Merge pull request #3 from Svetloslav15/snovoselski/add-authentication-to-endpoints

feat(auth): add authentication

Author: Svetloslav15

NorthwindCRUD/Controllers/AuthController.cs

@@ -0,0 +1,93 @@
+namespace NorthwindCRUD.Controllers
+{
+    using AutoMapper;
+    using Microsoft.AspNetCore.Authorization;
+    using Microsoft.AspNetCore.Mvc;
+    using NorthwindCRUD.Models.DbModels;
+    using NorthwindCRUD.Models.InputModels;
+    using NorthwindCRUD.Services;
+
+    [ApiController]
+    [Route("[controller]")]
+    public class AuthController : Controller
+    {
+        private readonly IConfiguration configuration;
+        private readonly AuthService authService;
+        private readonly IMapper mapper;
+        private readonly ILogger logger;
+        
+        public AuthController(IConfiguration configuration, AuthService authService, IMapper mapper, ILogger logger)
+        {
+            this.configuration = configuration;
+            this.authService = authService;
+            this.mapper = mapper;
+            this.logger = logger;
+        }
+
+        [AllowAnonymous]
+        [HttpPost("Login")]
+        public ActionResult<string> Login(LoginInputModel userModel)
+        {
+            try
+            {
+                if (ModelState.IsValid)
+                {
+                    if (this.authService.IsAuthenticated(userModel.Email, userModel.Password))
+                    {
+                        var token = this.authService.GenerateJwtToken(userModel.Email);
+
+                        return Ok(token);
+                    }
+                    return BadRequest("Email or password are not correct!");
+                }
+
+                return BadRequest(ModelState);
+            }
+            catch (Exception error)
+            {
+                logger.LogError(error.Message);
+                return StatusCode(500);
+            }
+        }
+
+        [AllowAnonymous]
+        [HttpPost("Register")]
+        public ActionResult<string> Register(RegisterInputModel userModel)
+        {
+            try
+            {
+                if (ModelState.IsValid)
+                {
+                    if (userModel.Password != userModel.ConfirmedPassword)
+                    {
+                        return BadRequest("Passwords does not match!");
+                    }
+
+                    if (this.authService.DoesUserExists(userModel.Email))
+                    {
+                        return BadRequest("User does not exists!");
+                    }
+
+                    var mappedModel = this.mapper.Map<RegisterInputModel, UserDb>(userModel);
+                    var user = this.authService.RegisterUser(mappedModel);
+
+                    if (user != null)
+                    {
+                        var token = this.authService.GenerateJwtToken(user.Email);
+                        return Ok(token);
+
+                    }
+
+                    return BadRequest("Email or password are not correct!");
+                }
+
+                return BadRequest(ModelState);
+            }
+            catch (Exception error)
+            {
+                logger.LogError(error.Message);
+                return StatusCode(500);
+            }
+        }
+    }
+}

NorthwindCRUD/Controllers/CategoryController.cs

@@ -1,6 +1,7 @@
 namespace NorthwindCRUD.Controllers
 {
     using AutoMapper;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using NorthwindCRUD.Models.DbModels;
     using NorthwindCRUD.Models.InputModels;
@@ -22,6 +23,7 @@ public CategoryController(CategoryService categoryService, IMapper mapper, ILogg
         }
 
         [HttpGet]
+        [Authorize]
         public ActionResult<CategoryInputModel[]> GetAll()
         {
             try
@@ -38,6 +40,7 @@ public ActionResult<CategoryInputModel[]> GetAll()
         }
 
         [HttpGet("{id}")]
+        [Authorize]
         public ActionResult<CategoryInputModel> GetById(int id)
         {
             try
@@ -59,6 +62,7 @@ public ActionResult<CategoryInputModel> GetById(int id)
         }
 
         [HttpPost]
+        [Authorize]
         public ActionResult<CategoryInputModel> Create(CategoryInputModel model)
         {
             try
@@ -80,6 +84,7 @@ public ActionResult<CategoryInputModel> Create(CategoryInputModel model)
         }
 
         [HttpPut]
+        [Authorize]
         public ActionResult<CategoryInputModel> Update(CategoryInputModel model)
         {
             try
@@ -101,6 +106,7 @@ public ActionResult<CategoryInputModel> Update(CategoryInputModel model)
         }
 
         [HttpDelete("{id}")]
+        [Authorize]
         public ActionResult<CategoryInputModel> Delete(int id)
         {
             try

NorthwindCRUD/Controllers/CustomerController.cs

@@ -1,6 +1,7 @@
 namespace NorthwindCRUD.Controllers
 {
     using AutoMapper;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using NorthwindCRUD.Models.DbModels;
     using NorthwindCRUD.Models.InputModels;
@@ -22,6 +23,7 @@ public CustomerController(CustomerService customerService, IMapper mapper, ILogg
         }
 
         [HttpGet]
+        [Authorize]
         public ActionResult<CustomerInputModel[]> GetAll()
         {
             try
@@ -37,6 +39,7 @@ public ActionResult<CustomerInputModel[]> GetAll()
         }
 
