From 98e17766b203734a1817eed94338e2d25f4395f7 Mon Sep 17 00:00:00 2001 From: transtrike Date: Sat, 13 Feb 2021 16:20:18 +0200 Subject: Project Restructure P.1 --- src/Web/DevHive.Web/appsettings.json | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 src/Web/DevHive.Web/appsettings.json (limited to 'src/Web/DevHive.Web/appsettings.json') diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json new file mode 100644 index 0000000..bcdcae7 --- /dev/null +++ b/src/Web/DevHive.Web/appsettings.json @@ -0,0 +1,20 @@ +{ + "AppSettings": { + "Secret": "gXfQlU6qpDleFWyimscjYcT3tgFsQg3yoFjcvSLxG56n1Vu2yptdIUq254wlJWjm" + }, + "ConnectionStrings": { + "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;" + }, + "Cloud": { + "cloudName": "devhive", + "apiKey": "488664116365813", + "apiSecret": "" + }, + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft": "Warning", + "Microsoft.Hosting.Lifetime": "Information" + } + } +} -- cgit v1.2.3 From 83ae76a1b93c91cf7cfb5fc9ea1ef728ee47c839 Mon Sep 17 00:00:00 2001 From: transtrike Date: Sat, 27 Feb 2021 11:18:09 +0200 Subject: JWT Validations works; Introduced more bugs to fix later --- .../DevHive.Common.Models/DevHive.Common.csproj | 13 ---- .../DevHive.Common/Jwt/Interfaces/IJwtService.cs | 11 +++ src/Common/DevHive.Common/Jwt/JwtService.cs | 79 ++++++++++++++++++++++ src/DevHive.sln | 49 +++++++++----- .../DevHive.Services/Services/UserService.cs | 68 ++++++++++++------- .../Extensions/ConfigureDependencyInjection.cs | 12 +++- .../Controllers/ProfilePictureController.cs | 32 +++++++++ src/Web/DevHive.Web/Controllers/UserController.cs | 17 ----- src/Web/DevHive.Web/appsettings.json | 29 ++++---- 9 files changed, 225 insertions(+), 85 deletions(-) delete mode 100644 src/Common/DevHive.Common.Models/DevHive.Common.csproj create mode 100644 src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs create mode 100644 src/Common/DevHive.Common/Jwt/JwtService.cs create mode 100644 src/Web/DevHive.Web/Controllers/ProfilePictureController.cs (limited to 'src/Web/DevHive.Web/appsettings.json') diff --git a/src/Common/DevHive.Common.Models/DevHive.Common.csproj b/src/Common/DevHive.Common.Models/DevHive.Common.csproj deleted file mode 100644 index f6d662c..0000000 --- a/src/Common/DevHive.Common.Models/DevHive.Common.csproj +++ /dev/null @@ -1,13 +0,0 @@ - - - net5.0 - - - - - - - true - latest - - \ No newline at end of file diff --git a/src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs b/src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs new file mode 100644 index 0000000..d2f1756 --- /dev/null +++ b/src/Common/DevHive.Common/Jwt/Interfaces/IJwtService.cs @@ -0,0 +1,11 @@ +using System; +using System.Collections.Generic; + +namespace DevHive.Common.Jwt.Interfaces +{ + public interface IJwtService + { + string GenerateJwtToken(Guid userId, string username, List roleNames); + bool ValidateToken(string authToken); + } +} diff --git a/src/Common/DevHive.Common/Jwt/JwtService.cs b/src/Common/DevHive.Common/Jwt/JwtService.cs new file mode 100644 index 0000000..677353a --- /dev/null +++ b/src/Common/DevHive.Common/Jwt/JwtService.cs @@ -0,0 +1,79 @@ +using System; +using System.Buffers.Text; +using System.Collections.Generic; +using System.IdentityModel.Tokens.Jwt; +using System.Security.Claims; +using System.Security.Principal; +using System.Text; +using DevHive.Common.Jwt.Interfaces; +using Microsoft.IdentityModel.Tokens; + +namespace DevHive.Common.Jwt +{ + public class JwtService : IJwtService + { + private readonly string _validationIssuer; + private readonly string _audience; + private readonly byte[] _signingKey; + + public JwtService(byte[] signingKey, string validationIssuer, string audience) + { + this._signingKey = signingKey; + this._validationIssuer = validationIssuer; + this._audience = audience; + } + + public string GenerateJwtToken(Guid userId, string username, List roleNames) + { + var securityKey = new SymmetricSecurityKey(this._signingKey); + var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); + + HashSet claims = new() + { + new Claim("ID", $"{userId}"), + new Claim("Username", username) + }; + + foreach (var roleName in roleNames) + claims.Add(new Claim(ClaimTypes.Role, roleName)); + + SecurityTokenDescriptor securityTokenDescriptor = new() + { + Issuer = this._validationIssuer, + Audience = this._audience, + Subject = new ClaimsIdentity(claims), + Expires = DateTime.Today.AddDays(7), + SigningCredentials = credentials, + }; + + JwtSecurityTokenHandler tokenHandler = new(); + SecurityToken token = tokenHandler.CreateToken(securityTokenDescriptor); + + return