Authorization through swagger works

2024-08-15 12:26:02 +02:00 · 2024-08-15 12:26:02 +02:00 · 7603f00bd5
commit 7603f00bd5
parent 422952f276
5 changed files with 36 additions and 29 deletions
--- a/API/Controllers/UsersController.cs
+++ b/API/Controllers/UsersController.cs
@ -47,6 +47,7 @@ namespace API.Controllers
        }

        // GET: api/Users
+        [Authorize]
        [HttpGet]
        public async Task<ActionResult<List<UserDTO>>> GetUsers()
        {
@ -54,6 +55,7 @@ namespace API.Controllers
        }

        // GET: api/Users/5
+        [Authorize]
        [HttpGet("{id}")]
        public async Task<ActionResult<UserDTO>> GetUser(string id)
        {
@ -63,6 +65,7 @@ namespace API.Controllers

        // PUT: api/Users/5
        // To protect from overposting attacks, see https://go.microsoft.com/fwlink/?linkid=2123754
+        [Authorize]
        [HttpPut("{id}")]
        public async Task<IActionResult> PutUser(UserDTO userDTO)
        {
@ -79,6 +82,7 @@ namespace API.Controllers


        // DELETE: api/Users/5
+        [Authorize]
        [HttpDelete("{id}")]
        public async Task<IActionResult> DeleteUser(string id)
        {
--- a/API/Program.cs
+++ b/API/Program.cs
@ -4,6 +4,7 @@ using API.Persistence.Repositories;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
 using System.Text;

 namespace API
@ -65,6 +66,37 @@ namespace API
                };
            });

+            // Swagger does not by default allow to use Bearer tokens
+            // The method AddSwaggerGen with the following options grants access to address a Bearer token -
+            // Simply by clicking the Lock icon and pasting the Bearer Token
+            builder.Services.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo { Title = "Your API", Version = "v1" });
+
+                // Configure Swagger to use Bearer token authentication
+                c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+                {
+                    Description = "JWT Authorization header using the Bearer scheme",
+                    Type = SecuritySchemeType.Http,
+                    Scheme = "bearer"
+                });
+
+                c.AddSecurityRequirement(new OpenApiSecurityRequirement
+                {
+                    {
+                        new OpenApiSecurityScheme
+                        {
+                            Reference = new OpenApiReference
+                            {
+                                Type = ReferenceType.SecurityScheme,
+                                Id = "Bearer"
+                            }
+                        },
+                        new string[] { }
+                    }
+                });
+                        });
+
            var connectionString = Configuration.GetConnectionString("DefaultConnection") ?? Environment.GetEnvironmentVariable("DEFAULT_CONNECTION");
            builder.Services.AddDbContext<AppDBContext>(options => options.UseSqlite(connectionString));

--- a/Mobile/build/web/Dockerfile
+++ b/Mobile/build/web/Dockerfile
@ -1,11 +0,0 @@
-FROM nginx:alpine
-
-# Copy the config files
-ADD ./conf/ /etc/nginx/
-# Clears the static files
-RUN rm -rf /usr/share/nginx/html
-# Copy the static web content
-ADD . /usr/share/nginx/html
-
-# Suggests to bind port 80 to any port of the host system
-EXPOSE 80
--- a/Mobile/build/web/conf/app.conf
+++ b/Mobile/build/web/conf/app.conf
@ -1,13 +0,0 @@
-server {
-    listen 80;
-    root /usr/share/nginx/html;
-
-    # Enables Gzip compression for efficiency
-    gzip on;
-    gzip_types text/plain text/javascript text/css application/json;
-
-    # Handles routing for static files and serves index.html as a fallback
-    location / {
-        try_files $uri $uri/ /index.html;
-    }
-}
--- a/Mobile/build/web/conf/nginx.conf
+++ b/Mobile/build/web/conf/nginx.conf
@ -1,5 +0,0 @@
-events {}
-
-http {
-    include /etc/nginx/app.conf;
-}