Add authorization.

3 files changed, 49 insertions, 77 deletions

diff --git a/Timeline/Controllers/SampleDataController.cs b/Timeline/Controllers/SampleDataController.cs
deleted file mode 100644
index 04e7f127..00000000
--- a/Timeline/Controllers/SampleDataController.cs
+++ /dev/null
@@ -1,46 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc;
-
-namespace Timeline.Controllers
-{
-    [Route("api/[controller]")]
-    public class SampleDataController : Controller
-    {
-        private static string[] Summaries = new[]
-        {
-            "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
-        };
-
-        [HttpGet("[action]")]
-        [Authorize]
-        public IEnumerable<WeatherForecast> WeatherForecasts()
-        {
-            var rng = new Random();
-            return Enumerable.Range(1, 5).Select(index => new WeatherForecast
-            {
-                DateFormatted = DateTime.Now.AddDays(index).ToString("d"),
-                TemperatureC = rng.Next(-20, 55),
-                Summary = Summaries[rng.Next(Summaries.Length)]
-            });
-        }
-
-        public class WeatherForecast
-        {
-            public string DateFormatted { get; set; }
-            public int TemperatureC { get; set; }
-            public string Summary { get; set; }
-
-            public int TemperatureF
-            {
-                get
-                {
-                    return 32 + (int)(TemperatureC / 0.5556);
-                }
-            }
-        }
-    }
-}
diff --git a/Timeline/Controllers/TestController.cs b/Timeline/Controllers/TestController.cs
new file mode 100644
index 00000000..1563830c
--- /dev/null
+++ b/Timeline/Controllers/TestController.cs
@@ -0,0 +1,34 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Timeline.Controllers
+{
+    [Route("api/[controller]")]
+    public class TestController : Controller
+    {
+        [HttpGet("[action]")]
+        [Authorize]
+        public string Action1()
+        {
+            return "test";
+        }
+
+        [HttpGet("[action]")]
+        [Authorize(Roles = "User,Admin")]
+        public string Action2()
+        {
+            return "test";
+        }
+
+        [HttpGet("[action]")]
+        [Authorize(Roles = "Admin")]
+        public string Action3()
+        {
+            return "test";
+        }
+    }
+}
diff --git a/Timeline/Controllers/UserController.cs b/Timeline/Controllers/UserController.cs
index 08f9a66a..9d6970e7 100644
--- a/Timeline/Controllers/UserController.cs
+++ b/Timeline/Controllers/UserController.cs
@@ -1,15 +1,6 @@
-using System;
-using System.IdentityModel.Tokens.Jwt;
-using System.Linq;
-using System.Security.Claims;
-using System.Text;
 using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
-using Microsoft.IdentityModel.Tokens;
-using Timeline.Configs;
 using Timeline.Services;
 
 namespace Timeline.Controllers
@@ -29,20 +20,26 @@ namespace Timeline.Controllers
             public string Password { get; set; }
         }
 
-        private readonly IOptionsMonitor<JwtConfig> _jwtConfig;
+        public class LoginInfo
+        {
+            public string Token { get; set; }
+            public string[] Roles { get; set; }
+        }
+
         private readonly IUserService _userService;
+        private readonly IJwtService _jwtService;
         private readonly ILogger<UserController> _logger;
 
-        public UserController(IOptionsMonitor<JwtConfig> jwtConfig, IUserService userService, ILogger<UserController> logger)
+        public UserController(IUserService userService, IJwtService jwtService, ILogger<UserController> logger)
         {
-            _jwtConfig = jwtConfig;
             _userService = userService;
+            _jwtService = jwtService;
             _logger = logger;
         }
 
         [HttpPost("[action]")]
         [AllowAnonymous]
-        public IActionResult LogIn([FromBody] UserCredentials credentials)
+        public ActionResult<LoginInfo> LogIn([FromBody] UserCredentials credentials)
         {
             var user = _userService.Authenticate(credentials.Username, credentials.Password);
 
@@ -51,28 +48,15 @@ namespace Timeline.Controllers
                 return BadRequest();
             }
 
-            _logger.LogInformation(LoggingEventIds.LogInSucceeded, "Login with username: {} succeeded.");
+            _logger.LogInformation(LoggingEventIds.LogInSucceeded, "Login with username: {} succeeded.", credentials.Username);
 
-            var jwtConfig = _jwtConfig.CurrentValue;
-
-            var handler = new JwtSecurityTokenHandler();
-            var tokenDescriptor = new SecurityTokenDescriptor()
+            var result = new LoginInfo
             {
-                Subject = new ClaimsIdentity(new Claim[]{ new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()) }),
-                Issuer = jwtConfig.Issuer,
-                Audience = jwtConfig.Audience,
-                SigningCredentials = new SigningCredentials(
-                    new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtConfig.SigningKey)), SecurityAlgorithms.HmacSha384),
-                IssuedAt = DateTime.Now,
-                Expires = DateTime.Now.AddDays(1)
+                Token = _jwtService.GenerateJwtToken(user),
+                Roles = user.Roles
             };
 
-            var token = handler.CreateToken(tokenDescriptor);
-            var tokenString = handler.WriteToken(token);
-
-            Response.Headers.Append("Authorization", "Bearer " + tokenString);
-
-            return Ok();
+            return Ok(result);
         }
     }
 }