MAKS-IT/reactredux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(feat): custom authorization

Browse Source
This commit is contained in:
Maksym Sadovnychyy 2022-10-28 22:22:24 +02:00
parent c1e343346d
commit 916c1ff1b3
29 changed files with 750 additions and 397 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
db/DML/users.json
View File

@ -16,7 +16,7 @@
"$date": "2022-01-01T00:00:00.000Z" "$date": "2022-01-01T00:00:00.000Z"
} }
}, },
"expiration": { "expiration": {
"enabled": false, "enabled": false,
"days": "180" "days": "180"
@ -45,7 +45,7 @@
"confirmed": false "confirmed": false
} }
], ],
"tokens": [],
"billingAddress": { "billingAddress": {
"street": "", "street": "",
"city": "", "city": "",
@ -57,6 +57,67 @@
"city": "", "city": "",
"postCode": "", "postCode": "",
"country": "" "country": ""
} },
"tokens": [],
"authorizations": [
{
"controller": 0,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 1,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 2,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 3,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 4,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 5,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 6,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 7,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 8,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 9,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 10,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 11,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 12,
"actions": [ 0, 1, 2, 3 ]
},
{
"controller": 13,
"actions": [ 0, 1, 2, 3 ]
}
]
} }
] ]

3
webapi/Core/DomainObjects/Documents/User.cs
View File

@ -13,6 +13,7 @@ namespace Core.DomainObjects {
public Passwords Passwords { get; set; } public Passwords Passwords { get; set; }
public string Name { get; set; } public string Name { get; set; }
public string LastName { get; set; } public string LastName { get; set; }
public List<Contact> Contacts { get; set; } public List<Contact> Contacts { get; set; }
@ -23,6 +24,8 @@ namespace Core.DomainObjects {
public List<Token> Tokens { get; set; } public List<Token> Tokens { get; set; }
public List<UserAuthorizations> Authorizations { get; set; }
public override int GetHashCode() { public override int GetHashCode() {
throw new NotImplementedException(); throw new NotImplementedException();
} }

14
webapi/Core/DomainObjects/UserAuthorizations.cs Normal file
View File

@ -0,0 +1,14 @@
using Core.Enumerations;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Core.DomainObjects {
public class UserAuthorizations {
public WebapiControllers Controller { get; set; }
public List<CrudActions> Actions { get; set; }
}
}

18
webapi/Core/Enumerations/CrudActions.cs Normal file
View File

@ -0,0 +1,18 @@
using Core.Abstractions;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Core.Enumerations {
public class CrudActions : Enumeration {
public static CrudActions Create = new (0, "Create");
public static CrudActions Read = new (1, "Read");
public static CrudActions Update = new (2, "Update");
public static CrudActions Delete = new (3, "Delete");
private CrudActions(int id, string displayName) : base(id, displayName) { }
}
}

33
webapi/Core/Enumerations/WebapiControllers.cs Normal file
View File

@ -0,0 +1,33 @@
using Core.Abstractions;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Core.Enumerations {
public class WebapiControllers : Enumeration {
public static WebapiControllers Authentication = new (0, "Authentication");
public static WebapiControllers BlogItem = new(1, "BlogItem");
public static WebapiControllers BlogItems = new(2, "BlogItems");
public static WebapiControllers CategoryItem = new(3, "CategoryItem");
public static WebapiControllers CategoryItems = new(4, "CategoryItems");
public static WebapiControllers File = new(5, "File");
public static WebapiControllers Files = new(6, "Files");
public static WebapiControllers Image = new(7, "Image");
public static WebapiControllers Password = new(8, "Password");
public static WebapiControllers ShopCartItem = new(9, "ShopCartItem");
public static WebapiControllers ShopCartItems = new(10, "ShopCartItems");
public static WebapiControllers ShopItem = new(11, "ShopItem");
public static WebapiControllers ShopItems = new(12, "ShopItems");
public static WebapiControllers Account = new(13, "Account");
public static WebapiControllers Content = new(14, "Content");
private WebapiControllers(int id, string displayName) : base(id, displayName) { }
}
}

17
webapi/DataProviders/Mappings.cs
View File

@ -161,6 +161,18 @@ namespace DataProviders {
cm.AutoMap(); cm.AutoMap();
}); });
} }
if (!BsonClassMap.IsClassMapRegistered(typeof(UserAuthorizations))) {
BsonClassMap.RegisterClassMap<UserAuthorizations>(cm => {
cm.AutoMap();
cm.GetMemberMap(c => c.Controller)
.SetSerializer(new EnumerationSerializer<WebapiControllers>());
cm.GetMemberMap(c => c.Actions)
.SetSerializer(new EnumerationListSerializer<CrudActions>());
});
}
#endregion #endregion
@ -347,11 +359,6 @@ namespace DataProviders {
} }
#endregion #endregion
#region User #region User
if (!BsonClassMap.IsClassMapRegistered(typeof(User))) { if (!BsonClassMap.IsClassMapRegistered(typeof(User))) {
BsonClassMap.RegisterClassMap<User>(cm => { BsonClassMap.RegisterClassMap<User>(cm => {

12
webapi/Extensions/HttpRequestExtensions.cs
View File

@ -20,8 +20,6 @@ namespace Extensions {
return headers != null ? headers : new List<string>(); return headers != null ? headers : new List<string>();
} }
/// <summary> /// <summary>
/// Return clean JWT Bearer token from Authorisation Header /// Return clean JWT Bearer token from Authorisation Header
/// </summary> /// </summary>
@ -31,15 +29,5 @@ namespace Extensions {
? header.Replace("Bearer ", "") ? header.Replace("Bearer ", "")
: default; : default;
} }
/// <summary>
/// Returns JWT Bearer token Vault path from custom AuthorizationPath Header
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public static string? GetBearerPath(this HttpRequest request) {
var header = request.GetHeader("AuthorizationPath").FirstOrDefault();
return header;
}
} }
} }

25
webapi/WeatherForecast/Controllers/AccountController.cs Normal file
View File

@ -0,0 +1,25 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace WeatherForecast.Controllers;
/// <summary>
///
/// </summary>
[ApiController]
[Route("api/[controller]")]
public class AccountController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
/// <summary>
///
/// </summary>
public AccountController(
IAuthorizationService authorizationService
) {
_authorizationService = authorizationService;
}
}

