add auth

Author: TranHuyThang9999

Controllers/AuthController.cs

@@ -0,0 +1,35 @@
+using MediatR;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using PaymentCoreServiceApi.Features.Auth;
+using PaymentCoreServiceApi.Features.Auth.Commands;
+
+namespace PaymentCoreServiceApi.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+[Authorize] // Yêu cầu authentication mặc định cho controller
+public class AuthController : ControllerBase
+{
+    private readonly IMediator _mediator;
+
+    public AuthController(IMediator mediator)
+    {
+        _mediator = mediator;
+    }
+
+    [HttpPost("login")]
+    [AllowAnonymous]
+    public async Task<ActionResult<LoginResponse>> Login([FromBody] LoginCommand command)
+    {
+        try
+        {
+            var response = await _mediator.Send(command);
+            return Ok(response);
+        }
+        catch (UnauthorizedAccessException)
+        {
+            return Unauthorized();
+        }
+    }
+}

Controllers/UsersController.cs

@@ -1,12 +1,13 @@
 using MediatR;
-using Microsoft.AspNetCore.Http.HttpResults;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using PaymentCoreServiceApi.Features.Users.Commands;
 
 namespace PaymentCoreServiceApi.Controllers;
 
 [ApiController]
 [Route("api/[controller]")]
+[Authorize] // Yêu cầu authentication cho tất cả các endpoints trong controller
 public class UsersController : ControllerBase
 {
     private readonly IMediator _mediator;
@@ -17,6 +18,7 @@ public UsersController(IMediator mediator)
     }
 
     [HttpPost]
+    [AllowAnonymous] // Cho phép tạo user mà không cần authentication
     public async Task<IActionResult> Create([FromBody] CreateUserCommand command)
     {
         var user = await _mediator.Send(command);

Features/Auth/Commands/LoginCommand.cs

@@ -0,0 +1,9 @@
+using MediatR;
+
+namespace PaymentCoreServiceApi.Features.Auth.Commands;
+
+public record LoginCommand : IRequest<LoginResponse>
+{
+    public string UserName { get; init; } = default!;
+    public string Password { get; init; } = default!;
+}

Features/Auth/Commands/LoginCommandHandler.cs

@@ -0,0 +1,37 @@
+using MediatR;
+using Microsoft.EntityFrameworkCore;
+using PaymentCoreServiceApi.Infrastructure.DbContexts;
+
+namespace PaymentCoreServiceApi.Features.Auth.Commands;
+
+public class LoginCommandHandler : IRequestHandler<LoginCommand, LoginResponse>
+{
+    private readonly AppDbContext _context;
+    private readonly IJwtService _jwtService;
+
+    public LoginCommandHandler(AppDbContext context, IJwtService jwtService)
+    {
+        _context = context;
+        _jwtService = jwtService;
+    }
+
+    public async Task<LoginResponse> Handle(LoginCommand request, CancellationToken cancellationToken)
+    {
+        var user = await _context.Users
+            .FirstOrDefaultAsync(u => u.UserName == request.UserName, cancellationToken);
+
+        if (user == null || user.Password != request.Password) // In production, use proper password hashing
+        {
+            throw new UnauthorizedAccessException("Invalid username or password");
+        }
+
+        var token = _jwtService.GenerateToken(user);
+        
+        return new LoginResponse
+        {
+            Token = token,
+            RefreshToken = "", // Implement refresh token if needed
+            Expiration = DateTime.Now.AddHours(1)
+        };
+    }
+}

Features/Auth/JwtService.cs

@@ -0,0 +1,72 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using Microsoft.IdentityModel.Tokens;
+using PaymentCoreServiceApi.Core.Entities.UserAgents;
+
+namespace PaymentCoreServiceApi.Features.Auth;
+
+public interface IJwtService
+{
+    string GenerateToken(User user);
+    ClaimsPrincipal? ValidateToken(string token);
+}
+
+public class JwtService : IJwtService
+{
+    private readonly IConfiguration _configuration;
+
+    public JwtService(IConfiguration configuration)
+    {
+        _configuration = configuration;
+    }
+
+    public string GenerateToken(User user)
+    {
+        var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"]!));
+        var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+
+        var claims = new[]
+        {
+            new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
+            new Claim(ClaimTypes.Name, user.UserName),
+            new Claim(ClaimTypes.Email, user.Email),
+        };
+
+        var token = new JwtSecurityToken(
+            issuer: _configuration["Jwt:Issuer"],
+            audience: _configuration["Jwt:Audience"],
+            claims: claims,
+            expires: DateTime.Now.AddHours(1),
+            signingCredentials: credentials
+        );
+
+        return new JwtSecurityTokenHandler().WriteToken(token);
+    }
+
+    public ClaimsPrincipal? ValidateToken(string token)
+    {
+        try
+        {
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var key = Encoding.UTF8.GetBytes(_configuration["Jwt:Key"]!);
+            
+            var validationParameters = new TokenValidationParameters
+            {
+                ValidateIssuerSigningKey = true,
+                IssuerSigningKey = new SymmetricSecurityKey(key),
+                ValidateIssuer = true,
+                ValidateAudience = true,
+                ValidIssuer = _configuration["Jwt:Issuer"],
+                ValidAudience = _configuration["Jwt:Audience"],
+                ClockSkew = TimeSpan.Zero
+            };
+
+            return tokenHandler.ValidateToken(token, validationParameters, out _);
+        }
+        catch
+        {
+            return null;
+        }
+    }
+}

