diff options
Diffstat (limited to 'Controllers')
-rw-r--r-- | Controllers/MessageController.cs | 17 | ||||
-rw-r--r-- | Controllers/UsersController.cs | 49 | ||||
-rw-r--r-- | Controllers/WeatherForecastController.cs | 3 |
3 files changed, 54 insertions, 15 deletions
diff --git a/Controllers/MessageController.cs b/Controllers/MessageController.cs new file mode 100644 index 0000000..bacaf5c --- /dev/null +++ b/Controllers/MessageController.cs @@ -0,0 +1,17 @@ +using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; + +namespace IdentityAPI.Controllers { + [ApiController] + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] + [Route("api/message")] + public class MessageController : ControllerBase { + public MessageController() {} + + [HttpGet] + public async Task<IActionResult> Show() { + return Ok(new { message = "Authentication succesful" }); + } + } +}
\ No newline at end of file diff --git a/Controllers/UsersController.cs b/Controllers/UsersController.cs index 52c9105..d5dded5 100644 --- a/Controllers/UsersController.cs +++ b/Controllers/UsersController.cs @@ -8,7 +8,7 @@ using Microsoft.EntityFrameworkCore; using System.Text; using System.Security.Claims; using IdentityAPI.Models; -using IdentityAPI.DTO; +using IdentityAPI.DTOs; namespace IdentityAPI.Controllers { [Route("api/users")] @@ -24,30 +24,49 @@ namespace IdentityAPI.Controllers { _manager = manager; } - [HttpPost("signup")] - public async Task<IActionResult> PostUser(UserDTO data) { - var user = new IdentityUser { UserName = data.UserName, Email = data.Email }; - var result = await _manager.CreateAsync(user, data.Password); + [HttpPost("signup")] + public async Task<IActionResult> SignUp(UserDTO data) { + var user = new IdentityUser { UserName = data.UserName, Email = data.Email }; + var result = await _manager.CreateAsync(user, data.Password); - if(result.Succeeded) - return Ok(new { Token = GenerateToken(user) }); + if(result.Succeeded) + return Ok(new { Token = GenerateToken(user) }); return StatusCode(422, new { error = "The provided user is invalid" }); } - private string GenerateToken(IdentityUser user) { + [HttpPost("login")] + public async Task<IActionResult> Login(LoginRequest data) { + if(data != null && data.Email != null && data.Password != null) { + var user = await _manager.FindByEmailAsync(data.Email); + + if(user == null) + return StatusCode(404, new { error = "Nonexistent user" }); + + var result = await _manager.CheckPasswordAsync(user, data.Password); + + if(result) + return Ok(new { Token = GenerateToken(user)} ); + + return StatusCode(401, new { error = "Wrong credentials" }); + } + + return StatusCode(400, new { error = "Invalid request body" }); + } + + private string GenerateToken(IdentityUser user) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])); - var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); + var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expiration = DateTime.UtcNow.AddMinutes(30); - var issuer = _configuration["Jwt:Issuer"]; + //var issuer = _configuration["Jwt:Issuer"]; var claims = new List<Claim> { - new Claim("sid", user.Id), - new Claim("username", user.UserName), - new Claim("email", user.Email) - }; + new Claim("sid", user.Id), + new Claim("username", user.UserName), + new Claim("email", user.Email) + }; var descriptor = new JwtSecurityToken(issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds); return new JwtSecurityTokenHandler().WriteToken(descriptor); } } -} +}
\ No newline at end of file diff --git a/Controllers/WeatherForecastController.cs b/Controllers/WeatherForecastController.cs index 801ee5e..f7fdcdf 100644 --- a/Controllers/WeatherForecastController.cs +++ b/Controllers/WeatherForecastController.cs @@ -1,8 +1,11 @@ using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; namespace IdentityAPI.Controllers; [ApiController] +[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] [Route("[controller]")] public class WeatherForecastController : ControllerBase { |