tokenHandler.WriteToken(token); + } + + public bool ValidateToken(string authToken) + { + var tokenHandler = new JwtSecurityTokenHandler(); + var validationParameters = GetValidationParameters(); + + //Validate edge case where user can delete other users + + IPrincipal principal = tokenHandler.ValidateToken(authToken.Remove(0, 7), validationParameters, out _); + return principal.Identity.IsAuthenticated; + } + + private TokenValidationParameters GetValidationParameters() + { + return new TokenValidationParameters() + { + ValidateLifetime = true, + ValidateAudience = true, + ValidateIssuer = true, + ValidIssuer = this._validationIssuer, + ValidAudience = this._audience, + IssuerSigningKey = new SymmetricSecurityKey(this._signingKey) + }; + } + } +} diff --git a/src/DevHive.sln b/src/DevHive.sln index 05bdcda..a202180 100644 --- a/src/DevHive.sln +++ b/src/DevHive.sln @@ -11,10 +11,6 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Data.Models", "Data EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Data.Tests", "Data\DevHive.Data.Tests\DevHive.Data.Tests.csproj", "{F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}" EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{F2864A9D-70F1-452F-AAAC-AAFD8102ABAD}" -EndProject -Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Common", "Common\DevHive.Common.Models\DevHive.Common.csproj", "{5C3DFE9B-9690-475E-A0AE-D62315D38337}" -EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Services", "Services", "{7CA79114-C359-4871-BFA7-0EA898B50AE4}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Services", "Services\DevHive.Services\DevHive.Services.csproj", "{B5F22590-E3CE-4595-BE48-AA7F1797A6B8}" @@ -31,6 +27,12 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Web.Models", "Web\D EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Web.Tests", "Web\DevHive.Web.Tests\DevHive.Web.Tests.csproj", "{608273FF-01ED-48B3-B912-66CCDBF5572E}" EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{49B4EAF5-8F45-493F-A25A-7F37DAAE6B1E}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Common", "Common\DevHive.Common\DevHive.Common.csproj", "{AAEC0516-A943-449E-A1E8-E0628BFFAA2E}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DevHive.Common.Models", "Common\DevHive.Common.Models\DevHive.Common.Models.csproj", "{3D63C965-A734-45D6-B75D-AFDCAB511293}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -80,18 +82,6 @@ Global {F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}.Release|x64.Build.0 = Release|Any CPU {F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}.Release|x86.ActiveCfg = Release|Any CPU {F056B3F1-B72D-4935-87EA-F7BFEA96AFB0}.Release|x86.Build.0 = Release|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|Any CPU.Build.0 = Debug|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x64.ActiveCfg = Debug|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x64.Build.0 = Debug|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x86.ActiveCfg = Debug|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Debug|x86.Build.0 = Debug|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|Any CPU.ActiveCfg = Release|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|Any CPU.Build.0 = Release|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x64.ActiveCfg = Release|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x64.Build.0 = Release|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x86.ActiveCfg = Release|Any CPU - {5C3DFE9B-9690-475E-A0AE-D62315D38337}.Release|x86.Build.0 = Release|Any CPU {B5F22590-E3CE-4595-BE48-AA7F1797A6B8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {B5F22590-E3CE-4595-BE48-AA7F1797A6B8}.Debug|Any CPU.Build.0 = Debug|Any CPU {B5F22590-E3CE-4595-BE48-AA7F1797A6B8}.Debug|x64.ActiveCfg = Debug|Any CPU @@ -164,17 +154,42 @@ Global {608273FF-01ED-48B3-B912-66CCDBF5572E}.Release|x64.Build.0 = Release|Any CPU {608273FF-01ED-48B3-B912-66CCDBF5572E}.Release|x86.ActiveCfg = Release|Any CPU {608273FF-01ED-48B3-B912-66CCDBF5572E}.Release|x86.Build.0 = Release|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|Any CPU.Build.0 = Debug|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x64.ActiveCfg = Debug|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x64.Build.0 = Debug|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x86.ActiveCfg = Debug|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Debug|x86.Build.0 = Debug|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|Any CPU.ActiveCfg = Release|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|Any CPU.Build.0 = Release|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x64.ActiveCfg = Release|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x64.Build.0 = Release|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x86.ActiveCfg = Release|Any CPU + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E}.Release|x86.Build.0 = Release|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|Any CPU.Build.0 = Debug|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x64.ActiveCfg = Debug|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x64.Build.0 = Debug|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x86.ActiveCfg = Debug|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Debug|x86.Build.0 = Debug|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|Any CPU.ActiveCfg = Release|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|Any CPU.Build.0 = Release|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x64.ActiveCfg = Release|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x64.Build.0 = Release|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x86.ActiveCfg = Release|Any CPU + {3D63C965-A734-45D6-B75D-AFDCAB511293}.Release|x86.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(NestedProjects) = preSolution {70D0903D-C65F-4600-B6F8-F7BD00500A51} = {0C2AC7A9-AC68-4668-B88E-9370C596F498} {56F85916-3955-4558-8809-376D20902B94} = {0C2AC7A9-AC68-4668-B88E-9370C596F498} {F056B3F1-B72D-4935-87EA-F7BFEA96AFB0} = {0C2AC7A9-AC68-4668-B88E-9370C596F498} - {5C3DFE9B-9690-475E-A0AE-D62315D38337} = {F2864A9D-70F1-452F-AAAC-AAFD8102ABAD} {B5F22590-E3CE-4595-BE48-AA7F1797A6B8} = {7CA79114-C359-4871-BFA7-0EA898B50AE4} {2FFF985B-A26F-443D-A159-62ED2FD5A2BC} = {7CA79114-C359-4871-BFA7-0EA898B50AE4} {6E58003B-E5E8-4AA4-8F70-A9442BBFC110} = {7CA79114-C359-4871-BFA7-0EA898B50AE4} {A6D35BD9-A2A4-4937-89A8-DCB0D610B04A} = {768A592D-58EA-4CD3-A053-2E8F2DC7708A} {D8C898F7-A0DE-4939-8708-3D4A5C383EFC} = {768A592D-58EA-4CD3-A053-2E8F2DC7708A} {608273FF-01ED-48B3-B912-66CCDBF5572E} = {768A592D-58EA-4CD3-A053-2E8F2DC7708A} + {AAEC0516-A943-449E-A1E8-E0628BFFAA2E} = {49B4EAF5-8F45-493F-A25A-7F37DAAE6B1E} + {3D63C965-A734-45D6-B75D-AFDCAB511293} = {49B4EAF5-8F45-493F-A25A-7F37DAAE6B1E} EndGlobalSection EndGlobal diff --git a/src/Services/DevHive.Services/Services/UserService.cs b/src/Services/DevHive.Services/Services/UserService.cs index dfd45cc..cbcb116 100644 --- a/src/Services/DevHive.Services/Services/UserService.cs +++ b/src/Services/DevHive.Services/Services/UserService.cs @@ -13,9 +13,9 @@ using DevHive.Common.Models.Identity; using DevHive.Services.Interfaces; using DevHive.Data.Interfaces; using System.Linq; -using DevHive.Common.Models.Misc; using Microsoft.AspNetCore.Http; -using Newtonsoft.Json; +using DevHive.Common.Jwt; +using DevHive.Common.Jwt.Interfaces; namespace DevHive.Services.Services { @@ -28,6 +28,7 @@ namespace DevHive.Services.Services private readonly IMapper _userMapper; private readonly JwtOptions _jwtOptions; private readonly ICloudService _cloudService; + private readonly IJwtService _jwtService; public UserService(IUserRepository userRepository, ILanguageRepository languageRepository, @@ -35,7 +36,8 @@ namespace DevHive.Services.Services ITechnologyRepository technologyRepository, IMapper mapper, JwtOptions jwtOptions, - ICloudService cloudService) + ICloudService cloudService, + IJwtService jwtService) { this._userRepository = userRepository; this._roleRepository = roleRepository; @@ -44,6 +46,7 @@ namespace DevHive.Services.Services this._languageRepository = languageRepository; this._technologyRepository = technologyRepository; this._cloudService = cloudService; + this._jwtService = jwtService; } #region Authentication @@ -65,8 +68,10 @@ namespace DevHive.Services.Services } /// - /// Returns a new JSON Web Token (that can be used for authorization) for the given user + /// Register a user in the database and return a /// + /// Register model, containing registration information + /// A Token model, containing JWT Token for further verification public async Task RegisterUser(RegisterServiceModel registerModel) { if (await this._userRepository.DoesUsernameExistAsync(registerModel.UserName)) @@ -86,7 +91,12 @@ namespace DevHive.Services.Services throw new ArgumentException("Unable to add role to user"); User createdUser = await this._userRepository.GetByUsernameAsync(registerModel.UserName); - return new TokenModel(WriteJWTSecurityToken(createdUser.Id, createdUser.UserName, createdUser.Roles)); + List roleNames = createdUser + .Roles + .Select(x => x.Name) + .ToList(); + + return new