From 00acb66e39f7b178d58f3f0ec298aec73d7aced9 Mon Sep 17 00:00:00 2001
From: HombreLaser <sebastian-440@live.com>
Date: Tue, 15 Nov 2022 21:52:57 -0600
Subject: Añadida autenticación
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Controllers/MessageController.cs         | 17 +++++++++++
 Controllers/UsersController.cs           | 49 ++++++++++++++++++++++----------
 Controllers/WeatherForecastController.cs |  3 ++
 3 files changed, 54 insertions(+), 15 deletions(-)
 create mode 100644 Controllers/MessageController.cs

(limited to 'Controllers')

diff --git a/Controllers/MessageController.cs b/Controllers/MessageController.cs
new file mode 100644
index 0000000..bacaf5c
--- /dev/null
+++ b/Controllers/MessageController.cs
@@ -0,0 +1,17 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
+
+namespace IdentityAPI.Controllers {
+    [ApiController]
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
+    [Route("api/message")]
+    public class MessageController : ControllerBase {
+        public MessageController() {}
+
+        [HttpGet]
+        public async Task<IActionResult> Show() {
+            return Ok(new { message = "Authentication succesful" });
+        }
+    }
+}
\ No newline at end of file
diff --git a/Controllers/UsersController.cs b/Controllers/UsersController.cs
index 52c9105..d5dded5 100644
--- a/Controllers/UsersController.cs
+++ b/Controllers/UsersController.cs
@@ -8,7 +8,7 @@ using Microsoft.EntityFrameworkCore;
 using System.Text;
 using System.Security.Claims;
 using IdentityAPI.Models;
-using IdentityAPI.DTO;
+using IdentityAPI.DTOs;
 
 namespace IdentityAPI.Controllers {
     [Route("api/users")]
@@ -24,30 +24,49 @@ namespace IdentityAPI.Controllers {
             _manager = manager;
         }
 
-	[HttpPost("signup")]
-	public async Task<IActionResult> PostUser(UserDTO data) {
-	    var user = new IdentityUser { UserName = data.UserName, Email = data.Email };
-	    var result = await _manager.CreateAsync(user, data.Password);
+	    [HttpPost("signup")]
+	    public async Task<IActionResult> SignUp(UserDTO data) {
+	        var user = new IdentityUser { UserName = data.UserName, Email = data.Email };
+	        var result = await _manager.CreateAsync(user, data.Password);
 	    
-	    if(result.Succeeded)
-		return Ok(new { Token = GenerateToken(user) });
+	        if(result.Succeeded)
+		        return Ok(new { Token = GenerateToken(user) });
 
             return StatusCode(422, new { error = "The provided user is invalid" });
         }
 
-	private string GenerateToken(IdentityUser user) {
+        [HttpPost("login")]
+        public async Task<IActionResult> Login(LoginRequest data) {
+            if(data != null && data.Email != null && data.Password != null) {
+                var user = await _manager.FindByEmailAsync(data.Email);
+            
+                if(user == null)
+                    return StatusCode(404, new { error = "Nonexistent user" });
+
+                var result = await _manager.CheckPasswordAsync(user, data.Password);
+
+                if(result)
+                    return Ok(new { Token = GenerateToken(user)} );
+
+                return StatusCode(401, new { error = "Wrong credentials" });
+            }
+
+            return StatusCode(400, new { error = "Invalid request body" });
+        }
+
+	    private string GenerateToken(IdentityUser user) {
             var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"]));
-	    var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+	        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
             var expiration = DateTime.UtcNow.AddMinutes(30);
-            var issuer = _configuration["Jwt:Issuer"];
+            //var issuer = _configuration["Jwt:Issuer"];
             var claims = new List<Claim> {
-		new Claim("sid", user.Id),
-		new Claim("username", user.UserName),
-		new Claim("email", user.Email)
-	    };
+		        new Claim("sid", user.Id),
+		        new Claim("username", user.UserName),
+		        new Claim("email", user.Email)
+	        };
             var descriptor = new JwtSecurityToken(issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds);
 
             return new JwtSecurityTokenHandler().WriteToken(descriptor);
         }
     }
-}
+}
\ No newline at end of file
diff --git a/Controllers/WeatherForecastController.cs b/Controllers/WeatherForecastController.cs
index 801ee5e..f7fdcdf 100644
--- a/Controllers/WeatherForecastController.cs
+++ b/Controllers/WeatherForecastController.cs
@@ -1,8 +1,11 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 
 namespace IdentityAPI.Controllers;
 
 [ApiController]
+[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
 [Route("[controller]")]
 public class WeatherForecastController : ControllerBase
 {
-- 
cgit v1.2.3