         [HttpGet("{id}")]
+        [Authorize]
         public ActionResult<CustomerInputModel> GetById(string id)
         {
             try
@@ -58,6 +61,7 @@ public ActionResult<CustomerInputModel> GetById(string id)
         }
 
         [HttpPost]
+        [Authorize]
         public ActionResult<CustomerInputModel> Create(CustomerInputModel model)
         {
             try
@@ -79,6 +83,7 @@ public ActionResult<CustomerInputModel> Create(CustomerInputModel model)
         }
 
         [HttpPut]
+        [Authorize]
         public ActionResult<CustomerInputModel> Update(CustomerInputModel model)
         {
             try
@@ -100,6 +105,7 @@ public ActionResult<CustomerInputModel> Update(CustomerInputModel model)
         }
 
         [HttpDelete("{id}")]
+        [Authorize]
         public ActionResult<CustomerInputModel> Delete(string id)
         {
             try

NorthwindCRUD/Controllers/EmployeeController.cs

@@ -1,6 +1,7 @@
 namespace NorthwindCRUD.Controllers
 {
     using AutoMapper;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using NorthwindCRUD.Models.DbModels;
     using NorthwindCRUD.Models.InputModels;
@@ -22,6 +23,7 @@ public EmployeeController(EmployeeService employeeService, IMapper mapper, ILogg
         }
 
         [HttpGet]
+        [Authorize]
         public ActionResult<EmployeeInputModel[]> GetAll()
         {
             try
@@ -37,6 +39,7 @@ public ActionResult<EmployeeInputModel[]> GetAll()
         }
 
         [HttpGet("{id}")]
+        [Authorize]
         public ActionResult<EmployeeInputModel> GetById(int id)
         {
             try
@@ -58,6 +61,7 @@ public ActionResult<EmployeeInputModel> GetById(int id)
         }
 
         [HttpPost]
+        [Authorize]
         public ActionResult<EmployeeInputModel> Create(EmployeeInputModel model)
         {
             try
@@ -79,6 +83,7 @@ public ActionResult<EmployeeInputModel> Create(EmployeeInputModel model)
         }
 
         [HttpPut]
+        [Authorize]
         public ActionResult<EmployeeInputModel> Update(EmployeeInputModel model)
         {
             try
@@ -100,6 +105,7 @@ public ActionResult<EmployeeInputModel> Update(EmployeeInputModel model)
         }
 
         [HttpDelete("{id}")]
+        [Authorize]
         public ActionResult<EmployeeInputModel> Delete(int id)
         {
             try

NorthwindCRUD/Controllers/OrderController.cs

@@ -1,6 +1,7 @@
 namespace NorthwindCRUD.Controllers
 {
     using AutoMapper;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using NorthwindCRUD.Models.DbModels;
     using NorthwindCRUD.Models.InputModels;
@@ -22,6 +23,7 @@ public OrderController(OrderService orderService, IMapper mapper, ILogger logger
         }
 
         [HttpGet]
+        [Authorize]
         public ActionResult<OrderInputModel[]> GetAll()
         {
             try
@@ -37,6 +39,7 @@ public ActionResult<OrderInputModel[]> GetAll()
         }
 
         [HttpGet("{id}")]
+        [Authorize]
         public ActionResult<OrderInputModel> GetById(int id)
         {
             try
@@ -58,6 +61,7 @@ public ActionResult<OrderInputModel> GetById(int id)
         }
 
         [HttpPost]
+        [Authorize]
         public ActionResult<OrderInputModel> Create(OrderInputModel model)
         {
             try
@@ -79,6 +83,7 @@ public ActionResult<OrderInputModel> Create(OrderInputModel model)
         }
 
         [HttpPut]
+        [Authorize]
         public ActionResult<OrderInputModel> Update(OrderInputModel model)
         {
             try
@@ -100,6 +105,7 @@ public ActionResult<OrderInputModel> Update(OrderInputModel model)
         }
 
         [HttpDelete("{id}")]
+        [Authorize]
         public ActionResult<OrderInputModel> Delete(int id)
         {
             try

NorthwindCRUD/DataContext.cs

@@ -16,6 +16,7 @@ public DataContext(DbContextOptions options) : base(options)
         public DbSet<CustomerDb> Customers { get; set; }
         public DbSet<EmployeeDb> Employees { get; set; }
         public DbSet<OrderDb> Orders { get; set; }
+        public DbSet<UserDb> Users { get; set; }
 
         protected override void OnModelCreating(ModelBuilder modelBuilder)
         {

NorthwindCRUD/Helpers/MappingProfiles.cs

@@ -13,6 +13,8 @@ public MappingProfiles()
             CreateMap<EmployeeInputModel, EmployeeDb>().ReverseMap();
             CreateMap<OrderInputModel, OrderDb>().ReverseMap();
             CreateMap<AddressInputModel, AddressDb>().ReverseMap();
+            CreateMap<LoginInputModel, UserDb>().ReverseMap();
+            CreateMap<RegisterInputModel, UserDb>().ReverseMap();
         }
     }
 }