34
webapi/WeatherForecast/Controllers/AuthenticationController.cs
View File

@ -1,9 +1,10 @@
 using Core.Enumerations;
using DomainResults.Mvc; using DomainResults.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using WeatherForecast.Models.Requests; using WeatherForecast.Models.Requests;
using WeatherForecast.Policies;
using WeatherForecast.Services; using WeatherForecast.Services;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -11,21 +12,26 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class AuthenticationController : ControllerBase { public class AuthenticationController : ControllerBase {
private readonly IAuthenticationService _authenticationService; private readonly IAuthorizationService _authorizationService;
private readonly IUserService _userService;
private readonly WebapiControllers _webapiController = WebapiControllers.Authentication;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="authenticationService"></param> /// <param name="authenticationService"></param>
public AuthenticationController( public AuthenticationController(
IAuthenticationService authenticationService IAuthorizationService authorizationService,
IUserService authenticationService
) { ) {
_authenticationService = authenticationService; _authorizationService = authorizationService;
_userService = authenticationService;
} }
/// <summary> /// <summary>
@ -33,10 +39,9 @@ public class AuthenticationController : ControllerBase {
/// </summary> /// </summary>
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[AllowAnonymous] [HttpPost]
[HttpPost()]
public IActionResult Post([FromBody] AuthenticationRequestModel requestData) { public IActionResult Post([FromBody] AuthenticationRequestModel requestData) {
var result = _authenticationService.Post(requestData); var result = _userService.CreateToken(requestData);
return result.ToActionResult(); return result.ToActionResult();
} }
@ -44,11 +49,16 @@ public class AuthenticationController : ControllerBase {
/// ///
/// </summary> /// </summary>
/// <returns></returns> /// <returns></returns>
[Authorize(Policy = "WhitelistToken")] [HttpGet]
[HttpGet()] public async Task<IActionResult> Get() {
if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Read))).Succeeded) {
return Ok();
}
else {
return Unauthorized();
}
public IActionResult Get() {
return Ok();
} }
} }

54
webapi/WeatherForecast/Controllers/BlogItemController.cs
View File

@ -5,26 +5,33 @@ using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Models.Requests; using WeatherForecast.Models.Requests;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class BlogItemController : ControllerBase { public class BlogItemController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IBlogItemService _blogItemService; private readonly IBlogItemService _blogItemService;
private readonly WebapiControllers _webapiController = WebapiControllers.BlogItem;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="authorizationService"></param>
/// <param name="blogItemService"></param> /// <param name="blogItemService"></param>
public BlogItemController( public BlogItemController(
IAuthorizationService authorizationService,
IBlogItemService blogItemService IBlogItemService blogItemService
) { ) {
_authorizationService = authorizationService;
_blogItemService = blogItemService; _blogItemService = blogItemService;
} }
@ -35,9 +42,14 @@ public class BlogItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}")] [HttpPost("{siteId}")]
public IActionResult Post([FromRoute] Guid siteId, [FromBody] BlogItemRequestModel requestData) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromBody] BlogItemRequestModel requestData) {
var result = _blogItemService.Post(siteId, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _blogItemService.Post(siteId, requestData);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
/// <summary> /// <summary>
@ -45,9 +57,14 @@ public class BlogItemController : ControllerBase {
/// </summary> /// </summary>
/// <returns></returns> /// <returns></returns>
[HttpGet("{siteId}/{blogId}")] [HttpGet("{siteId}/{blogId}")]
public IActionResult Get([FromRoute] Guid siteId, [FromRoute] Guid blogId) { public async Task<IActionResult> Get([FromRoute] Guid siteId, [FromRoute] Guid blogId) {
var result = _blogItemService.Get(siteId, blogId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Read))).Succeeded) {
return result.ToActionResult(); var result = _blogItemService.Get(siteId, blogId);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
/// <summary> /// <summary>
@ -56,7 +73,6 @@ public class BlogItemController : ControllerBase {
/// <param name="siteId"></param> /// <param name="siteId"></param>
/// <param name="slug"></param> /// <param name="slug"></param>
/// <returns></returns> /// <returns></returns>
[AllowAnonymous]
[HttpGet("{siteId}")] [HttpGet("{siteId}")]
public IActionResult GetSlug([FromRoute] Guid siteId, [FromQuery] string slug) { public IActionResult GetSlug([FromRoute] Guid siteId, [FromQuery] string slug) {
var result = _blogItemService.GetSlug(siteId, slug); var result = _blogItemService.GetSlug(siteId, slug);
@ -71,9 +87,14 @@ public class BlogItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut("{siteId}/{blogId}")] [HttpPut("{siteId}/{blogId}")]
public IActionResult Update([FromRoute] Guid siteId, [FromRoute] Guid blogId, [FromBody] BlogItemRequestModel requestData) { public async Task<IActionResult> Update([FromRoute] Guid siteId, [FromRoute] Guid blogId, [FromBody] BlogItemRequestModel requestData) {
var result = _blogItemService.Update(siteId, blogId, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Update))).Succeeded) {
return result.ToActionResult(); var result = _blogItemService.Update(siteId, blogId, requestData);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
/// <summary> /// <summary>
@ -83,9 +104,14 @@ public class BlogItemController : ControllerBase {
/// <param name="blogId"></param> /// <param name="blogId"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{blogId}")] [HttpDelete("{siteId}/{blogId}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] Guid blogId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] Guid blogId) {
var result = _blogItemService.Delete(siteId, blogId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Update))).Succeeded) {
return result.ToActionResult(); var result = _blogItemService.Delete(siteId, blogId);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
} }

23
webapi/WeatherForecast/Controllers/BlogItemsController.cs
View File

@ -4,26 +4,33 @@ using Microsoft.AspNetCore.Authorization;
using DomainResults.Mvc; using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class BlogItemsController : ControllerBase { public class BlogItemsController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IBlogItemsService _blogItemsService; private readonly IBlogItemsService _blogItemsService;
private readonly WebapiControllers _webapiController = WebapiControllers.BlogItems;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="authorizationService"></param>
/// <param name="blogItemsService"></param> /// <param name="blogItemsService"></param>
public BlogItemsController( public BlogItemsController(
IAuthorizationService authorizationService,
IBlogItemsService blogItemsService IBlogItemsService blogItemsService
) { ) {
_authorizationService = authorizationService;
_blogItemsService = blogItemsService; _blogItemsService = blogItemsService;
} }
@ -37,7 +44,6 @@ public class BlogItemsController : ControllerBase {
/// <param name="itemsPerPage"></param> /// <param name="itemsPerPage"></param>
/// <param name="locale"></param> /// <param name="locale"></param>
/// <returns></returns> /// <returns></returns>
[AllowAnonymous]
[HttpGet("{siteId}")] [HttpGet("{siteId}")]
public IActionResult Get([FromRoute] Guid siteId, [FromQuery] Guid? category, [FromQuery] string? searchText, [FromQuery] int? currentPage, [FromQuery] int? itemsPerPage, [FromQuery] string? locale) { public IActionResult Get([FromRoute] Guid siteId, [FromQuery] Guid? category, [FromQuery] string? searchText, [FromQuery] int? currentPage, [FromQuery] int? itemsPerPage, [FromQuery] string? locale) {
var result = _blogItemsService.Get(siteId, category, currentPage ?? 1, itemsPerPage ?? 8, locale, searchText); var result = _blogItemsService.Get(siteId, category, currentPage ?? 1, itemsPerPage ?? 8, locale, searchText);
@ -49,11 +55,16 @@ public class BlogItemsController : ControllerBase {
/// </summary> /// </summary>
/// <param name="siteId"></param> /// <param name="siteId"></param>
/// <returns></returns> /// <returns></returns>
[Authorize]
[HttpDelete("{siteId}")] [HttpDelete("{siteId}")]
public IActionResult Delete([FromRoute] Guid siteId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId) {
var result = _blogItemsService.Delete(siteId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult();
var result = _blogItemsService.Delete(siteId);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
} }

