ok auth

Author: TranHuyThang9999

Controllers/ProjectController.cs

@@ -0,0 +1,106 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using PaymentCoreServiceApi.Services;
+
+namespace PaymentCoreServiceApi.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+[Authorize]
+public class ProjectController : ControllerBase
+{
+    private readonly ICurrentUser _currentUser;
+
+    public ProjectController(ICurrentUser currentUser)
+    {
+        _currentUser = currentUser;
+    }
+
+    [HttpGet("my-projects")]
+    public IActionResult GetUserProjects()
+    {
+        // Simulate getting projects for the current user
+        var userProjects = new[]
+        {
+            new {
+                Id = 1,
+                Name = "Project A",
+                OwnerId = _currentUser.Id,
+                OwnerName = _currentUser.UserName,
+                CreatedAt = DateTime.UtcNow.AddDays(-5)
+            },
+            new {
+                Id = 2,
+                Name = "Project B",
+                OwnerId = _currentUser.Id,
+                OwnerName = _currentUser.UserName,
+                CreatedAt = DateTime.UtcNow.AddDays(-2)
+            }
+        };
+
+        return Ok(new
+        {
+            UserId = _currentUser.Id,
+            UserEmail = _currentUser.Email,
+            Projects = userProjects
+        });
+    }
+
+    [HttpGet("{projectId}")]
+    public IActionResult GetProjectById(int projectId)
+    {
+        // Simulate getting a specific project with validation
+        if (!_currentUser.IsAuthenticated)
+        {
+            return Unauthorized();
+        }
+
+        // Simulate project data (in real app, this would come from a database)
+        var project = new
+        {
+            Id = projectId,
+            Name = $"Project {projectId}",
+            Description = "Project description here",
+            OwnerId = _currentUser.Id,
+            OwnerName = _currentUser.UserName,
+            OwnerEmail = _currentUser.Email,
+            CreatedAt = DateTime.UtcNow,
+            Status = "Active",
+            Members = new[]
+            {
+                new { Id = _currentUser.Id, Name = _currentUser.UserName, Role = "Owner" }
+            }
+        };
+
+        return Ok(project);
+    }
+
+    [HttpPost("create")]
+    public IActionResult CreateProject([FromBody] CreateProjectRequest request)
+    {
+        if (!ModelState.IsValid)
+        {
+            return BadRequest(ModelState);
+        }
+
+        // Simulate creating a new project
+        var newProject = new
+        {
+            Id = new Random().Next(100, 999), // Simulate generated ID
+            Name = request.Name,
+            Description = request.Description,
+            OwnerId = _currentUser.Id,
+            OwnerName = _currentUser.UserName,
+            CreatedAt = DateTime.UtcNow,
+            Status = "Active"
+        };
+
+        return CreatedAtAction(nameof(GetProjectById), new { projectId = newProject.Id }, newProject);
+    }
+}
+
+public class CreateProjectRequest
+{
+    public string Name { get; set; } = string.Empty;
+    public string Description { get; set; } = string.Empty;
+}

Controllers/TestController.cs

@@ -0,0 +1,48 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using PaymentCoreServiceApi.Services;
+
+namespace PaymentCoreServiceApi.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+[Authorize]
+public class TestController : ControllerBase
+{
+    private readonly ICurrentUser _currentUser;
+
+    public TestController(ICurrentUser currentUser)
+    {
+        _currentUser = currentUser;
+    }
+
+    [HttpGet("current-user")]
+    public IActionResult GetCurrentUserInfo()
+    {
+        var userInfo = new
+        {
+            UserId = _currentUser.Id,
+            Username = _currentUser.UserName,
+            Email = _currentUser.Email,
+            IsAuthenticated = _currentUser.IsAuthenticated
+        };
+
+        return Ok(userInfo);
+    }
+
+    [HttpGet("protected-resource")]
+    public IActionResult GetProtectedResource()
+    {
+        if (!_currentUser.IsAuthenticated)
+        {
+            return Unauthorized();
+        }
+
+        return Ok(new
+        {
+            Message = $"This is protected data for user: {_currentUser.UserName}",
+            UserId = _currentUser.Id,
+            Timestamp = DateTime.UtcNow
+        });
+    }
+}

