add-api-project #29
@ -1,6 +1,5 @@
|
||||
using System;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.Threading.Tasks;
|
||||
using Api.Models;
|
||||
@ -27,13 +26,8 @@ namespace Api.Controllers
|
||||
_tokenParameters = tokenParameters;
|
||||
}
|
||||
|
||||
[Authorize]
|
||||
public IActionResult GetUsers()
|
||||
{
|
||||
return Ok(_usersManager.Users.ToArray());
|
||||
}
|
||||
|
||||
[HttpPost("login")]
|
||||
[AllowAnonymous]
|
||||
public async Task<IActionResult> Login(LoginViewModel command)
|
||||
{
|
||||
var user = await _usersManager.FindByNameAsync(command.Username);
|
||||
|
||||
@ -4,6 +4,7 @@ using Api.Models;
|
||||
using HN.Application;
|
||||
using HN.Domain;
|
||||
using MediatR;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
@ -26,6 +27,7 @@ namespace Api.Controllers
|
||||
/// <returns></returns>
|
||||
[ProducesResponseType(typeof(LinkDto[]), StatusCodes.Status200OK)]
|
||||
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
||||
[AllowAnonymous]
|
||||
public async Task<IActionResult> GetLinks()
|
||||
{
|
||||
return Ok(await _bus.Send(new ListLinksQuery()));
|
||||
@ -36,6 +38,7 @@ namespace Api.Controllers
|
||||
/// </summary>
|
||||
/// <param name="id"></param>
|
||||
[HttpGet("{id}")]
|
||||
[AllowAnonymous]
|
||||
public async Task<ActionResult<LinkDto>> GetLinkById(Guid id)
|
||||
{
|
||||
return Ok(await _bus.Send(new GetLinkQuery(id)));
|
||||
@ -73,6 +76,7 @@ namespace Api.Controllers
|
||||
/// <param name="id"></param>
|
||||
/// <returns></returns>
|
||||
[HttpGet("{id}/comments")]
|
||||
[AllowAnonymous]
|
||||
public async Task<ActionResult<CommentDto[]>> Comments(Guid id)
|
||||
{
|
||||
return Ok(await _bus.Send(new GetLinkCommentsQuery(id)));
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using HN.Infrastructure;
|
||||
using HN.Infrastructure.Identity;
|
||||
@ -6,11 +7,14 @@ using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Hosting;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.AspNetCore.Mvc.Authorization;
|
||||
using Microsoft.AspNetCore.Routing;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using NSwag;
|
||||
using NSwag.Generation.Processors.Security;
|
||||
|
||||
namespace Api
|
||||
{
|
||||
@ -62,13 +66,41 @@ namespace Api
|
||||
o.TokenValidationParameters = tokenParams;
|
||||
});
|
||||
|
||||
services.AddControllers();
|
||||
services.AddControllers(o =>
|
||||
{
|
||||
o.Filters.Add(new AuthorizeFilter());
|
||||
});
|
||||
|
||||
services.AddSwaggerDocument(d =>
|
||||
{
|
||||
// cf. https://github.com/RicoSuter/NSwag/wiki/AspNetCore-Middleware#enable-authentication-in-generator-and-swagger-ui
|
||||
|
||||
// Ajoute un type de sécurité à tout le document
|
||||
d.AddSecurity("JWT", Enumerable.Empty<string>(), new OpenApiSecurityScheme()
|
||||
{
|
||||
Type = OpenApiSecuritySchemeType.ApiKey,
|
||||
Name = "Authorization",
|
||||
In = OpenApiSecurityApiKeyLocation.Header,
|
||||
Description = "Type into the textbox: Bearer {your JWT token}."
|
||||
});
|
||||
|
||||
// d.DocumentProcessors.Add(new SecurityDefinitionAppender("JWT", new OpenApiSecurityScheme
|
||||
// {
|
||||
// Type = OpenApiSecuritySchemeType.ApiKey,
|
||||
// Name = "Authorization",
|
||||
// In = OpenApiSecurityApiKeyLocation.Header,
|
||||
// Description = "Type into the textbox: Bearer {your JWT token}."
|
||||
// }));
|
||||
|
||||
// Permet la génération des info de sécurité par réflexion (attribut Authorize)
|
||||
// Fonctionne mal avec les filtres par défaut ...
|
||||
d.OperationProcessors.Add(new AspNetCoreOperationSecurityScopeProcessor("JWT"));
|
||||
|
||||
d.PostProcess = od =>
|
||||
{
|
||||
od.Info.Title = "Hacker news like API in .Net";
|
||||
};
|
||||
|
||||
d.SchemaType = NJsonSchema.SchemaType.OpenApi3;
|
||||
});
|
||||
}
|
||||
|
||||
@ -6,27 +6,6 @@
|
||||
"version": "1.0.0"
|
||||
},
|
||||
"paths": {
|
||||
"/api/accounts": {
|
||||
"get": {
|
||||
"tags": [
|
||||
"Accounts"
|
||||
],
|
||||
"operationId": "Accounts_GetUsers",
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "",
|
||||
"content": {
|
||||
"application/octet-stream": {
|
||||
"schema": {
|
||||
"type": "string",
|
||||
"format": "binary"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/api/accounts/login": {
|
||||
"post": {
|
||||
"tags": [
|
||||
@ -421,6 +400,19 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"securitySchemes": {
|
||||
"JWT": {
|
||||
"type": "apiKey",
|
||||
"description": "Type into the textbox: Bearer {your JWT token}.",
|
||||
"name": "Authorization",
|
||||
"in": "header"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"security": [
|
||||
{
|
||||
"JWT": []
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user