57
webapi/WeatherForecast/Controllers/CategoryItemController.cs
View File

@ -5,25 +5,33 @@ using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Models.Requests; using WeatherForecast.Models.Requests;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class CategoryItemController : ControllerBase { public class CategoryItemController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly ICategoryItemService _categoryItemService; private readonly ICategoryItemService _categoryItemService;
private readonly WebapiControllers _webapiController = WebapiControllers.CategoryItem;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="authorizationService"></param>
/// <param name="categoryItemService"></param> /// <param name="categoryItemService"></param>
public CategoryItemController( public CategoryItemController(
ICategoryItemService categoryItemService) { IAuthorizationService authorizationService,
ICategoryItemService categoryItemService
) {
_authorizationService = authorizationService;
_categoryItemService = categoryItemService; _categoryItemService = categoryItemService;
} }
@ -34,9 +42,14 @@ public class CategoryItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}")] [HttpPost("{siteId}")]
public IActionResult Post([FromRoute] Guid siteId, [FromBody] CategoryItemRequestModel requestData) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromBody] CategoryItemRequestModel requestData) {
var result = _categoryItemService.Post(siteId, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _categoryItemService.Post(siteId, requestData);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
/// <summary> /// <summary>
@ -46,9 +59,14 @@ public class CategoryItemController : ControllerBase {
/// <param name="categoryId"></param> /// <param name="categoryId"></param>
/// <returns></returns> /// <returns></returns>
[HttpGet("{siteId}/{categoryId}")] [HttpGet("{siteId}/{categoryId}")]
public IActionResult Get([FromRoute] Guid siteId, [FromRoute] Guid categoryId) { public async Task<IActionResult> Get([FromRoute] Guid siteId, [FromRoute] Guid categoryId) {
var result = _categoryItemService.Get(siteId, categoryId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Read))).Succeeded) {
return result.ToActionResult(); var result = _categoryItemService.Get(siteId, categoryId);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
/// <summary> /// <summary>
@ -56,7 +74,6 @@ public class CategoryItemController : ControllerBase {
/// </summary> /// </summary>
/// <param name="siteId"></param> /// <param name="siteId"></param>
/// <param name="slug"></param> /// <param name="slug"></param>
[AllowAnonymous]
[HttpGet("{siteId}")] [HttpGet("{siteId}")]
public IActionResult GetSlug([FromRoute] Guid siteId, [FromQuery] string slug) { public IActionResult GetSlug([FromRoute] Guid siteId, [FromQuery] string slug) {
var result = _categoryItemService.GetSlug(siteId, slug); var result = _categoryItemService.GetSlug(siteId, slug);
@ -71,9 +88,14 @@ public class CategoryItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut("{siteId}/{categoryId}")] [HttpPut("{siteId}/{categoryId}")]
public IActionResult Update([FromRoute] Guid siteId, [FromRoute] Guid categoryId, [FromBody] CategoryItemRequestModel requestData) { public async Task<IActionResult> Update([FromRoute] Guid siteId, [FromRoute] Guid categoryId, [FromBody] CategoryItemRequestModel requestData) {
var result = _categoryItemService.Update(siteId, categoryId, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Update))).Succeeded) {
return result.ToActionResult(); var result = _categoryItemService.Update(siteId, categoryId, requestData);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
/// <summary> /// <summary>
@ -83,9 +105,14 @@ public class CategoryItemController : ControllerBase {
/// <param name="categoryId"></param> /// <param name="categoryId"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{categoryId}")] [HttpDelete("{siteId}/{categoryId}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] Guid categoryId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] Guid categoryId) {
var result = _categoryItemService.Delete(siteId, categoryId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult(); var result = _categoryItemService.Delete(siteId, categoryId);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
} }

23
webapi/WeatherForecast/Controllers/CategoryItemsController.cs
View File

@ -4,26 +4,33 @@ using Microsoft.AspNetCore.Authorization;
using DomainResults.Mvc; using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class CategoryItemsController : ControllerBase { public class CategoryItemsController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly ICategoryItemsService _categoryItemsService; private readonly ICategoryItemsService _categoryItemsService;
private readonly WebapiControllers _webapiController = WebapiControllers.CategoryItem;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="authorizationService"></param>
/// <param name="categoryItemsService"></param> /// <param name="categoryItemsService"></param>
public CategoryItemsController( public CategoryItemsController(
ICategoryItemsService categoryItemsService IAuthorizationService authorizationService,
ICategoryItemsService categoryItemsService
) { ) {
_authorizationService = authorizationService;
_categoryItemsService = categoryItemsService; _categoryItemsService = categoryItemsService;
} }
@ -44,11 +51,15 @@ public class CategoryItemsController : ControllerBase {
/// </summary> /// </summary>
/// <param name="siteId"></param> /// <param name="siteId"></param>
/// <returns></returns> /// <returns></returns>
[AllowAnonymous]
[HttpDelete("{siteId}")] [HttpDelete("{siteId}")]
public IActionResult Delete([FromRoute] Guid siteId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId) {
var result = _categoryItemsService.Delete(siteId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult(); var result = _categoryItemsService.Delete(siteId);
return result.ToActionResult();
}
else {
return Unauthorized();
}
} }
} }

9
webapi/WeatherForecast/Controllers/ContentController.cs
View File

@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Authorization;
using DomainResults.Mvc; using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -11,20 +12,24 @@ namespace WeatherForecast.Controllers;
/// ///
/// </summary> /// </summary>
[ApiController] [ApiController]
[AllowAnonymous]
[Route("api/[controller]")] [Route("api/[controller]")]
public class ContentController : ControllerBase { public class ContentController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IContentService _contentService; private readonly IContentService _contentService;
private readonly WebapiControllers _webapiController = WebapiControllers.Content;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="logger"></param> /// <param name="authorizationService"></param>
/// <param name="contentService"></param> /// <param name="contentService"></param>
public ContentController( public ContentController(
IAuthorizationService authorizationService,
IContentService contentService IContentService contentService
) { ) {
_authorizationService = authorizationService;
_contentService = contentService; _contentService = contentService;
} }

