Add User auth

2025-08-23 03:38:36 +00:00 · 2023-03-17 08:44:37 +01:00 · 2023-03-17 08:44:37 +01:00 · b36aaff112
commit b36aaff112
parent 74d546f6c7
18 changed files with 221 additions and 19 deletions
--- a/CleanArchitecture.Api/CleanArchitecture.Api.csproj
+++ b/CleanArchitecture.Api/CleanArchitecture.Api.csproj
@ -3,9 +3,11 @@
    <PropertyGroup>
        <TargetFramework>net7.0</TargetFramework>
        <Nullable>enable</Nullable>
        <UserSecretsId>64377c40-44d6-4989-9662-5d778f8b3b92</UserSecretsId>
    </PropertyGroup>
    <ItemGroup>
        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.4" />
        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="7.0.4" />
        <PackageReference Include="Microsoft.EntityFrameworkCore.Proxies" Version="7.0.4" />
        <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0" />
--- a/CleanArchitecture.Api/Controllers/UserController.cs
+++ b/CleanArchitecture.Api/Controllers/UserController.cs
@ -4,6 +4,7 @@ using CleanArchitecture.Application.Interfaces;
 using CleanArchitecture.Application.ViewModels.Users;
 using CleanArchitecture.Domain.Notifications;
 using MediatR;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 namespace CleanArchitecture.Api.Controllers;
@ -21,13 +22,15 @@ public class UserController : ApiController
        _userService = userService;
    }
    [Authorize]
    [HttpGet]
    public async Task<IActionResult> GetAllUsersAsync()
    {
        var users = await _userService.GetAllUsersAsync();
        return Response(users);
    }
-    
+
    [Authorize]
    [HttpGet("{id}")]
    public async Task<IActionResult> GetUserByIdAsync(
        [FromRoute] Guid id,
@ -43,14 +46,16 @@ public class UserController : ApiController
        var userId = await _userService.CreateUserAsync(viewModel);
        return Response(userId);
    }
-    
+
    [Authorize]
    [HttpDelete("{id}")]
    public async Task<IActionResult> DeleteUserAsync([FromRoute] Guid id)
    {
        await _userService.DeleteUserAsync(id);
        return Response(id);
    }
-    
+
    [Authorize]
    [HttpPut]
    public async Task<IActionResult> UpdateUserAsync([FromBody] UpdateUserViewModel viewModel)
    {
--- a/CleanArchitecture.Api/Program.cs
+++ b/CleanArchitecture.Api/Program.cs
@ -1,12 +1,16 @@
 using System.IdentityModel.Tokens.Jwt;
 using System.Text;
 using CleanArchitecture.Application.Extensions;
 using CleanArchitecture.Domain.Extensions;
 using CleanArchitecture.gRPC;
 using CleanArchitecture.Infrastructure.Database;
 using CleanArchitecture.Infrastructure.Extensions;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.IdentityModel.Tokens;
 var builder = WebApplication.CreateBuilder(args);
@ -24,11 +28,23 @@ builder.Services.AddDbContext<ApplicationDbContext>(options =>
        b => b.MigrationsAssembly("CleanArchitecture.Infrastructure"));
 });
 builder.Services.AddAuthentication(
        options =>
        {
            options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
        })
    .AddJwtBearer(
        jwtOptions =>
        {
            jwtOptions.TokenValidationParameters = CreateTokenValidationParameters();
        });
 builder.Services.AddInfrastructure();
 builder.Services.AddQueryHandlers();
 builder.Services.AddServices();
 builder.Services.AddCommandHandlers();
 builder.Services.AddNotificationHandlers();
 builder.Services.AddApiUser();
 builder.Services.AddMediatR(cfg =>
 {
@ -42,6 +58,7 @@ app.UseSwaggerUI();
 app.UseHttpsRedirection();
 app.UseAuthentication();
 app.UseAuthorization();
 app.MapControllers();
@ -57,5 +74,24 @@ using (IServiceScope scope = app.Services.CreateScope())
 app.Run();
 TokenValidationParameters CreateTokenValidationParameters()
 {
    var result = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = builder.Configuration["Auth:Issuer"],
        ValidAudience = builder.Configuration["Auth:Audience"],
        IssuerSigningKey = new SymmetricSecurityKey(
                    Encoding.UTF8.GetBytes(
                        builder.Configuration["Auth:Secret"]!)),
        RequireSignedTokens = false
    };
    return result;
 }
 // Needed for integration tests webapplication factory
 public partial class Program { }
--- a/CleanArchitecture.Api/appsettings.Development.json
+++ b/CleanArchitecture.Api/appsettings.Development.json