TokenModel(this._jwtService.GenerateJwtToken(createdUser.Id, createdUser.UserName, roleNames)); } #endregion @@ -173,34 +183,38 @@ namespace DevHive.Services.Services /// is the same user as the one in the token (unless the user in the token has the admin role) /// and the roles in the token are the same as those in the user, gotten by the id in the token /// + /// + /// + /// public async Task ValidJWT(Guid id, string rawTokenData) { + return this._jwtService.ValidateToken(rawTokenData); // There is authorization name in the beginning, i.e. "Bearer eyJh..." - var jwt = new JwtSecurityTokenHandler().ReadJwtToken(rawTokenData.Remove(0, 7)); + // var jwt = new JwtSecurityTokenHandler().ReadJwtToken(rawTokenData.Remove(0, 7)); - Guid jwtUserID = new(UserService.GetClaimTypeValues("ID", jwt.Claims).First()); - List jwtRoleNames = UserService.GetClaimTypeValues("role", jwt.Claims); + // Guid jwtUserID = new(UserService.GetClaimTypeValues("ID", jwt.Claims).First()); + // List jwtRoleNames = UserService.GetClaimTypeValues("role", jwt.Claims); - User user = await this._userRepository.GetByIdAsync(jwtUserID) - ?? throw new ArgumentException("User does not exist!"); + // User user = await this._userRepository.GetByIdAsync(jwtUserID) + // ?? throw new ArgumentException("User does not exist!"); - /* Check if he is an admin */ - if (user.Roles.Any(x => x.Name == Role.AdminRole)) - return true; + // /* Check if he is an admin */ + // if (user.Roles.Any(x => x.Name == Role.AdminRole)) + // return true; - if (!jwtRoleNames.Contains(Role.AdminRole) && user.Id != id) - return false; + // if (!jwtRoleNames.Contains(Role.AdminRole) && user.Id != id) + // return false; - // Check if jwt contains all user roles (if it doesn't, jwt is either old or tampered with) - foreach (var role in user.Roles) - if (!jwtRoleNames.Contains(role.Name)) - return false; + // // Check if jwt contains all user roles (if it doesn't, jwt is either old or tampered with) + // foreach (var role in user.Roles) + // if (!jwtRoleNames.Contains(role.Name)) + // return false; - // Check if jwt contains only roles of user - if (jwtRoleNames.Count != user.Roles.Count) - return false; + // // Check if jwt contains only roles of user + // if (jwtRoleNames.Count != user.Roles.Count) + // return false; - return true; + // return true; } /// @@ -294,9 +308,13 @@ namespace DevHive.Services.Services user.Roles.Add(admin); await this._userRepository.EditAsync(user.Id, user); - User newUser = await this._userRepository.GetByIdAsync(userId); + User createdUser = await this._userRepository.GetByIdAsync(userId); + List roleNames = createdUser + .Roles + .Select(x => x.Name) + .ToList(); - return new TokenModel(WriteJWTSecurityToken(newUser.Id, newUser.UserName, newUser.Roles)); + return new TokenModel(this._jwtService.GenerateJwtToken(createdUser.Id, createdUser.UserName, roleNames)); } private async Task PopulateUserModel(User user, UpdateUserServiceModel updateUserServiceModel) diff --git a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs index c547951..660a416 100644 --- a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs +++ b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDependencyInjection.cs @@ -1,3 +1,6 @@ +using System.Text; +using DevHive.Common.Jwt; +using DevHive.Common.Jwt.Interfaces; using DevHive.Data.Interfaces; using DevHive.Data.Repositories; using DevHive.Services.Interfaces; @@ -27,12 +30,19 @@ namespace DevHive.Web.Configurations.Extensions services.AddTransient(); services.AddTransient(); services.AddTransient(); + services.AddTransient(); + services.AddTransient(options => new CloudinaryService( cloudName: configuration.GetSection("Cloud").GetSection("cloudName").Value, apiKey: configuration.GetSection("Cloud").GetSection("apiKey").Value, apiSecret: configuration.GetSection("Cloud").GetSection("apiSecret").Value)); - services.AddTransient(); + + services.AddSingleton(options => + new JwtService( + signingKey: Encoding.ASCII.GetBytes(configuration.GetSection("Jwt").GetSection("signingKey").Value), + validationIssuer: configuration.GetSection("Jwt").GetSection("validationIssuer").Value, + audience: configuration.GetSection("Jwt").GetSection("audience").Value)); } } } diff --git a/src/Web/DevHive.Web/Controllers/ProfilePictureController.cs b/src/Web/DevHive.Web/Controllers/ProfilePictureController.cs new file mode 100644 index 0000000..d3971ff --- /dev/null +++ b/src/Web/DevHive.Web/Controllers/ProfilePictureController.cs @@ -0,0 +1,32 @@ +using System; +using System.Threading.Tasks; +using DevHive.Services.Models.User; +using DevHive.Web.Models.User; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; + +namespace