization;
 using Data.Models.Classes;
+using Microsoft.Extensions.Configuration;
 
 namespace API.Controllers
 {
@@ -16,9 +17,9 @@ namespace API.Controllers
 	{
 		private readonly UserService _service;
 
-		public UserController(DevHiveContext context, IMapper mapper)
+		public UserController(DevHiveContext context, IMapper mapper, IConfiguration configuration)
 		{
-			this._service = new UserService(context, mapper);
+			this._service = new UserService(context, mapper, configuration.GetSection("AppSettings"));
 		}
 
 		[AllowAnonymous]
diff --git a/API/Service/UserService.cs b/API/Service/UserService.cs
index b715f8c..4ace934 100644
--- a/API/Service/UserService.cs
+++ b/API/Service/UserService.cs
@@ -10,6 +10,7 @@ using Microsoft.IdentityModel.Tokens;
 using System.Security.Claims;
 using System;
 using System.Text;
+using Microsoft.Extensions.Configuration;
 
 namespace API.Service
 {
@@ -17,11 +18,13 @@ namespace API.Service
 	{
 		private readonly UserDbRepository _userDbRepository;
 		private readonly IMapper _userMapper;
+        private readonly IConfiguration _appSettings;
 
-		public UserService(DevHiveContext context, IMapper mapper)
+		public UserService(DevHiveContext context, IMapper mapper, IConfiguration appSettings)
 		{
 			this._userDbRepository = new UserDbRepository(context);
 			this._userMapper = mapper;
+			this._appSettings = appSettings;
 		}
 
 		public async Task<IActionResult> LoginUser(UserDTO userDTO)
@@ -31,9 +34,7 @@ namespace API.Service
 			if (user == null)
 				return new NotFoundObjectResult("User does not exist!");
 
-
-			// Temporary, TODO: get key from appsettings
-			var key = Encoding.ASCII.GetBytes(")H@McQfTB?E(H+Mb8x/A?D(Gr4u7x!A%WnZr4t7weThWmZq4KbPeShVm*G-KaPdSz%C*F-Ja6w9z$C&F");  
+			var key = Encoding.ASCII.GetBytes(_appSettings.GetSection("Secret").Value);  
 
 			var tokenHandler = new JwtSecurityTokenHandler();
             var tokenDescriptor = new SecurityTokenDescriptor
diff --git a/API/Startup.cs b/API/Startup.cs
index d9388cf..a113736 100644
--- a/API/Startup.cs
+++ b/API/Startup.cs
@@ -46,7 +46,7 @@ namespace API
 			});

 

 			// configure jwt authentication

-            var key = Encoding.ASCII.GetBytes(Configuration.GetSection("AppSettings").GetValue("Secret", ")H@McQfTB?E(H+Mb8x/A?D(Gr4u7x!A%WnZr4t7weThWmZq4KbPeShVm*G-KaPdSz%C*F-Ja6w9z$C&F"));

+            var key = Encoding.ASCII.GetBytes(Configuration.GetSection("AppSettings").GetSection("Secret").Value);

             services.AddAuthentication(x =>

             {

                 x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;

diff --git a/API/appsettings.json b/API/appsettings.json
index 31c8109..1784183 100644
--- a/API/appsettings.json
+++ b/API/appsettings.json
@@ -1,4 +1,7 @@
 {

+ "AppSettings": {

+  	"Secret": "ADD_ANY_STRING_WITH_32_OR_MORE_CHARACTERS"

+  },

   "ConnectionStrings" : {

     "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;"

   },