@ -4,5 +4,13 @@
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "ConnectionStrings": {
    "DefaultConnection": "Server=localhost;Database=clean-architecture;Trusted_Connection=True;MultipleActiveResultSets=true;TrustServerCertificate=True"
  },
  "Auth": {
    "Issuer": "CleanArchitectureServer",
    "Audience": "CleanArchitectureClient",
    "Secret": "sD3v061gf8BxXgmxcHss"
  }
 }
--- a/CleanArchitecture.Api/appsettings.json
+++ b/CleanArchitecture.Api/appsettings.json
@ -8,5 +8,10 @@
  "AllowedHosts": "*",
  "ConnectionStrings": {
    "DefaultConnection": "Server=localhost;Database=clean-architecture;Trusted_Connection=True;MultipleActiveResultSets=true;TrustServerCertificate=True"
  },
  "Auth": {
    "Issuer": "CleanArchitectureServer",
    "Audience": "CleanArchitectureClient",
    "Secret": "sD3v061gf8BxXgmxcHss"
  }
 }
--- a/CleanArchitecture.Application/viewmodels/Users/CreateUserViewModel.cs
+++ b/CleanArchitecture.Application/viewmodels/Users/CreateUserViewModel.cs
@ -3,4 +3,5 @@ namespace CleanArchitecture.Application.ViewModels.Users;
 public sealed record CreateUserViewModel(
    string Email,
    string Surname,
-    string GivenName);
+    string GivenName,
    string Password);
--- a/CleanArchitecture.Application/viewmodels/Users/UserViewModel.cs
+++ b/CleanArchitecture.Application/viewmodels/Users/UserViewModel.cs
@ -1,5 +1,6 @@
 using System;
 using CleanArchitecture.Domain.Entities;
 using CleanArchitecture.Domain.Enums;
 namespace CleanArchitecture.Application.ViewModels.Users;
@ -9,6 +10,7 @@ public sealed class UserViewModel
    public string Email { get; set; } = string.Empty;
    public string GivenName { get; set; } = string.Empty;
    public string Surname { get; set; } = string.Empty;
    public UserRole Role { get; set; }
    public static UserViewModel FromUser(User user)
    {
@ -17,7 +19,8 @@ public sealed class UserViewModel
            Id = user.Id,
            Email = user.Email,
            GivenName = user.GivenName,
-            Surname = user.Surname
+            Surname = user.Surname,
            Role = user.Role
        };
    }
 }
--- a/CleanArchitecture.Domain/ApiUser.cs
+++ b/CleanArchitecture.Domain/ApiUser.cs
@ -0,0 +1,46 @@
 using System;
 using System.Linq;
 using System.Security.Claims;
 using CleanArchitecture.Domain.Enums;
 using CleanArchitecture.Domain.Interfaces;
 using Microsoft.AspNetCore.Http;
 namespace CleanArchitecture.Domain;
 public sealed class ApiUser : IUser
 {
    private readonly IHttpContextAccessor _httpContextAccessor;
    public ApiUser(IHttpContextAccessor httpContextAccessor)
    {
        _httpContextAccessor = httpContextAccessor;
    }
    public Guid GetUserId()
    {
        var claim = _httpContextAccessor.HttpContext?.User.Claims
            .FirstOrDefault(x => string.Equals(x.Type, ClaimTypes.NameIdentifier));
        if (Guid.TryParse(claim?.Value, out var userId))
        {
            return userId;
        }
        throw new ArgumentException("Could not parse user id to guid");
    }
    public UserRole GetUserRole()
    {
        var claim = _httpContextAccessor.HttpContext?.User.Claims
            .FirstOrDefault(x => string.Equals(x.Type, ClaimTypes.Role));
        if (Enum.TryParse(claim?.Value, out UserRole userRole))
        {
            return userRole;
        }
        throw new ArgumentException("Could not parse user role");
    }
    public string Name => _httpContextAccessor.HttpContext?.User.Identity?.Name ?? string.Empty;
 }
--- a/CleanArchitecture.Domain/CleanArchitecture.Domain.csproj
+++ b/CleanArchitecture.Domain/CleanArchitecture.Domain.csproj
@ -6,8 +6,10 @@
    </PropertyGroup>
    <ItemGroup>
      <PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
      <PackageReference Include="FluentValidation" Version="11.5.1" />
      <PackageReference Include="MediatR" Version="12.0.1" />
      <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
    </ItemGroup>
 </Project>
--- a/CleanArchitecture.Domain/Commands/Users/CreateUser/CreateUserCommand.cs
+++ b/CleanArchitecture.Domain/Commands/Users/CreateUser/CreateUserCommand.cs
@ -10,17 +10,20 @@ public sealed class CreateUserCommand : CommandBase
    public string Email { get; }
    public string Surname { get; }