Controllers/UsersController.cs

@@ -2,6 +2,7 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using PaymentCoreServiceApi.Features.Users.Commands;
+using PaymentCoreServiceApi.Features.Users.Queries;
 
 namespace PaymentCoreServiceApi.Controllers;
 
@@ -24,4 +25,11 @@ public async Task<IActionResult> Create([FromBody] CreateUserCommand command)
         var user = await _mediator.Send(command);
         return Ok(user);
     }
+
+    [HttpGet("profile")]
+    public async Task<IActionResult> GetProfile()
+    {
+        var profile = await _mediator.Send(new GetUserProfileQuery());
+        return Ok(profile);
+    }
 }

Features/Auth/Commands/LoginCommandHandler.cs

@@ -1,18 +1,25 @@
 using MediatR;
 using Microsoft.EntityFrameworkCore;
+using PaymentCoreServiceApi.Core.Interfaces.Repositories.Write;
 using PaymentCoreServiceApi.Infrastructure.DbContexts;
+using PaymentCoreServiceApi.Services;
 
 namespace PaymentCoreServiceApi.Features.Auth.Commands;
 
 public class LoginCommandHandler : IRequestHandler<LoginCommand, LoginResponse>
 {
     private readonly AppDbContext _context;
     private readonly IJwtService _jwtService;
+    private readonly ICurrentUser _currentUser;
 
-    public LoginCommandHandler(AppDbContext context, IJwtService jwtService)
+    public LoginCommandHandler(
+        AppDbContext context, 
+        IJwtService jwtService,
+        ICurrentUser currentUser)
     {
         _context = context;
         _jwtService = jwtService;
+        _currentUser = currentUser;
     }
 
     public async Task<LoginResponse> Handle(LoginCommand request, CancellationToken cancellationToken)

Features/Users/Queries/GetUserProfileQuery.cs

@@ -0,0 +1,59 @@
+using MediatR;
+using Microsoft.EntityFrameworkCore;
+using PaymentCoreServiceApi.Infrastructure.DbContexts;
+using PaymentCoreServiceApi.Services;
+
+namespace PaymentCoreServiceApi.Features.Users.Queries;
+
+public class GetUserProfileQuery : IRequest<UserProfileResponse>
+{
+    // Empty because we'll get the user ID from the current context
+}
+
+public class UserProfileResponse
+{
+    public string Id { get; set; } = string.Empty;
+    public string UserName { get; set; } = string.Empty;
+    public string Email { get; set; } = string.Empty;
+    public DateTime LastLogin { get; set; }
+    public int ProjectsCount { get; set; }
+}
+
+public class GetUserProfileQueryHandler : IRequestHandler<GetUserProfileQuery, UserProfileResponse>
+{
+    private readonly AppDbContext _context;
+    private readonly ICurrentUser _currentUser;
+
+    public GetUserProfileQueryHandler(
+        AppDbContext context,
+        ICurrentUser currentUser)
+    {
+        _context = context;
+        _currentUser = currentUser;
+    }
+
+    public async Task<UserProfileResponse> Handle(GetUserProfileQuery request, CancellationToken cancellationToken)
+    {
+        if (!_currentUser.IsAuthenticated)
+        {
+            throw new UnauthorizedAccessException("User is not authenticated");
+        }
+
+        var user = await _context.Users
+            .FirstOrDefaultAsync(u => u.Id.ToString() == _currentUser.Id, cancellationToken);
+
+        if (user == null)
+        {
+            throw new KeyNotFoundException($"User with ID {_currentUser.Id} not found");
+        }
+
+        return new UserProfileResponse
+        {
+            Id = user.Id.ToString(),
+            UserName = user.UserName,
+            Email = user.Email,
+            LastLogin = DateTime.UtcNow, // You might want to store this in the database
+            ProjectsCount = 0 // You can add a Projects table and count them here
+        };
+    }
+}

