Skip to content

Adding Role validation #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Adding Role validation #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,4 +39,6 @@ typings

# .NET compiled files
bin
obj
obj
.vs
/Properties/launchSettings.json
19 changes: 18 additions & 1 deletion Authorization/AuthorizeAttribute.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,22 @@
namespace WebApi.Authorization;

using Entities;

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using WebApi.Entities;

using System.Linq;

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class AuthorizeAttribute : Attribute, IAuthorizationFilter
{
public AuthorizeAttribute(params Role[] roles)
{
Roles = roles;
}

protected Role[] Roles { get; set; }

public void OnAuthorization(AuthorizationFilterContext context)
{
// skip authorization if action is decorated with [AllowAnonymous] attribute
Expand All @@ -20,6 +30,13 @@ public void OnAuthorization(AuthorizationFilterContext context)
{
// not logged in or role not authorized
context.Result = new JsonResult(new { message = "Unauthorized" }) { StatusCode = StatusCodes.Status401Unauthorized };
return;
}

if (context.ActionDescriptor.EndpointMetadata
.OfType<AuthorizeAttribute>()
.Any(r => r.Roles.Any(role => role == user.Role))) return;

context.Result = new JsonResult(new { message = "Unauthorized" }) { StatusCode = StatusCodes.Status401Unauthorized };
}
}
17 changes: 14 additions & 3 deletions Controllers/UsersController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
namespace WebApi.Controllers;
using Microsoft.AspNetCore.Mvc;

using Microsoft.AspNetCore.Mvc;
using WebApi.Authorization;
using WebApi.Entities;
using WebApi.Models;
using WebApi.Services;

namespace WebApi.Controllers;

[ApiController]
[Authorize]
[Route("[controller]")]
public class UsersController : ControllerBase
{
Expand All @@ -29,10 +30,20 @@ public IActionResult Authenticate(AuthenticateRequest model)
return Ok(response);
}

[Authorize(Role.User)]
[HttpGet]
public IActionResult GetAll()
{
var users = _userService.GetAll();
return Ok(users);
}

[Authorize(Role.Admin)]
[HttpGet("{id}")]
public IActionResult GetById([FromRoute] int id)
{
var user = _userService.GetById(id);

return Ok(user);
}
}
7 changes: 7 additions & 0 deletions Entities/Role.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
namespace WebApi.Entities;

public enum Role
{
Admin,
User
}
1 change: 1 addition & 0 deletions Entities/User.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ public class User
public string? FirstName { get; set; }
public string? LastName { get; set; }
public string? Username { get; set; }
public Role Role { get; set; }

[JsonIgnore]
public string? Password { get; set; }
Expand Down
10 changes: 6 additions & 4 deletions Services/UserService.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
namespace WebApi.Services;

using WebApi.Authorization;
using WebApi.Entities;
using WebApi.Models;

namespace WebApi.Services;
public interface IUserService
{
AuthenticateResponse? Authenticate(AuthenticateRequest model);
Expand All @@ -14,9 +13,12 @@ public interface IUserService
public class UserService : IUserService
{
// users hardcoded for simplicity, store in a db with hashed passwords in production applications
private List<User> _users = new List<User>
private readonly List<User> _users = new()
{
new User { Id = 1, FirstName = "Test", LastName = "User", Username = "test", Password = "test" }
new User
{
Id = 1, FirstName = "Test", LastName = "User", Username = "test", Password = "test", Role = Role.Admin
}
};

private readonly IJwtUtils _jwtUtils;
Expand Down
25 changes: 25 additions & 0 deletions WebApi.sln
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 17
VisualStudioVersion = 17.7.34031.279
MinimumVisualStudioVersion = 10.0.40219.1
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WebApi", "WebApi.csproj", "{4B1DDEAD-799C-4D84-9276-E4489CEAF103}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{4B1DDEAD-799C-4D84-9276-E4489CEAF103}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{4B1DDEAD-799C-4D84-9276-E4489CEAF103}.Debug|Any CPU.Build.0 = Debug|Any CPU
{4B1DDEAD-799C-4D84-9276-E4489CEAF103}.Release|Any CPU.ActiveCfg = Release|Any CPU
{4B1DDEAD-799C-4D84-9276-E4489CEAF103}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {34C316C6-24EF-4765-8F2B-4309F33B2791}
EndGlobalSection
EndGlobal