53
webapi/WeatherForecast/Controllers/FileController.cs
View File

@ -1,7 +1,9 @@
using DomainResults.Mvc; using Core.Enumerations;
using DomainResults.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using System.Net.Http.Headers; using System.Net.Http.Headers;
using WeatherForecast.Policies;
using WeatherForecast.Services; using WeatherForecast.Services;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -9,20 +11,24 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[AllowAnonymous] [AllowAnonymous]
[Route("api/[controller]")] [Route("api/[controller]")]
public class FileController : Controller { public class FileController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IFileService _fileService; private readonly IFileService _fileService;
private readonly WebapiControllers _webapiController = WebapiControllers.File;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="fileService"></param> /// <param name="fileService"></param>
public FileController( public FileController(
IAuthorizationService authorizationService,
IFileService fileService IFileService fileService
) { ) {
_authorizationService = authorizationService;
_fileService = fileService; _fileService = fileService;
} }
@ -34,9 +40,13 @@ public class FileController : Controller {
/// <param name="file"></param> /// <param name="file"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}/{userId}")] [HttpPost("{siteId}/{userId}")]
public IActionResult Post([FromRoute] Guid siteId, [FromRoute] Guid userId, IFormFile file) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromRoute] Guid userId, IFormFile file) {
var result = _fileService.Post(siteId, userId, file); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _fileService.Post(siteId, userId, file);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -47,16 +57,21 @@ public class FileController : Controller {
/// <param name="fileId"></param> /// <param name="fileId"></param>
/// <returns></returns> /// <returns></returns>
[HttpGet("{siteId}/{userId}/{fileId}")] [HttpGet("{siteId}/{userId}/{fileId}")]
public IActionResult Get([FromRoute] Guid siteId, [FromRoute] Guid userid, [FromRoute] Guid fileId) { public async Task<IActionResult> Get([FromRoute] Guid siteId, [FromRoute] Guid userid, [FromRoute] Guid fileId) {
var (file, result) = _fileService.Get(siteId, userid, fileId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Read))).Succeeded) {
if (!result.IsSuccess || file == null) var (file, result) = _fileService.Get(siteId, userid, fileId);
return result.ToActionResult();
var stream = new MemoryStream(file.Bytes); if (!result.IsSuccess || file == null)
return new FileStreamResult(stream, file.ContentType) { return result.ToActionResult();
FileDownloadName = file.Name
}; var stream = new MemoryStream(file.Bytes);
return new FileStreamResult(stream, file.ContentType) {
FileDownloadName = file.Name
};
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -67,9 +82,13 @@ public class FileController : Controller {
/// <param name="fileId"></param> /// <param name="fileId"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{userId}/{fileId}")] [HttpDelete("{siteId}/{userId}/{fileId}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] Guid fileId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] Guid fileId) {
var result = _fileService.Delete(siteId, userId, fileId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult(); var result = _fileService.Delete(siteId, userId, fileId);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

34
webapi/WeatherForecast/Controllers/FilesController.cs
View File

@ -1,6 +1,8 @@
using DomainResults.Mvc; using Core.Enumerations;
using DomainResults.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using WeatherForecast.Policies;
using WeatherForecast.Services; using WeatherForecast.Services;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -8,20 +10,24 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[AllowAnonymous] [AllowAnonymous]
[Route("api/[controller]")] [Route("api/[controller]")]
public class FilesController : Controller { public class FilesController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IFilesService _filesService; private readonly IFilesService _filesService;
private readonly WebapiControllers _webapiController = WebapiControllers.Files;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="filesService"></param> /// <param name="filesService"></param>
public FilesController( public FilesController(
IAuthorizationService authorizationService,
IFilesService filesService IFilesService filesService
) { ) {
_authorizationService = authorizationService;
_filesService = filesService; _filesService = filesService;
} }
@ -33,9 +39,14 @@ public class FilesController : Controller {
/// <param name="file"></param> /// <param name="file"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}/{userId}")] [HttpPost("{siteId}/{userId}")]
public IActionResult Post([FromRoute] Guid siteId, [FromRoute] Guid userId, List<IFormFile> file) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromRoute] Guid userId, List<IFormFile> file) {
var result = _filesService.Post(siteId, userId, file);
return result.ToActionResult(); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
var result = _filesService.Post(siteId, userId, file);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -46,9 +57,12 @@ public class FilesController : Controller {
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{userId}")] [HttpDelete("{siteId}/{userId}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] Guid userId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] Guid userId) {
var result = _filesService.Delete(siteId, userId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _filesService.Delete(siteId, userId);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

4
webapi/WeatherForecast/Controllers/ImageController.cs
View File

@ -9,11 +9,11 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[AllowAnonymous]
[Route("api/[controller]")] [Route("api/[controller]")]
[ApiController] [ApiController]
public class ImageController : ControllerBase { public class ImageController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IImageService _imageService; private readonly IImageService _imageService;
/// <summary> /// <summary>
@ -21,8 +21,10 @@ public class ImageController : ControllerBase {
/// </summary> /// </summary>
/// <param name="imgeService"></param> /// <param name="imgeService"></param>
public ImageController( public ImageController(
IAuthorizationService authorizationService,
IImageService imgeService IImageService imgeService
) { ) {
_authorizationService = authorizationService;
_imageService = imgeService; _imageService = imgeService;
} }

20
webapi/WeatherForecast/Controllers/PasswordController.cs
View File

@ -1,8 +1,10 @@
using DomainResults.Mvc; using Core.Enumerations;
using DomainResults.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using WeatherForecast.Models.Requests; using WeatherForecast.Models.Requests;
using WeatherForecast.Policies;
using WeatherForecast.Services; using WeatherForecast.Services;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -10,20 +12,24 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[Route("api/[controller]")] [Route("api/[controller]")]
[ApiController] [ApiController]
public class PasswordController : ControllerBase { public class PasswordController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IPasswordService _passwordService; private readonly IPasswordService _passwordService;
private readonly WebapiControllers _webapiController = WebapiControllers.Password;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="passwordService"></param> /// <param name="passwordService"></param>
public PasswordController( public PasswordController(
IAuthorizationService authorizationService,
IPasswordService passwordService IPasswordService passwordService
) { ) {
_authorizationService = authorizationService;
_passwordService = passwordService; _passwordService = passwordService;
} }
@ -35,9 +41,13 @@ public class PasswordController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}/{userId}")] [HttpPost("{siteId}/{userId}")]
public IActionResult Post([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromBody] PasswordRequestModel requestData) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromBody] PasswordRequestModel requestData) {
var result = _passwordService.Post(siteId, userId, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _passwordService.Post(siteId, userId, requestData);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