Features/Auth/LoginModels.cs

@@ -0,0 +1,14 @@
+namespace PaymentCoreServiceApi.Features.Auth;
+
+public class LoginRequest
+{
+    public string UserName { get; set; } = default!;
+    public string Password { get; set; } = default!;
+}
+
+public class LoginResponse
+{
+    public string Token { get; set; } = default!;
+    public string RefreshToken { get; set; } = default!;
+    public DateTime Expiration { get; set; }
+}

Infrastructure/Extensions/ServiceCollectionExtensions.cs

@@ -1,6 +1,12 @@
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.IdentityModel.Tokens;
 using PaymentCoreServiceApi.Core.Interfaces.Repositories.Write;
+using PaymentCoreServiceApi.Features.Auth;
 using PaymentCoreServiceApi.Infrastructure.Repositories.Write;
+using PaymentCoreServiceApi.Middlewares;
 
 namespace PaymentCoreServiceApi.Infrastructure.Extensions;
 
@@ -16,4 +22,30 @@ public static IServiceCollection AddRepositories(this IServiceCollection service
 
         return services;
     }
+
+    public static IServiceCollection AddJwtAuthentication(this IServiceCollection services, IConfiguration configuration)
+    {
+        // Register JWT Services
+        services.AddScoped<IJwtService, JwtService>();
+        services.AddScoped<JwtMiddleware>();
+
+        // Configure JWT Authentication
+        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+            .AddJwtBearer(options =>
+            {
+                options.TokenValidationParameters = new TokenValidationParameters
+                {
+                    ValidateIssuer = true,
+                    ValidateAudience = true,
+                    ValidateLifetime = true,
+                    ValidateIssuerSigningKey = true,
+                    ValidIssuer = configuration["Jwt:Issuer"],
+                    ValidAudience = configuration["Jwt:Audience"],
+                    IssuerSigningKey = new SymmetricSecurityKey(
+                        Encoding.UTF8.GetBytes(configuration["Jwt:Key"]!))
+                };
+            });
+
+        return services;
+    }
 }

Middlewares/JwtMiddleware.cs

@@ -1,6 +1,29 @@
+using PaymentCoreServiceApi.Features.Auth;
+
 namespace PaymentCoreServiceApi.Middlewares;
 
-public class JwtMiddleware
+public class JwtMiddleware : IMiddleware
 {
-    
+    private readonly IJwtService _jwtService;
+
+    public JwtMiddleware(IJwtService jwtService)
+    {
+        _jwtService = jwtService;
+    }
+
+    public async Task InvokeAsync(HttpContext context, RequestDelegate next)
+    {
+        var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last();
+
+        if (token != null)
+        {
+            var principal = _jwtService.ValidateToken(token);
+            if (principal != null)
+            {
+                context.User = principal;
+            }
+        }
+
+        await next(context);
+    }
 }

PaymentCoreServiceApi.csproj

@@ -10,6 +10,7 @@
     <ItemGroup>
         <PackageReference Include="MediatR" Version="10.0.0" />
         <PackageReference Include="MediatR.Extensions.Microsoft.DependencyInjection" Version="9.0.0" />
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.0" />
         <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.17"/>
         <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.10">
           <PrivateAssets>all</PrivateAssets>

PaymentCoreServiceApi.sln.DotSettings.user

@@ -1,2 +1,3 @@
 <wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003AISender_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003F_002Econfig_003FJetBrains_003FRider2025_002E1_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003F7a397d32a96844da8ee820e6e5ea0b32ba00_003F69_003F49fe15d6_003FISender_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
 	<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003ATransaction_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003F_002Econfig_003FJetBrains_003FRider2025_002E1_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003F590d595e5943477d8c452e8479e9200356800_003F82_003F7d745caa_003FTransaction_002Ecs/@EntryIndexedValue">ForceIncluded</s:String></wpf:ResourceDictionary>