DevHive.Web.Controllers +{ + [ApiController] + [Route("api/[controller]")] + public class ProfilePictureController + { + [HttpPut] + [Route("ProfilePicture")] + [Authorize(Roles = "User,Admin")] + public async Task UpdateProfilePicture(Guid userId, [FromForm] UpdateProfilePictureWebModel updateProfilePictureWebModel, [FromHeader] string authorization) + { + throw new NotImplementedException(); + // if (!await this._userService.ValidJWT(userId, authorization)) + // return new UnauthorizedResult(); + + // UpdateProfilePictureServiceModel updateProfilePictureServiceModel = this._userMapper.Map(updateProfilePictureWebModel); + // updateProfilePictureServiceModel.UserId = userId; + + // ProfilePictureServiceModel profilePictureServiceModel = await this._userService.UpdateProfilePicture(updateProfilePictureServiceModel); + // ProfilePictureWebModel profilePictureWebModel = this._userMapper.Map(profilePictureServiceModel); + + // return new AcceptedResult("UpdateProfilePicture", profilePictureWebModel); + } + } +} diff --git a/src/Web/DevHive.Web/Controllers/UserController.cs b/src/Web/DevHive.Web/Controllers/UserController.cs index 214fba7..a1e87f4 100644 --- a/src/Web/DevHive.Web/Controllers/UserController.cs +++ b/src/Web/DevHive.Web/Controllers/UserController.cs @@ -93,23 +93,6 @@ namespace DevHive.Web.Controllers return new AcceptedResult("UpdateUser", userWebModel); } - - [HttpPut] - [Route("ProfilePicture")] - [Authorize(Roles = "User,Admin")] - public async Task UpdateProfilePicture(Guid userId, [FromForm] UpdateProfilePictureWebModel updateProfilePictureWebModel, [FromHeader] string authorization) - { - if (!await this._userService.ValidJWT(userId, authorization)) - return new UnauthorizedResult(); - - UpdateProfilePictureServiceModel updateProfilePictureServiceModel = this._userMapper.Map(updateProfilePictureWebModel); - updateProfilePictureServiceModel.UserId = userId; - - ProfilePictureServiceModel profilePictureServiceModel = await this._userService.UpdateProfilePicture(updateProfilePictureServiceModel); - ProfilePictureWebModel profilePictureWebModel = this._userMapper.Map(profilePictureServiceModel); - - return new AcceptedResult("UpdateProfilePicture", profilePictureWebModel); - } #endregion #region Delete diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json index bcdcae7..b7e0ce5 100644 --- a/src/Web/DevHive.Web/appsettings.json +++ b/src/Web/DevHive.Web/appsettings.json @@ -1,20 +1,25 @@ { - "AppSettings": { - "Secret": "gXfQlU6qpDleFWyimscjYcT3tgFsQg3yoFjcvSLxG56n1Vu2yptdIUq254wlJWjm" - }, - "ConnectionStrings": { - "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;" + "AppSettings": { + "Secret": "" + }, + "Jwt": { + "signingKey": "", + "validationIssuer": "", + "audience": "" + }, + "ConnectionStrings": { + "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;" }, "Cloud": { "cloudName": "devhive", "apiKey": "488664116365813", "apiSecret": "" }, - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft": "Warning", - "Microsoft.Hosting.Lifetime": "Information" - } - } + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft": "Warning", + "Microsoft.Hosting.Lifetime": "Information" + } + } } -- cgit v1.2.3 From 2a85613d6827f5a1d151b856739863fbe9782143 Mon Sep 17 00:00:00 2001 From: transtrike Date: Sun, 28 Feb 2021 13:14:23 +0200 Subject: Removed JwtOptions --- src/Services/DevHive.Services/Options/JwtOptions.cs | 14 -------------- .../DevHive.Web/Configurations/Extensions/ConfigureJwt.cs | 14 ++++---------- src/Web/DevHive.Web/appsettings.json | 3 --- 3 files changed, 4 insertions(+), 27 deletions(-) delete mode 100644 src/Services/DevHive.Services/Options/JwtOptions.cs (limited to 'src/Web/DevHive.Web/appsettings.json') diff --git a/src/Services/DevHive.Services/Options/JwtOptions.cs b/src/Services/DevHive.Services/Options/JwtOptions.cs deleted file mode 100644 index d973f45..0000000 --- a/src/Services/DevHive.Services/Options/JwtOptions.cs +++ /dev/null @@ -1,14 +0,0 @@ -using Microsoft.Extensions.Options; - -namespace DevHive.Services.Options -{ - public class JwtOptions - { - public JwtOptions(string secret) - { - this.Secret = secret; - } - - public string Secret { get; init; } - } -} diff --git a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureJwt.cs b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureJwt.cs index 8d387bd..18127bc 100644 --- a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureJwt.cs +++ b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureJwt.cs @@ -1,6 +1,5 @@ using System.Text; using System.Threading.Tasks; -using