48
webapi/WeatherForecast/Controllers/ShopCartItemController.cs
View File

@ -5,6 +5,8 @@ using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Models.Requests; using WeatherForecast.Models.Requests;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -12,20 +14,24 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[AllowAnonymous] [AllowAnonymous]
[Route("api/[controller]")] [Route("api/[controller]")]
public class ShopCartItemController : ControllerBase { public class ShopCartItemController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IShopCartItemService _shopCartItemService; private readonly IShopCartItemService _shopCartItemService;
private readonly WebapiControllers _webapiController = WebapiControllers.ShopCartItem;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="shopCartItemService"></param> /// <param name="shopCartItemService"></param>
public ShopCartItemController( public ShopCartItemController(
IAuthorizationService authorizationService,
IShopCartItemService shopCartItemService IShopCartItemService shopCartItemService
) { ) {
_authorizationService = authorizationService;
_shopCartItemService = shopCartItemService; _shopCartItemService = shopCartItemService;
} }
@ -38,9 +44,13 @@ public class ShopCartItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}/{userId}/{sku}")] [HttpPost("{siteId}/{userId}/{sku}")]
public IActionResult Post([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku, [FromBody] ShopCartItemRequestModel requestData) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku, [FromBody] ShopCartItemRequestModel requestData) {
var result = _shopCartItemService.Post(siteId, userId, sku, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _shopCartItemService.Post(siteId, userId, sku, requestData);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -48,9 +58,13 @@ public class ShopCartItemController : ControllerBase {
/// </summary> /// </summary>
/// <returns></returns> /// <returns></returns>
[HttpGet("{siteId}/{userId}/{sku}")] [HttpGet("{siteId}/{userId}/{sku}")]
public IActionResult Get([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku, [FromQuery] string? locale) { public async Task<IActionResult> Get([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku, [FromQuery] string? locale) {
var result = _shopCartItemService.Get(siteId, userId, sku, locale); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Read))).Succeeded) {
return result.ToActionResult(); var result = _shopCartItemService.Get(siteId, userId, sku, locale);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -62,9 +76,13 @@ public class ShopCartItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut("{siteId}/{userId}/{sku}")] [HttpPut("{siteId}/{userId}/{sku}")]
public IActionResult Update([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku, [FromBody] ShopCartItemRequestModel requestData) { public async Task<IActionResult> Update([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku, [FromBody] ShopCartItemRequestModel requestData) {
var result = _shopCartItemService.Update(siteId, userId, sku, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Update))).Succeeded) {
return result.ToActionResult(); var result = _shopCartItemService.Update(siteId, userId, sku, requestData);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -75,9 +93,13 @@ public class ShopCartItemController : ControllerBase {
/// <param name="sku"></param> /// <param name="sku"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{userId}/{sku}")] [HttpDelete("{siteId}/{userId}/{sku}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromRoute] string sku) {
var result = _shopCartItemService.Delete(siteId, userId, sku); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult(); var result = _shopCartItemService.Delete(siteId, userId, sku);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

30
webapi/WeatherForecast/Controllers/ShopCartItemsController.cs
View File

@ -4,6 +4,8 @@ using Microsoft.AspNetCore.Authorization;
using DomainResults.Mvc; using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
@ -11,20 +13,24 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")] [ApiController]
[AllowAnonymous]
[Route("api/[controller]")] [Route("api/[controller]")]
public class ShopCartItemsController : ControllerBase { public class ShopCartItemsController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IShopCartItemsService _shopCartItemsService; private readonly IShopCartItemsService _shopCartItemsService;
private readonly WebapiControllers _webapiController = WebapiControllers.ShopCartItems;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="shopCartItemsService"></param> /// <param name="shopCartItemsService"></param>
public ShopCartItemsController( public ShopCartItemsController(
IAuthorizationService authorizationService,
IShopCartItemsService shopCartItemsService IShopCartItemsService shopCartItemsService
) { ) {
_authorizationService = authorizationService;
_shopCartItemsService = shopCartItemsService; _shopCartItemsService = shopCartItemsService;
} }
@ -33,9 +39,13 @@ public class ShopCartItemsController : ControllerBase {
/// </summary> /// </summary>
/// <returns></returns> /// <returns></returns>
[HttpGet("{siteId}/{userId}")] [HttpGet("{siteId}/{userId}")]
public IActionResult Get([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromQuery] string? locale) { public async Task<IActionResult> Get([FromRoute] Guid siteId, [FromRoute] Guid userId, [FromQuery] string? locale) {
var result = _shopCartItemsService.Get(siteId, userId, locale); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(WebapiControllers.ShopCartItems, CrudActions.Read))).Succeeded) {
return result.ToActionResult(); var result = _shopCartItemsService.Get(siteId, userId, locale);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -45,9 +55,13 @@ public class ShopCartItemsController : ControllerBase {
/// <param name="userId"></param> /// <param name="userId"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{userId}")] [HttpDelete("{siteId}/{userId}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] Guid userId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] Guid userId) {
var result = _shopCartItemsService.Delete(siteId, userId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult(); var result = _shopCartItemsService.Delete(siteId, userId);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

50
webapi/WeatherForecast/Controllers/ShopItemController.cs
View File

@ -5,26 +5,32 @@ using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Models.Requests; using WeatherForecast.Models.Requests;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class ShopItemController : ControllerBase { public class ShopItemController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IShopItemService _shopItemService; private readonly IShopItemService _shopItemService;
private readonly WebapiControllers _webapiController = WebapiControllers.ShopItem;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="shopItemService"></param> /// <param name="shopItemService"></param>
public ShopItemController( public ShopItemController(
IAuthorizationService authorizationService,
IShopItemService shopItemService IShopItemService shopItemService
) { ) {
_authorizationService = authorizationService;
_shopItemService = shopItemService; _shopItemService = shopItemService;
} }
@ -36,9 +42,14 @@ public class ShopItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{siteId}/{sku}")] [HttpPost("{siteId}/{sku}")]
public IActionResult Post([FromRoute] Guid siteId, [FromRoute] string sku, [FromBody] ShopItemRequestModel requestData) { public async Task<IActionResult> Post([FromRoute] Guid siteId, [FromRoute] string sku, [FromBody] ShopItemRequestModel requestData) {
var result = _shopItemService.Post(siteId, sku, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult();
var result = _shopItemService.Post(siteId, sku, requestData);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -48,9 +59,13 @@ public class ShopItemController : ControllerBase {
/// <param name="sku"></param> /// <param name="sku"></param>
/// <returns></returns> /// <returns></returns>
[HttpGet("{siteId}/{sku}")] [HttpGet("{siteId}/{sku}")]
public IActionResult Get([FromRoute] Guid siteId, [FromRoute] string sku) { public async Task<IActionResult> Get([FromRoute] Guid siteId, [FromRoute] string sku) {
var result = _shopItemService.Get(siteId, sku); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Read))).Succeeded) {
return result.ToActionResult(); var result = _shopItemService.Get(siteId, sku);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -59,7 +74,6 @@ public class ShopItemController : ControllerBase {
/// <param name="siteId"></param> /// <param name="siteId"></param>
/// <param name="slug"></param> /// <param name="slug"></param>
/// <returns></returns> /// <returns></returns>
[AllowAnonymous]
[HttpGet("{siteId}")] [HttpGet("{siteId}")]
public IActionResult GetSlug([FromRoute] Guid siteId, [FromQuery] string slug) { public IActionResult GetSlug([FromRoute] Guid siteId, [FromQuery] string slug) {
var result = _shopItemService.GetSlug(siteId, slug); var result = _shopItemService.GetSlug(siteId, slug);
@ -74,9 +88,13 @@ public class ShopItemController : ControllerBase {
/// <param name="requestData"></param> /// <param name="requestData"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut("{siteId}/{sku}")] [HttpPut("{siteId}/{sku}")]
public IActionResult Update([FromRoute] Guid siteId, [FromRoute] string sku, [FromBody] ShopItemRequestModel requestData) { public async Task<IActionResult> Update([FromRoute] Guid siteId, [FromRoute] string sku, [FromBody] ShopItemRequestModel requestData) {
var result = _shopItemService.Update(siteId, sku, requestData); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Update))).Succeeded) {
return result.ToActionResult(); var result = _shopItemService.Update(siteId, sku, requestData);
return result.ToActionResult();
}
return Unauthorized();
} }
/// <summary> /// <summary>
@ -86,9 +104,13 @@ public class ShopItemController : ControllerBase {
/// <param name="sku"></param> /// <param name="sku"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}/{sku}")] [HttpDelete("{siteId}/{sku}")]
public IActionResult Delete([FromRoute] Guid siteId, [FromRoute] string sku) { public async Task<IActionResult> Delete([FromRoute] Guid siteId, [FromRoute] string sku) {
var result = _shopItemService.Delete(siteId, sku); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Delete))).Succeeded) {
return result.ToActionResult(); var result = _shopItemService.Delete(siteId, sku);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

