2024-10-03 20:14:04 +00:00
|
|
|
using System.ComponentModel.DataAnnotations;
|
|
|
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
|
|
|
using System.Security.Claims;
|
|
|
|
|
using System.Text;
|
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
using Microsoft.IdentityModel.Tokens;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace Simple_API.Controllers
|
|
|
|
|
{
|
|
|
|
|
|
2024-10-03 21:16:50 +00:00
|
|
|
[Route("Auth/")]
|
2024-10-03 20:14:04 +00:00
|
|
|
[ApiController]
|
|
|
|
|
public class Default(IConfiguration configuration) : ControllerBase
|
|
|
|
|
{
|
2024-10-03 21:16:50 +00:00
|
|
|
public static class UserRoles
|
|
|
|
|
{
|
|
|
|
|
public const string User = "User";
|
|
|
|
|
public const string Admin = "Admin";
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-03 20:14:04 +00:00
|
|
|
public class AuthPayload
|
|
|
|
|
{
|
|
|
|
|
[DataType(DataType.EmailAddress)]
|
|
|
|
|
[EmailAddress(ErrorMessage = "Invalid Email Address.")]
|
|
|
|
|
[Required(ErrorMessage = "Email address is required.")]
|
|
|
|
|
public string? Email { get; init; } = string.Empty;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[DataType(DataType.Password)]
|
|
|
|
|
[Required(ErrorMessage = "Password is required.")]
|
|
|
|
|
[RegularExpression(@"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$",
|
|
|
|
|
ErrorMessage = "Password must be at least 8 characters long and contain at least one uppercase letter,"
|
|
|
|
|
+ " one lowercase letter, one number, and one special character.")]
|
|
|
|
|
public string? Password { get; init; } = string.Empty;
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-03 21:16:50 +00:00
|
|
|
[HttpPut("Register")]
|
2024-10-03 20:14:04 +00:00
|
|
|
public IActionResult Register([FromBody] AuthPayload authPayload)
|
|
|
|
|
{
|
|
|
|
|
return Ok();
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-03 21:16:50 +00:00
|
|
|
[HttpPost("Login")]
|
2024-10-03 20:14:04 +00:00
|
|
|
public IActionResult Login([FromBody] AuthPayload authPayload)
|
|
|
|
|
{
|
|
|
|
|
// Here, you would typically validate the user's credentials against a database.
|
|
|
|
|
if (authPayload.Email == "test@example.com" && authPayload.Password == "Password123!")
|
|
|
|
|
{
|
|
|
|
|
var claims = new[]
|
|
|
|
|
{
|
|
|
|
|
new Claim(ClaimTypes.Email, authPayload.Email),
|
2024-10-03 21:16:50 +00:00
|
|
|
new Claim(ClaimTypes.Role, UserRoles.User),
|
2024-10-03 20:14:04 +00:00
|
|
|
new Claim(ClaimTypes.GivenName, "Test_ID"),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var configKey = configuration["Jwt:Key"];
|
|
|
|
|
|
|
|
|
|
if (string.IsNullOrEmpty(configKey))
|
|
|
|
|
{
|
|
|
|
|
return StatusCode(500);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configKey));
|
|
|
|
|
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
|
|
|
|
|
|
|
|
|
var token = new JwtSecurityToken(
|
|
|
|
|
issuer: configuration["Jwt:Issuer"],
|
|
|
|
|
audience: configuration["Jwt:Audience"],
|
|
|
|
|
claims: claims,
|
|
|
|
|
expires: DateTime.Now.AddMinutes(190),
|
|
|
|
|
signingCredentials: credentials);
|
|
|
|
|
|
|
|
|
|
return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) });
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Unauthorized();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-03 21:16:50 +00:00
|
|
|
[Route("Test/")]
|
2024-10-03 20:14:04 +00:00
|
|
|
[ApiController]
|
|
|
|
|
public class Test : ControllerBase
|
|
|
|
|
{
|
|
|
|
|
public class TestPayload
|
|
|
|
|
{
|
|
|
|
|
[Required(ErrorMessage = "Data field is required.")]
|
|
|
|
|
public string? Data { get; init; } = string.Empty;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private const string ProtocolOk = "Protocol tested successfully.";
|
|
|
|
|
|
|
|
|
|
// GET: test/get
|
2024-10-03 21:16:50 +00:00
|
|
|
[HttpGet("Get")]
|
2024-10-03 20:14:04 +00:00
|
|
|
public IActionResult TestGet()
|
|
|
|
|
{
|
|
|
|
|
return Ok($"GET: {ProtocolOk}");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// POST: test/post
|
2024-10-03 21:16:50 +00:00
|
|
|
[HttpPost("Post")]
|
2024-10-03 20:14:04 +00:00
|
|
|
public IActionResult TestPost([FromBody] TestPayload testPayload)
|
|
|
|
|
{
|
|
|
|
|
return Ok($"POST: {ProtocolOk} Received: {testPayload.Data}");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// PUT: test/put
|
2024-10-03 21:16:50 +00:00
|
|
|
[HttpPut("Put")]
|
2024-10-03 20:14:04 +00:00
|
|
|
public IActionResult TestPut([FromBody] TestPayload testPayload)
|
|
|
|
|
{
|
|
|
|
|
return Ok($"PUT: {ProtocolOk} Updated: {testPayload.Data}");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DELETE: test/delete
|
2024-10-03 21:16:50 +00:00
|
|
|
[Authorize]
|
|
|
|
|
[HttpDelete("Delete")]
|
2024-10-03 20:14:04 +00:00
|
|
|
public IActionResult TestDelete([FromBody] TestPayload testPayload)
|
|
|
|
|
{
|
|
|
|
|
return Ok($"DELETE: {ProtocolOk} Deleted: {testPayload.Data}");
|
|
|
|
|
}
|
2024-10-03 21:16:50 +00:00
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpGet("Protected")]
|
|
|
|
|
public IActionResult Protected()
|
|
|
|
|
{
|
|
|
|
|
return Ok("Successfully executed secured request.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Authorize(Roles = Default.UserRoles.User)]
|
|
|
|
|
[HttpGet("ProtectedUserOnly")]
|
|
|
|
|
public IActionResult ProtectedUserOnly()
|
|
|
|
|
{
|
|
|
|
|
return Ok("Successfully executed secured request. (User)");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Authorize(Roles = Default.UserRoles.Admin)]
|
|
|
|
|
[HttpGet("ProtectedAdminOnly")]
|
|
|
|
|
public IActionResult ProtectedAdminOnly()
|
|
|
|
|
{
|
|
|
|
|
return Ok("Successfully executed secured request. (Admin)");
|
|
|
|
|
}
|
2024-10-03 20:14:04 +00:00
|
|
|
}
|
|
|
|
|
}
|