DevHive.Services.Options; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; @@ -12,15 +11,10 @@ namespace DevHive.Web.Configurations.Extensions { public static void JWTConfiguration(this IServiceCollection services, IConfiguration configuration) { - services.AddSingleton(new JwtOptions(configuration - .GetSection("AppSettings") - .GetSection("Secret") - .Value)); - // Get key from appsettings.json - var key = Encoding.ASCII.GetBytes(configuration - .GetSection("AppSettings") - .GetSection("Secret") + var signingKey = Encoding.ASCII.GetBytes(configuration + .GetSection("Jwt") + .GetSection("signingKey") .Value); // Setup Jwt Authentication @@ -42,7 +36,7 @@ namespace DevHive.Web.Configurations.Extensions x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { - IssuerSigningKey = new SymmetricSecurityKey(key), + IssuerSigningKey = new SymmetricSecurityKey(signingKey), ValidateIssuer = false, ValidateAudience = false }; diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json index b7e0ce5..fcf9805 100644 --- a/src/Web/DevHive.Web/appsettings.json +++ b/src/Web/DevHive.Web/appsettings.json @@ -1,7 +1,4 @@ { - "AppSettings": { - "Secret": "" - }, "Jwt": { "signingKey": "", "validationIssuer": "", -- cgit v1.2.3 From 416fd94399bf0b58fc0d201c0294f0869517a743 Mon Sep 17 00:00:00 2001 From: transtrike Date: Fri, 26 Mar 2021 22:05:07 +0200 Subject: Rating's GetById and GetRatingByPostAndUser return null if User hasn't rated; Updated connection string --- src/Services/DevHive.Services/Services/RatingService.cs | 10 ++++++---- src/Web/DevHive.Web/appsettings.json | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'src/Web/DevHive.Web/appsettings.json') diff --git a/src/Services/DevHive.Services/Services/RatingService.cs b/src/Services/DevHive.Services/Services/RatingService.cs index 1f77a6e..9d8f4b0 100644 --- a/src/Services/DevHive.Services/Services/RatingService.cs +++ b/src/Services/DevHive.Services/Services/RatingService.cs @@ -57,8 +57,9 @@ namespace DevHive.Services.Services #region Read public async Task GetRatingById(Guid ratingId) { - Rating rating = await this._ratingRepository.GetByIdAsync(ratingId) ?? - throw new ArgumentException("The rating does not exist"); + Rating rating = await this._ratingRepository.GetByIdAsync(ratingId); + if (rating is null) + return null; ReadRatingServiceModel readRatingServiceModel = this._mapper.Map(rating); readRatingServiceModel.UserId = rating.User.Id; @@ -68,8 +69,9 @@ namespace DevHive.Services.Services public async Task GetRatingByPostAndUser(Guid userId, Guid postId) { - Rating rating = await this._ratingRepository.GetRatingByUserAndPostId(userId, postId) ?? - throw new ArgumentException("The rating does not exist"); + Rating rating = await this._ratingRepository.GetRatingByUserAndPostId(userId, postId); + if (rating is null) + return null; ReadRatingServiceModel readRatingServiceModel = this._mapper.Map(rating); readRatingServiceModel.UserId = rating.User.Id; diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json index fcf9805..053007d 100644 --- a/src/Web/DevHive.Web/appsettings.json +++ b/src/Web/DevHive.Web/appsettings.json @@ -5,7 +5,7 @@ "audience": "" }, "ConnectionStrings": { - "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=;" + "DEV": "Server=localhost;Port=5432;Database=DevHive API;User Id=postgres;Password=;" }, "Cloud": { "cloudName": "devhive", -- cgit v1.2.3 From 7d5544626c21b90da0b538da83c112c0f8adec9d Mon Sep 17 00:00:00 2001 From: Syndamia Date: Sat, 27 Mar 2021 08:48:49 +0200 Subject: Updated database name in appsettings and ConnectionString --- src/Data/DevHive.Data/ConnectionString.json | 4 ++-- src/Web/DevHive.Web/appsettings.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src/Web/DevHive.Web/appsettings.json') diff --git a/src/Data/DevHive.Data/ConnectionString.json b/src/Data/DevHive.Data/ConnectionString.json index c8300b2..1281a1c 100644 --- a/src/Data/DevHive.Data/ConnectionString.json +++ b/src/Data/DevHive.Data/ConnectionString.json @@ -1,5 +1,5 @@ { "ConnectionStrings": { - "DEV": "Server=localhost;Port=5432;Database=API;User Id=postgres;Password=password;" + "DEV": "Server=localhost;Port=5432;Database=DevHive_API;User Id=postgres;Password=password;" } -} \ No newline at end of file +} diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json index 053007d..036af82 100644 --- a/src/Web/DevHive.Web/appsettings.json +++ b/src/Web/DevHive.Web/appsettings.json @@ -5,7 +5,7 @@ "audience": "" }, "ConnectionStrings": { - "DEV": "Server=localhost;Port=5432;Database=DevHive API;User Id=postgres;Password=;" + "DEV": "Server=localhost;Port=5432;Database=DevHive_API;User