    public string GivenName { get; }
-    
+    public string Password { get; }
    public CreateUserCommand(
        Guid userId,
        string email,
        string surname,
-        string givenName) : base(userId)
+        string givenName,
        string password) : base(userId)
    {
        UserId = userId;
        Email = email;
        Surname = surname;
        GivenName = givenName;
        Password = password;
    }
    public override bool IsValid()
--- a/CleanArchitecture.Domain/Commands/Users/CreateUser/CreateUserCommandHandler.cs
+++ b/CleanArchitecture.Domain/Commands/Users/CreateUser/CreateUserCommandHandler.cs
@ -1,12 +1,14 @@
 using System.Threading;
 using System.Threading.Tasks;
 using CleanArchitecture.Domain.Entities;
 using CleanArchitecture.Domain.Enums;
 using CleanArchitecture.Domain.Errors;
 using CleanArchitecture.Domain.Events.User;
 using CleanArchitecture.Domain.Interfaces;
 using CleanArchitecture.Domain.Interfaces.Repositories;
 using CleanArchitecture.Domain.Notifications;
 using MediatR;
 using BC = BCrypt.Net.BCrypt;
 namespace CleanArchitecture.Domain.Commands.Users.CreateUser;
@ -43,11 +45,15 @@ public sealed class CreateUserCommandHandler : CommandHandlerBase,
            return;
        }
        var passwordHash = BC.HashPassword(request.Password);
        var user = new User(
            request.UserId, 
            request.Email,
            request.Surname,
-            request.GivenName);
+            request.GivenName,
            passwordHash,
            UserRole.User);
        _userRepository.Add(user);
--- a/CleanArchitecture.Domain/Commands/Users/DeleteUser/DeleteUserCommandHandler.cs
+++ b/CleanArchitecture.Domain/Commands/Users/DeleteUser/DeleteUserCommandHandler.cs
@ -1,5 +1,6 @@
 using System.Threading;
 using System.Threading.Tasks;
 using CleanArchitecture.Domain.Enums;
 using CleanArchitecture.Domain.Errors;
 using CleanArchitecture.Domain.Events.User;
 using CleanArchitecture.Domain.Interfaces;
@ -13,14 +14,17 @@ public sealed class DeleteUserCommandHandler : CommandHandlerBase,
    IRequestHandler<DeleteUserCommand>
 {
    private readonly IUserRepository _userRepository;
-    
+    private readonly IUser _user;
    public DeleteUserCommandHandler(
        IMediatorHandler bus,
        IUnitOfWork unitOfWork,
        INotificationHandler<DomainNotification> notifications,
-        IUserRepository userRepository) : base(bus, unitOfWork, notifications)
+        IUserRepository userRepository,
        IUser user) : base(bus, unitOfWork, notifications)
    {
        _userRepository = userRepository;
        _user = user;
    }
    public async Task Handle(DeleteUserCommand request, CancellationToken cancellationToken)
@ -43,6 +47,11 @@ public sealed class DeleteUserCommandHandler : CommandHandlerBase,
            return;
        }
        if (_user.GetUserId() != request.UserId || _user.GetUserRole() != UserRole.Admin)
        {
            return;
        }
        _userRepository.Remove(user);
        if (await CommitAsync())
--- a/CleanArchitecture.Domain/Commands/Users/UpdateUser/UpdateUserCommand.cs
+++ b/CleanArchitecture.Domain/Commands/Users/UpdateUser/UpdateUserCommand.cs
@ -1,4 +1,5 @@
 using System;
 using CleanArchitecture.Domain.Enums;
 namespace CleanArchitecture.Domain.Commands.Users.UpdateUser;
@ -10,17 +11,20 @@ public sealed class UpdateUserCommand : CommandBase
    public string Email { get; }
    public string Surname { get; }
    public string GivenName { get; }
-    
+    public UserRole Role { get; }
    public UpdateUserCommand(
        Guid userId,
        string email,
        string surname,
-        string givenName) : base(userId)
+        string givenName,
        UserRole role) : base(userId)
    {
        UserId = userId;
        Email = email;
        Surname = surname;
        GivenName = givenName;
        Role = role;
    }
    public override bool IsValid()
--- a/CleanArchitecture.Domain/Commands/Users/UpdateUser/UpdateUserCommandHandler.cs
+++ b/CleanArchitecture.Domain/Commands/Users/UpdateUser/UpdateUserCommandHandler.cs
@ -1,5 +1,7 @@
 using System.Threading;
 using System.Threading.Tasks;
 using CleanArchitecture.Domain.Entities;
 using CleanArchitecture.Domain.Enums;
 using CleanArchitecture.Domain.Errors;
 using CleanArchitecture.Domain.Events.User;