18
webapi/WeatherForecast/Controllers/ShopItemsController.cs
View File

@ -4,26 +4,32 @@ using Microsoft.AspNetCore.Authorization;
using DomainResults.Mvc; using DomainResults.Mvc;
using WeatherForecast.Services; using WeatherForecast.Services;
using WeatherForecast.Policies;
using Core.Enumerations;
namespace WeatherForecast.Controllers; namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController] [ApiController]
[Route("api/[controller]")] [Route("api/[controller]")]
public class ShopItemsController : ControllerBase { public class ShopItemsController : ControllerBase {
private readonly IAuthorizationService _authorizationService;
private readonly IShopItemsService _shopItemsService; private readonly IShopItemsService _shopItemsService;
private readonly WebapiControllers _webapiController = WebapiControllers.ShopItem;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
/// <param name="shopCatalogService"></param> /// <param name="shopCatalogService"></param>
public ShopItemsController( public ShopItemsController(
IAuthorizationService authorizationService,
IShopItemsService shopCatalogService IShopItemsService shopCatalogService
) { ) {
_authorizationService = authorizationService;
_shopItemsService = shopCatalogService; _shopItemsService = shopCatalogService;
} }
@ -49,8 +55,12 @@ public class ShopItemsController : ControllerBase {
/// <param name="siteId"></param> /// <param name="siteId"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{siteId}")] [HttpDelete("{siteId}")]
public IActionResult Delete([FromRoute] Guid siteId) { public async Task<IActionResult> Delete([FromRoute] Guid siteId) {
var result = _shopItemsService.Delete(siteId); if ((await _authorizationService.AuthorizeAsync(User, null, new CrudActionRequirement(_webapiController, CrudActions.Create))).Succeeded) {
return result.ToActionResult(); var result = _shopItemsService.Delete(siteId);
return result.ToActionResult();
}
return Unauthorized();
} }
} }

18
webapi/WeatherForecast/Controllers/UserController.cs
View File

@ -1,18 +0,0 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace WeatherForecast.Controllers;
/// <summary>
///
/// </summary>
[Authorize(Policy = "WhitelistToken")]
[ApiController]
[Route("api/[controller]")]
public class UserController : ControllerBase {
/// <summary>
///
/// </summary>
public UserController() { }
}

1
webapi/WeatherForecast/Controllers/WeatherForecastController.cs
View File

@ -8,7 +8,6 @@ namespace WeatherForecast.Controllers;
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
[AllowAnonymous]
[ApiController] [ApiController]
[Route("[controller]")] [Route("[controller]")]
public class WeatherForecastController : ControllerBase { public class WeatherForecastController : ControllerBase {

83
webapi/WeatherForecast/Policies/CrudAuthorizationHandler.cs Normal file
View File

@ -0,0 +1,83 @@
using Core.Enumerations;
using ExtensionMethods;
using Extensions;
using Microsoft.AspNetCore.Authorization;
using WeatherForecast.Services;
namespace WeatherForecast.Policies {
/// <summary>
///
/// </summary>
public class CrudAuthorizationHandler : AuthorizationHandler<CrudActionRequirement> {
private readonly IHttpContextAccessor _contextAccessor;
private readonly IUserService _authenticationService;
/// <summary>
///
/// </summary>
/// <param name="contextAccessor"></param>
/// <param name="authenticationService"></param>
public CrudAuthorizationHandler(
IHttpContextAccessor contextAccessor,
IUserService authenticationService
) {
_contextAccessor = contextAccessor;
_authenticationService = authenticationService;
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
/// <param name="requirement"></param>
/// <returns></returns>
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CrudActionRequirement requirement) {
var user = context.User;
var identity = user.Identity;
var name = identity?.Name;
var userId = name?.ToNullableGuid();
var request = _contextAccessor?.HttpContext?.Request;
var bearerToken = request?.GeBearerToken();
if (_authenticationService.VerifyToken(userId, bearerToken, requirement.Controller, requirement.Action).IsSuccess)
context.Succeed(requirement);
return Task.CompletedTask;
}
}
/// <summary>
///
/// </summary>
public class CrudActionRequirement : IAuthorizationRequirement {
/// <summary>
///
/// </summary>
public WebapiControllers Controller { get; }
/// <summary>
///
/// </summary>
public CrudActions Action { get; }
/// <summary>
///
/// </summary>
public bool SameAuthor { get; }
/// <summary>
///
/// </summary>
/// <param name="crudAction"></param>
public CrudActionRequirement(WebapiControllers controller, CrudActions crudAction, bool sameAuthor = false) {
Controller = controller;
Action = crudAction;
SameAuthor = sameAuthor;
}
}
}

55
webapi/WeatherForecast/Policies/WhitelistToken.cs
View File

@ -1,55 +0,0 @@
using Extensions;
using Microsoft.AspNetCore.Authorization;
using WeatherForecast.Services;
namespace WeatherForecast.Policies {
/// <summary>
///
/// </summary>
public class WhitelistTokenRequirement : IAuthorizationRequirement {
// public string WhiteListToken { get; }
/// <summary>
///
/// </summary>
public WhitelistTokenRequirement() {
// WhiteListToken = whiteListToken;
}
}
/// <summary>
///
/// </summary>
public class WhitelistTokenHandler : AuthorizationHandler<WhitelistTokenRequirement> {
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly IAuthenticationService _athenticationService;
/// <summary>
///
/// </summary>
/// <param name="httpContextAccessor"></param>
/// <param name="athenticationService"></param>
public WhitelistTokenHandler(
IHttpContextAccessor httpContextAccessor,
IAuthenticationService athenticationService
) {
_httpContextAccessor = httpContextAccessor;
_athenticationService = athenticationService;
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
/// <param name="requirement"></param>
/// <returns></returns>
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, WhitelistTokenRequirement requirement) {
var request = _httpContextAccessor?.HttpContext?.Request;
if (request != null && _athenticationService.Get(request.GeBearerToken()).IsSuccess)
context.Succeed(requirement);
return Task.CompletedTask;
}
}
}