Id=postgres;Password=;" }, "Cloud": { "cloudName": "devhive", -- cgit v1.2.3 From fb421f1ab78c1358af5dddc467db7ab02a59110d Mon Sep 17 00:00:00 2001 From: transtrike Date: Fri, 2 Apr 2021 11:30:02 +0300 Subject: Introduced Logger; Replaced DevExcHandler with Custom; Logging Errors to file; Replaced Console logger for requests --- .../DevHive.Common.Models.csproj | 2 +- src/Common/DevHive.Common/DevHive.Common.csproj | 4 +-- .../DevHive.Data.Models/DevHive.Data.Models.csproj | 4 +-- .../DevHive.Data.Tests/DevHive.Data.Tests.csproj | 4 +-- src/Data/DevHive.Data/DevHive.Data.csproj | 6 ++-- .../DevHive.Services.Models.csproj | 2 +- .../DevHive.Services.Tests.csproj | 4 +-- .../DevHive.Services/DevHive.Services.csproj | 8 ++--- .../DevHive.Web.Models/DevHive.Web.Models.csproj | 2 +- src/Web/DevHive.Web.Tests/DevHive.Web.Tests.csproj | 2 +- .../Configurations/Extensions/ConfigureDatabase.cs | 2 +- src/Web/DevHive.Web/DevHive.Web.csproj | 31 ++++++++++-------- .../DevHive.Web/Middleware/ExceptionMiddleware.cs | 8 ++--- src/Web/DevHive.Web/Program.cs | 26 ++++++++++++++- src/Web/DevHive.Web/Startup.cs | 6 +++- src/Web/DevHive.Web/appsettings.json | 38 +++++++++++++++++++--- 16 files changed, 103 insertions(+), 46 deletions(-) (limited to 'src/Web/DevHive.Web/appsettings.json') diff --git a/src/Common/DevHive.Common.Models/DevHive.Common.Models.csproj b/src/Common/DevHive.Common.Models/DevHive.Common.Models.csproj index a952c59..db8d1c9 100644 --- a/src/Common/DevHive.Common.Models/DevHive.Common.Models.csproj +++ b/src/Common/DevHive.Common.Models/DevHive.Common.Models.csproj @@ -4,7 +4,7 @@ - + true diff --git a/src/Common/DevHive.Common/DevHive.Common.csproj b/src/Common/DevHive.Common/DevHive.Common.csproj index cd60d85..a5758f4 100644 --- a/src/Common/DevHive.Common/DevHive.Common.csproj +++ b/src/Common/DevHive.Common/DevHive.Common.csproj @@ -6,6 +6,6 @@ net5.0 - + - + \ No newline at end of file diff --git a/src/Data/DevHive.Data.Models/DevHive.Data.Models.csproj b/src/Data/DevHive.Data.Models/DevHive.Data.Models.csproj index d249c77..2958f86 100644 --- a/src/Data/DevHive.Data.Models/DevHive.Data.Models.csproj +++ b/src/Data/DevHive.Data.Models/DevHive.Data.Models.csproj @@ -4,7 +4,7 @@ - - + + \ No newline at end of file diff --git a/src/Data/DevHive.Data.Tests/DevHive.Data.Tests.csproj b/src/Data/DevHive.Data.Tests/DevHive.Data.Tests.csproj index 25b2b39..e9b33e5 100644 --- a/src/Data/DevHive.Data.Tests/DevHive.Data.Tests.csproj +++ b/src/Data/DevHive.Data.Tests/DevHive.Data.Tests.csproj @@ -4,12 +4,12 @@ false - + - + diff --git a/src/Data/DevHive.Data/DevHive.Data.csproj b/src/Data/DevHive.Data/DevHive.Data.csproj index fcdb7ae..62320f7 100644 --- a/src/Data/DevHive.Data/DevHive.Data.csproj +++ b/src/Data/DevHive.Data/DevHive.Data.csproj @@ -5,14 +5,14 @@ - - + + runtime; build; native; contentfiles; analyzers; buildtransitive all - + diff --git a/src/Services/DevHive.Services.Models/DevHive.Services.Models.csproj b/src/Services/DevHive.Services.Models/DevHive.Services.Models.csproj index a55972a..2345a8e 100644 --- a/src/Services/DevHive.Services.Models/DevHive.Services.Models.csproj +++ b/src/Services/DevHive.Services.Models/DevHive.Services.Models.csproj @@ -4,7 +4,7 @@ - + diff --git a/src/Services/DevHive.Services.Tests/DevHive.Services.Tests.csproj b/src/Services/DevHive.Services.Tests/DevHive.Services.Tests.csproj index d85eea2..4a7237b 100644 --- a/src/Services/DevHive.Services.Tests/DevHive.Services.Tests.csproj +++ b/src/Services/DevHive.Services.Tests/DevHive.Services.Tests.csproj @@ -4,12 +4,12 @@ false - + - + diff --git a/src/Services/DevHive.Services/DevHive.Services.csproj b/src/Services/DevHive.Services/DevHive.Services.csproj index f51c1b6..2468711 100644 --- a/src/Services/DevHive.Services/DevHive.Services.csproj +++ b/src/Services/DevHive.Services/DevHive.Services.csproj @@ -4,15 +4,15 @@ - + runtime; build; native; contentfiles; analyzers; buildtransitive all - + - - + + diff --git a/src/Web/DevHive.Web.Models/DevHive.Web.Models.csproj b/src/Web/DevHive.Web.Models/DevHive.Web.Models.csproj index 9d62eee..79c856f 100644 --- a/src/Web/DevHive.Web.Models/DevHive.Web.Models.csproj +++ b/src/Web/DevHive.Web.Models/DevHive.Web.Models.csproj @@ -8,6 +8,6 @@ - + \ No newline at end of file diff --git a/src/Web/DevHive.Web.Tests/DevHive.Web.Tests.csproj b/src/Web/DevHive.Web.Tests/DevHive.Web.Tests.csproj index 5099119..49a9173 100644 --- a/src/Web/DevHive.Web.Tests/DevHive.Web.Tests.csproj +++ b/src/Web/DevHive.Web.Tests/DevHive.Web.Tests.csproj @@ -8,7 +8,7 @@ - + diff --git