scaffold auth api infrastructure (doesn't work)

2026-03-16 21:20:54 -05:00
parent 3dfb1ee0a7
commit 96026d448f
5 changed files with 58 additions and 14 deletions
--- a/api/Program.cs
+++ b/api/Program.cs
@@ -1,16 +1,41 @@

 using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
+using System.Text;

 using agologumApi.Services;

 var builder = WebApplication.CreateBuilder(args);

+var key = builder.Configuration["Jwt:Key"];
+if(key == null) return;
+
 builder.Services.AddDbContext<AppDbContext>(options => 
    options.UseNpgsql(builder.Configuration.GetConnectionString("DefaultConnection")));

 builder.Services.AddControllers();
+
+// services
 builder.Services.AddScoped<UserService>();
+builder.Services.AddScoped<JwtService>();
+
+// configuration for jwt authentication
+builder.Services.AddAuthentication(options => {
+    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+}).AddJwtBearer(options => {
+    options.TokenValidationParameters = new TokenValidationParameters {
+        ValidateIssuer = false,
+        ValidateAudience = false,
+        ValidateLifetime = true,
+        ValidateIssuerSigningKey = true,
+        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key))
+    };
+});
+
+builder.Services.AddAuthorization();

 // configuration for behind my nginx proxy
 builder.Services.Configure<ForwardedHeadersOptions>(options =>
@@ -41,10 +66,17 @@ builder.Services.AddCors(options =>
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();

+// https://www.reddit.com/r/dotnet/comments/1h7vzbs/how_do_you_guys_handle_authorization_on_a_web_api/
+// add authorization here
+// controllers will have endpoints based on authorization
+// frontend is a different story
+
 var app = builder.Build();

 app.UseForwardedHeaders();
 app.UseCors("dev");
+app.UseAuthentication();
+app.UseAuthorization();

 // Configure the HTTP request pipeline.
 if (app.Environment.IsEnvironment("Development")) {
--- a/api/agologum-api.csproj
+++ b/api/agologum-api.csproj
@@ -8,6 +8,8 @@
  </PropertyGroup>

  <ItemGroup>
+    <PackageReference Include="BCrypt.Net-Next" Version="4.1.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.5" />
    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.3" />
    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.5" />
    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.5">
--- a/api/src/Controllers/UsersController.cs
+++ b/api/src/Controllers/UsersController.cs
@@ -1,28 +1,30 @@

 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+
 using agologumApi.Models;
 using agologumApi.Services;

 [ApiController]
 [Route("api/[controller]")]
-public class UsersController : ControllerBase
-{
+public class UsersController : ControllerBase {
+
    private readonly UserService service_;

-    public UsersController(UserService service)
-    {
+    public UsersController(UserService service) {
        service_ = service;
    }

+    [AllowAnonymous] // accessible if not authorized
    [HttpGet]
-    public async Task<ActionResult<List<User>>> getUsers()
-    {
+    public async Task<ActionResult<List<User>>> getUsers() {
        return Ok(await service_.GetAll());
    }

+    [AllowAnonymous]
    [HttpGet("{id:int}")]
-    public async Task<ActionResult<User>> getUser(int id)
-    {
+    public async Task<ActionResult<User>> getUser(int id) {
+
        var user = await service_.Get(id);

        if (user == null) return NotFound();
@@ -30,9 +32,10 @@ public class UsersController : ControllerBase
        return Ok(user);
    }

+    [Authorize] // testing the authorization
    [HttpPost]
-    public async Task<ActionResult<User>> createUser(User user)
-    {
+    public async Task<ActionResult<User>> createUser(User user) {
+
        var created = await service_.Create(user);

        return CreatedAtAction(
@@ -42,9 +45,10 @@ public class UsersController : ControllerBase
        );
    }

+    [Authorize]
    [HttpPut("{id}")]
-    public async Task<ActionResult<User>> updateUser(int id, User user)
-    {
+    public async Task<ActionResult<User>> updateUser(int id, User user) {
+
        var updated = await service_.Update(user);

        if (updated == null) return NotFound();
@@ -52,9 +56,10 @@ public class UsersController : ControllerBase
        return Ok(updated);
    }

+    [Authorize]
    [HttpDelete("{id}")]
-    public async Task<ActionResult> deleteUser(int id)
-    {
+    public async Task<ActionResult> deleteUser(int id) {
+
        var success = await service_.Delete(id);

        if (!success) return NotFound();
--- a/api/src/Models/User.cs
+++ b/api/src/Models/User.cs
@@ -6,5 +6,6 @@ public class User {
    public int Id { get; set; }
    public string Name { get; set; } = "";
    public string Email { get; set; } = "";
+    public string PasswordHash { get; set; } = "";

 };
--- a/api/src/Services/UserService.cs
+++ b/api/src/Services/UserService.cs
@@ -21,6 +21,10 @@ public class UserService {
        return await db_.Users.FindAsync(id);
    }

+    public async Task<User?> Get(string username) {
+        return await db_.Users.FirstOrDefaultAsync(u => u.Name == username);
+    }
+
    public async Task<User> Create(User user) {
        db_.Users.Add(user);
        await db_.SaveChangesAsync();