157
webapi/WeatherForecast/Services/AutheticationService.cs
View File

@ -1,157 +0,0 @@
using Core.Abstractions;
using Core.DomainObjects;
using DataProviders.Collections;
using DomainResults.Common;
using ExtensionMethods;
using CryptoProvider;
using JWTService;
using WeatherForecast.Models.Requests;
using Microsoft.Extensions.Options;
namespace WeatherForecast.Services {
/// <summary>
///
/// </summary>
public interface IAuthenticationService {
/// <summary>
///
/// </summary>
/// <param name="requestData"></param>
/// <returns></returns>
(string?, IDomainResult) Post(AuthenticationRequestModel requestData);
/// <summary>
///
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
IDomainResult Get(string? token);
}
/// <summary>
///
/// </summary>
public class AutheticationService : ServiceBase<AutheticationService>, IAuthenticationService {
private readonly IAesKey? _aesKey;
private readonly IUserDataProvider _userDataProvider;
private readonly IJWTService _jwtService;
/// <summary>
///
/// </summary>
/// <param name="logger"></param>
/// <param name="options"></param>
/// <param name="userDataProvider"></param>
/// <param name="jwtService"></param>
public AutheticationService (
ILogger<AutheticationService> logger,
IOptions<Configuration> options,
IUserDataProvider userDataProvider,
IJWTService jwtService
) : base(logger) {
_aesKey = options.Value.JwtTokenEncryption;
_userDataProvider = userDataProvider;
_jwtService = jwtService;
}
/// <summary>
///
/// </summary>
/// <param name="requestData"></param>
/// <returns></returns>
public (string?, IDomainResult) Post(AuthenticationRequestModel requestData) {
if (_aesKey?.IV == null || _aesKey?.Key == null)
return IDomainResult.Failed<string?>("IV or Key are not set");
// Retrieve user from database by userName
var (user, getUserResult) = _userDataProvider.GetByUsername(requestData.Username);
if (!getUserResult.IsSuccess || user == null)
return (null, getUserResult);
if (user.Passwords.Password == null)
return IDomainResult.Failed<string?>("Password is not set, create new password.");
// Check provided password hash with the stored one
var (salt, hash) = HashService.CreateSaltedHash(requestData.Password);
if (!HashService.ValidateHash(requestData.Password, salt, hash))
return IDomainResult.Unauthorized<string?>();
// Check password expiration if enabled
if (user.Passwords.Expiration.Enabled && DateTime.UtcNow > user.Passwords.Password.Created.AddDays(user.Passwords.Expiration.Days)) {
user.Passwords.Expired.Add(user.Passwords.Password.Prototype());
user.Passwords.Password = null;
user.Tokens = new List<Token>();
return IDomainResult.Failed<string?>("Password is expired, create new password.");
}
// Creating JWT token
var claims = new List<KeyValuePair<string, string>> {
new KeyValuePair<string, string>("UserId", $"{user.Id}")
};
var created = DateTime.UtcNow;
var expires = created.AddDays(365);
var token = _jwtService.CreateJwtToken(expires, claims);
user.Tokens.Add(new Token {
Value = AesService.EncryptString(_aesKey.IV, _aesKey.Key, token),
Created = created,
Expires = expires,
});
var (_, usdateUserResult) = _userDataProvider.Update(user);
if (!usdateUserResult.IsSuccess)
return IDomainResult.Failed<string?>();
return IDomainResult.Success(token);
}
/// <summary>
///
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public IDomainResult Get(string? token) {
if (_aesKey?.IV == null || _aesKey?.Key == null)
return IDomainResult.Failed("IV or Key are not set");
if (token == null)
return IDomainResult.Failed();
#region Retrieve user id from token claim
var (claims, getClaimsResult) = _jwtService.JwtTokenClaims(token);
if (!getClaimsResult.IsSuccess || claims == null)
return IDomainResult.Failed();
var userId = claims.SingleOrDefault(x => x.Key == "UserId").Value.ToGuid();
if (userId == Guid.Empty)
return IDomainResult.Failed();
#endregion
var (user, getUserResult) = _userDataProvider.Get(userId);
if (!getUserResult.IsSuccess || user == null)
return IDomainResult.Failed();
#region Tokens cleanup
var userTokens = user.Tokens.Where(x => x.Expires > DateTime.UtcNow).ToList();
if (user.Tokens.Count != userTokens.Count) {
user.Tokens = userTokens;
_userDataProvider.Update(user);
}
#endregion
return userTokens.Select(x => AesService.DecryptString(_aesKey.IV, _aesKey.Key, x.Value)).Any(x => string.Compare(x, token) == 0)
? IDomainResult.Success()
: IDomainResult.Failed();
}
}
}