a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs index 1bd8df0..b4c49b4 100644 --- a/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs +++ b/src/Web/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs @@ -18,7 +18,7 @@ namespace DevHive.Web.Configurations.Extensions { services.AddDbContext(options => { - options.EnableSensitiveDataLogging(true); + // options.EnableSensitiveDataLogging(true); options.UseNpgsql(configuration.GetConnectionString("DEV"), options => { options.UseQuerySplittingBehavior(QuerySplittingBehavior.SplitQuery); diff --git a/src/Web/DevHive.Web/DevHive.Web.csproj b/src/Web/DevHive.Web/DevHive.Web.csproj index 39322ae..5b3a920 100644 --- a/src/Web/DevHive.Web/DevHive.Web.csproj +++ b/src/Web/DevHive.Web/DevHive.Web.csproj @@ -9,25 +9,30 @@ true - - - + + + runtime; build; native; contentfiles; analyzers; buildtransitive all - - - - - - - - - - + + + + + + + + + + + + + + + diff --git a/src/Web/DevHive.Web/Middleware/ExceptionMiddleware.cs b/src/Web/DevHive.Web/Middleware/ExceptionMiddleware.cs index e2521bd..ebec5e8 100644 --- a/src/Web/DevHive.Web/Middleware/ExceptionMiddleware.cs +++ b/src/Web/DevHive.Web/Middleware/ExceptionMiddleware.cs @@ -32,12 +32,8 @@ namespace DevHive.Web.Middleware context.Response.ContentType = "application/json"; context.Response.StatusCode = (int)HttpStatusCode.BadRequest; - // Made to ressemble the formatting of property validation errors (like [MinLength(3)]) - string message = JsonConvert.SerializeObject(new { - errors = new { - Exception = new String[] { exception.Message } - } - }); + // Made to resemble the formatting of property validation errors (like [MinLength(3)]) + string message = JsonConvert.SerializeObject(new { Error = exception.Message }); return context.Response.WriteAsync(message); } diff --git a/src/Web/DevHive.Web/Program.cs b/src/Web/DevHive.Web/Program.cs index fdb6889..e7c47a9 100644 --- a/src/Web/DevHive.Web/Program.cs +++ b/src/Web/DevHive.Web/Program.cs @@ -1,5 +1,8 @@ +using System; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Hosting; +using Microsoft.Extensions.Configuration; +using Serilog; namespace DevHive.Web { @@ -11,11 +14,32 @@ namespace DevHive.Web public static void Main(string[] args) { - CreateHostBuilder(args).Build().Run(); + var config = new ConfigurationBuilder() + .AddJsonFile("appsettings.json") + .Build(); + + Log.Logger = new LoggerConfiguration() + .ReadFrom.Configuration(config) + .CreateLogger(); + + try + { + Log.Information("Application Starting Up"); + CreateHostBuilder(args).Build().Run(); + } + catch (Exception ex) + { + Log.Fatal(ex, "The application failed to start correctly."); + } + finally + { + Log.CloseAndFlush(); + } } public static IHostBuilder CreateHostBuilder(string[] args) => Host.CreateDefaultBuilder(args) + .UseSerilog() .ConfigureWebHostDefaults(webBuilder => { webBuilder.ConfigureKestrel(opt => opt.ListenLocalhost(HTTP_PORT)); diff --git a/src/Web/DevHive.Web/Startup.cs b/src/Web/DevHive.Web/Startup.cs index 002c718..05a75d9 100644 --- a/src/Web/DevHive.Web/Startup.cs +++ b/src/Web/DevHive.Web/Startup.cs @@ -5,6 +5,7 @@ using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using DevHive.Web.Configurations.Extensions; using Newtonsoft.Json; +using Serilog; namespace DevHive.Web { @@ -46,7 +47,8 @@ namespace DevHive.Web if (env.IsDevelopment()) { - app.UseDeveloperExceptionPage(); + app.UseExceptionHandlerMiddlewareConfiguration(); + // app.UseDeveloperExceptionPage(); } else { @@ -58,6 +60,8 @@ namespace DevHive.Web app.UseDatabaseConfiguration(); app.UseAutoMapperConfiguration(); + app.UseSerilogRequestLogging(); + app.UseEndpoints(endpoints => { endpoints.MapControllerRoute( diff --git a/src/Web/DevHive.Web/appsettings.json b/src/Web/DevHive.Web/appsettings.json index 036af82..84d534d 100644 --- a/src/Web/DevHive.Web/appsettings.json +++ b/src/Web/DevHive.Web/appsettings.json @@ -12,11 +12,39 @@ "apiKey": "488664116365813", "apiSecret": "" }, - "Logging": { - "LogLevel": { + "Serilog": { + "Using": [], + "LevelSwitches": { + "$consoleSwitch": "Verbose", + "$fileSwitch": "Error" + }, + "MinimumLevel": { "Default": "Information", - "Microsoft": "Warning", - "Microsoft.Hosting.Lifetime": "Information" - } + "Override": { + "Microsoft": "Warning", + "System": "Warning" + } + }, + "Enrich": [ + "FromLogContext", + "WithMachineName", + "WithProcessId", + "WithThreadId" + ], + "WriteTo": [ + { + "Name": "Console", + "Args": { + "levelSwitch": "$consoleSwitch" + } + }, + { + "Name": "File", + "Args": { + "path": "./Logs/errors.log", + "levelSwitch": "$fileSwitch" + } + } + ] } } -- cgit v1.2.3