Infrastructure/Extensions/ServiceCollectionExtensions.cs

@@ -7,6 +7,7 @@
 using PaymentCoreServiceApi.Features.Auth;
 using PaymentCoreServiceApi.Infrastructure.Repositories.Write;
 using PaymentCoreServiceApi.Middlewares;
+using PaymentCoreServiceApi.Services;
 
 namespace PaymentCoreServiceApi.Infrastructure.Extensions;
 
@@ -23,6 +24,14 @@ public static IServiceCollection AddRepositories(this IServiceCollection service
         return services;
     }
 
+    public static IServiceCollection AddHttpContextServices(this IServiceCollection services)
+    {
+        services.AddHttpContextAccessor();
+        services.AddScoped<ICurrentUser, CurrentUser>();
+        
+        return services;
+    }
+
     public static IServiceCollection AddJwtAuthentication(this IServiceCollection services, IConfiguration configuration)
     {
         // Register JWT Services

Program.cs

@@ -24,7 +24,8 @@
 // Register Services
 builder.Services
     .AddRepositories()
-    .AddJwtAuthentication(builder.Configuration);
+    .AddJwtAuthentication(builder.Configuration)
+    .AddHttpContextServices();
 
 var app = builder.Build();
 

Project.http

@@ -0,0 +1,30 @@
+@host = http://localhost:5000
+@authToken = your-jwt-token-here
+
+### Login to get token
+# @name login
+POST {{host}}/api/auth/login
+Content-Type: application/json
+
+{
+    "email": "[email protected]",
+    "password": "your-password"
+}
+
+### Get All User's Projects
+GET {{host}}/api/project/my-projects
+Authorization: Bearer {{authToken}}
+
+### Get Specific Project by ID
+GET {{host}}/api/project/1
+Authorization: Bearer {{authToken}}
+
+### Create New Project
+POST {{host}}/api/project/create
+Authorization: Bearer {{authToken}}
+Content-Type: application/json
+
+{
+    "name": "New Test Project",
+    "description": "This is a test project created via API"
+}

Services/CurrentUser.cs

@@ -0,0 +1,27 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Http;
+
+namespace PaymentCoreServiceApi.Services;
+
+public interface ICurrentUser
+{
+    string? Id { get; }
+    string? UserName { get; }
+    string? Email { get; }
+    bool IsAuthenticated { get; }
+}
+
+public class CurrentUser : ICurrentUser
+{
+    private readonly IHttpContextAccessor _httpContextAccessor;
+
+    public CurrentUser(IHttpContextAccessor httpContextAccessor)
+    {
+        _httpContextAccessor = httpContextAccessor;
+    }
+
+    public string? Id => _httpContextAccessor.HttpContext?.User?.FindFirstValue(ClaimTypes.NameIdentifier);
+    public string? UserName => _httpContextAccessor.HttpContext?.User?.FindFirstValue(ClaimTypes.Name);
+    public string? Email => _httpContextAccessor.HttpContext?.User?.FindFirstValue(ClaimTypes.Email);
+    public bool IsAuthenticated => _httpContextAccessor.HttpContext?.User?.Identity?.IsAuthenticated ?? false;
+}

Test.http

@@ -0,0 +1,18 @@
+@host = http://localhost:5000
+
+### Login to get token
+POST {{host}}/api/auth/login
+Content-Type: application/json
+
+{
+    "email": "[email protected]",
+    "password": "your-password"
+}
+
+### Test Current User Info
+GET {{host}}/api/test/current-user
+Authorization: Bearer {{auth_token}}
+
+### Test Protected Resource
+GET {{host}}/api/test/protected-resource
+Authorization: Bearer {{auth_token}}