160
webapi/WeatherForecast/Services/UserService.cs
View File

@ -1,16 +1,168 @@
namespace WeatherForecast.Services { using Core.Abstractions;
using Core.DomainObjects;
using DataProviders.Collections;
using DomainResults.Common;
using CryptoProvider;
using JWTService;
using WeatherForecast.Models.Requests;
using Microsoft.Extensions.Options;
using Core.Enumerations;
namespace WeatherForecast.Services {
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
public interface IUserService { public interface IUserService {
/// <summary>
///
/// </summary>
/// <param name="requestData"></param>
/// <returns></returns>
(string?, IDomainResult) CreateToken(AuthenticationRequestModel requestData);
/// <summary>
///
/// </summary>
/// <param name="userId"></param>
/// <param name="token"></param>
/// <param name="controller"></param>
/// <param name="actions"></param>
/// <returns></returns>
IDomainResult VerifyToken(Guid? userId, string? token, WebapiControllers? controller, CrudActions? actions);
} }
/// <summary> /// <summary>
/// ///
/// </summary> /// </summary>
public class UserService : IUserService { public class UserService : ServiceBase<UserService>, IUserService {
private readonly IAesKey? _aesKey;
private readonly IUserDataProvider _userDataProvider;
private readonly IJWTService _jwtService;
/// <summary>
///
/// </summary>
/// <param name="logger"></param>
/// <param name="options"></param>
/// <param name="userDataProvider"></param>
/// <param name="jwtService"></param>
public UserService (
ILogger<UserService> logger,
IOptions<Configuration> options,
IUserDataProvider userDataProvider,
IJWTService jwtService
) : base(logger) {
_aesKey = options.Value.JwtTokenEncryption;
_userDataProvider = userDataProvider;
_jwtService = jwtService;
}
/// <summary>
///
/// </summary>
/// <param name="requestData"></param>
/// <returns></returns>
public (string?, IDomainResult) CreateToken(AuthenticationRequestModel requestData) {
if (_aesKey?.IV == null || _aesKey?.Key == null)
return IDomainResult.Failed<string?>("IV or Key are not set");
// Retrieve user from database by userName
var (user, getUserResult) = _userDataProvider.GetByUsername(requestData.Username);
if (!getUserResult.IsSuccess || user == null)
return (null, getUserResult);
if (user.Passwords.Password == null)
return IDomainResult.Failed<string?>("Password is not set, create new password.");
// Check provided password hash with the stored one
var (salt, hash) = HashService.CreateSaltedHash(requestData.Password);
if (!HashService.ValidateHash(requestData.Password, salt, hash))
return IDomainResult.Unauthorized<string?>();
// Check password expiration if enabled
if (user.Passwords.Expiration.Enabled && DateTime.UtcNow > user.Passwords.Password.Created.AddDays(user.Passwords.Expiration.Days)) {
user.Passwords.Expired.Add(user.Passwords.Password.Prototype());
user.Passwords.Password = null;
user.Tokens = new List<Token>();
return IDomainResult.Failed<string?>("Password is expired, create new password.");
}
// Creating JWT token
var claims = new List<KeyValuePair<string, string>> {
new KeyValuePair<string, string>("unique_name", $"{user.Id}"),
// (JWT ID): Unique identifier; can be used to prevent the JWT from being replayed (allows a token to be used only once)
new KeyValuePair<string, string>("jti", $"{Guid.NewGuid()}")
};
var created = DateTime.UtcNow;
var expires = created.AddDays(365);
var token = _jwtService.CreateJwtToken(expires, claims);
user.Tokens.Add(new Token {
Value = AesService.EncryptString(_aesKey.IV, _aesKey.Key, token),
Created = created,
Expires = expires,
});
var (_, usdateUserResult) = _userDataProvider.Update(user);
if (!usdateUserResult.IsSuccess)
return IDomainResult.Failed<string?>();
return IDomainResult.Success(token);
}
/// <summary>
///
/// </summary>
/// <param name="userId"></param>
/// <param name="token"></param>
/// <param name="controller"></param>
/// <param name="action"></param>
/// <returns></returns>
public IDomainResult VerifyToken(Guid? userId, string? token, WebapiControllers? controller, CrudActions? action) {
if (_aesKey?.IV == null || _aesKey?.Key == null)
return IDomainResult.Failed("IV or Key are not set");
if (token == null || userId == null)
return IDomainResult.Failed();
var (user, getUserResult) = _userDataProvider.Get(userId.Value);
if (!getUserResult.IsSuccess || user == null)
return IDomainResult.Failed();
#region Tokens cleanup
var userTokens = user.Tokens.Where(x => x.Expires > DateTime.UtcNow).OrderByDescending(x => x.Expires).Take(10).ToList();
if (user.Tokens.Count != userTokens.Count) {
user.Tokens = userTokens;
_userDataProvider.Update(user);
}
#endregion
// Check if whitelisted
if(!userTokens.Select(x => AesService.DecryptString(_aesKey.IV, _aesKey.Key, x.Value)).Any(x => string.Compare(x, token) == 0))
IDomainResult.Unauthorized();
// Check if authorized
if (controller != null) {
if (!user.Authorizations.Any(x => x.Controller == controller))
return IDomainResult.Unauthorized();
if(action != null)
if (!user.Authorizations.SingleOrDefault(x => x.Controller == controller).Actions.Any(x => x == action))
return IDomainResult.Unauthorized();
}
return IDomainResult.Success();
}
} }
} }

27
webapi/WeatherForecast/Startup.cs
View File

@ -12,6 +12,7 @@ using JWTService.Extensions;
using Core.Middlewares; using Core.Middlewares;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using WeatherForecast.Policies; using WeatherForecast.Policies;
using Microsoft.Extensions.DependencyInjection;
namespace WeatherForecast { namespace WeatherForecast {
@ -44,12 +45,12 @@ namespace WeatherForecast {
services.Configure<Configuration>(appSettingsSection); services.Configure<Configuration>(appSettingsSection);
var appSettings = appSettingsSection.Get<Configuration>(); var appSettings = appSettingsSection.Get<Configuration>();
services.AddCors(options => { services.AddCors(options => {
options.AddPolicy(MyAllowSpecificOrigins, options.AddPolicy(MyAllowSpecificOrigins,
builder => { builder => {
builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader(); builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader();
}); });
}); });
services.AddControllers().AddJsonOptions(options => services.AddControllers().AddJsonOptions(options =>
@ -62,7 +63,7 @@ namespace WeatherForecast {
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options => { }).AddJwtBearer(options => {
options.RequireHttpsMetadata = false; options.RequireHttpsMetadata = false;
options.SaveToken = true; options.SaveToken = false;
options.TokenValidationParameters = new TokenValidationParameters { options.TokenValidationParameters = new TokenValidationParameters {
ValidateIssuerSigningKey = true, ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Convert.FromBase64String(appSettings.JwtConfig.Secret)), IssuerSigningKey = new SymmetricSecurityKey(Convert.FromBase64String(appSettings.JwtConfig.Secret)),
@ -76,16 +77,13 @@ namespace WeatherForecast {
// https://docs.microsoft.com/en-us/aspnet/core/fundamentals/http-context?view=aspnetcore-3.1#use-httpcontext-from-custom-components // https://docs.microsoft.com/en-us/aspnet/core/fundamentals/http-context?view=aspnetcore-3.1#use-httpcontext-from-custom-components
services.AddHttpContextAccessor(); services.AddHttpContextAccessor();
#region Policy Authorizations https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-6.0
services.AddScoped<IAuthorizationHandler, WhitelistTokenHandler>();
// services.AddScoped<IAuthorizationHandler, RecaptchaTokenHandler>();
services.AddAuthorization(options => { #region Policy Handlers
options.AddPolicy("WhitelistToken", policy => policy.Requirements.Add(new WhitelistTokenRequirement())); services.AddScoped<IAuthorizationHandler, CrudAuthorizationHandler>();
// options.AddPolicy("RecaptchaToken", policy => policy.Requirements.Add(new RecaptchaTokenRequirement("/swagger/index.html")));
});
#endregion #endregion
services.AddScoped<IContentService, ContentService>(); services.AddScoped<IContentService, ContentService>();
services.AddScoped<IShopItemService, ShopItemService>(); services.AddScoped<IShopItemService, ShopItemService>();
services.AddScoped<IShopItemsService, ShopItemsService>(); services.AddScoped<IShopItemsService, ShopItemsService>();
@ -95,13 +93,12 @@ namespace WeatherForecast {
services.AddScoped<IBlogItemsService, BlogItemsService>(); services.AddScoped<IBlogItemsService, BlogItemsService>();
services.AddScoped<ICategoryItemService, CategoryItemService>(); services.AddScoped<ICategoryItemService, CategoryItemService>();
services.AddScoped<ICategoryItemsService, CategoryItemsService>(); services.AddScoped<ICategoryItemsService, CategoryItemsService>();
services.AddScoped<IUserService, UserService>();
services.AddScoped<IFileService, FileService>(); services.AddScoped<IFileService, FileService>();
services.AddScoped<IFilesService, FilesService>(); services.AddScoped<IFilesService, FilesService>();
services.AddScoped<IImageService, ImageService>(); services.AddScoped<IImageService, ImageService>();
services.AddScoped<IPasswordService, PasswordService>(); services.AddScoped<IPasswordService, PasswordService>();
services.AddScoped<IAuthenticationService, AutheticationService>(); services.AddScoped<IUserService, UserService>();
services.RegisterDataproviders(appSettings); services.RegisterDataproviders(appSettings);
services.RegisterFileSecurityService(); services.RegisterFileSecurityService();