 using CleanArchitecture.Domain.Interfaces;
@ -13,14 +15,17 @@ public sealed class UpdateUserCommandHandler : CommandHandlerBase,
    IRequestHandler<UpdateUserCommand>
 {
    private readonly IUserRepository _userRepository;
-    
+    private readonly IUser _user;
    public UpdateUserCommandHandler(
        IMediatorHandler bus,
        IUnitOfWork unitOfWork,
        INotificationHandler<DomainNotification> notifications,
-        IUserRepository userRepository) : base(bus, unitOfWork, notifications)
+        IUserRepository userRepository,
        IUser user) : base(bus, unitOfWork, notifications)
    {
        _userRepository = userRepository;
        _user = user;
    }
    public async Task Handle(UpdateUserCommand request, CancellationToken cancellationToken)
@ -41,11 +46,21 @@ public sealed class UpdateUserCommandHandler : CommandHandlerBase,
                    ErrorCodes.ObjectNotFound));
            return;
        }
-        
+
        if (_user.GetUserId() != request.UserId || _user.GetUserRole() != UserRole.Admin)
        {
            return;
        }
        if (_user.GetUserRole() == UserRole.Admin)
        {
            user.SetRole(request.Role);
        }
        user.SetEmail(request.Email);
        user.SetSurname(request.Surname);
        user.SetGivenName(request.GivenName);
-        
+
        _userRepository.Update(user);
        if (await CommitAsync())
--- a/CleanArchitecture.Domain/Entities/User.cs
+++ b/CleanArchitecture.Domain/Entities/User.cs
@ -1,5 +1,6 @@
 using System;
 using System.Diagnostics.CodeAnalysis;
 using CleanArchitecture.Domain.Enums;
 namespace CleanArchitecture.Domain.Entities;
@ -8,20 +9,26 @@ public class User : Entity
    public string Email { get; private set; }
    public string GivenName { get; private set; }
    public string Surname { get; private set; }
    public string Password { get; private set; }
    public UserRole Role { get; private set; }
    public string FullName => $"{Surname}, {GivenName}";
-    
+
    public User(
        Guid id,
        string email,
        string surname,
-        string givenName) : base(id)
+        string givenName,
        string password,
        UserRole role) : base(id)
    {
        Email = email;
        GivenName = givenName;
        Surname = surname;
        Password = password;
        Role = role;
    }
-    
+
    [MemberNotNull(nameof(Email))]
    public void SetEmail(string email)
    {
@ -72,4 +79,26 @@ public class User : Entity
        Surname = surname;
    }
    [MemberNotNull(nameof(Password))]
    public void SetPassword(string password)
    {
        if (password == null)
        {
            throw new ArgumentNullException(nameof(password));
        }
        if (password.Length > 100)
        {
            throw new ArgumentException(
                "Password may not be longer than 100 characters");
        }
        Password = password;
    }
    public void SetRole(UserRole role)
    {
        Role = role;
    }
 }
--- a/CleanArchitecture.Domain/Enums/UserRole.cs
+++ b/CleanArchitecture.Domain/Enums/UserRole.cs
@ -0,0 +1,7 @@
 namespace CleanArchitecture.Domain.Enums;
 public enum UserRole
 {
    Admin,
    User
 }
--- a/CleanArchitecture.Domain/Extensions/ServiceCollectionExtension.cs
+++ b/CleanArchitecture.Domain/Extensions/ServiceCollectionExtension.cs
@ -3,6 +3,7 @@ using CleanArchitecture.Domain.Commands.Users.DeleteUser;
 using CleanArchitecture.Domain.Commands.Users.UpdateUser;
 using CleanArchitecture.Domain.EventHandler;
 using CleanArchitecture.Domain.Events.User;
 using CleanArchitecture.Domain.Interfaces;
 using MediatR;
 using Microsoft.Extensions.DependencyInjection;
@ -29,4 +30,12 @@ public static class ServiceCollectionExtension
        return services;
    }
    public static IServiceCollection AddApiUser(this IServiceCollection services)
    {
        // User
        services.AddScoped<IUser, ApiUser>();
        return services;
    }
 }
--- a/CleanArchitecture.Domain/Interfaces/IUser.cs
+++ b/CleanArchitecture.Domain/Interfaces/IUser.cs
@ -0,0 +1,12 @@
 using System;
 using CleanArchitecture.Domain.Enums;
 namespace CleanArchitecture.Domain.Interfaces;
 public interface IUser
 {
    Guid GetUserId();
    UserRole GetUserRole();
    string Name { get; }
 }