Robware/api.auth
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Require authorisation by default

Browse source
This commit is contained in:
Robert Marshall 2021-05-08 15:13:56 +01:00
parent 18aecde93a
commit 6e732dbc69
3 changed files with 2 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/Robware.Api.Auth/Controllers/ApiController.cs
View file

@ -1,5 +1,4 @@
using Microsoft.AspNetCore.Authorization; using System.Threading.Tasks;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using Robware.Auth.API; using Robware.Auth.API;
@ -23,15 +22,12 @@ namespace Robware.Api.Auth.Controllers {
public async Task<ActionResult> Validate(string key) => await _apiKeyValidator.Validate(key) ? (ActionResult) Ok() : Unauthorized(); public async Task<ActionResult> Validate(string key) => await _apiKeyValidator.Validate(key) ? (ActionResult) Ok() : Unauthorized();
[HttpPost(nameof(Create))] [HttpPost(nameof(Create))]
[Authorize]
public async Task<ActionResult<ApiKey>> Create(string name) => await _apiKeyRepository.Create(name); public async Task<ActionResult<ApiKey>> Create(string name) => await _apiKeyRepository.Create(name);
[HttpGet(nameof(List))] [HttpGet(nameof(List))]
[Authorize]
public async Task<ActionResult<ApiKey[]>> List() => (await _apiKeyRepository.GetAll()).ToArray(); public async Task<ActionResult<ApiKey[]>> List() => (await _apiKeyRepository.GetAll()).ToArray();
[HttpDelete(nameof(Delete))] [HttpDelete(nameof(Delete))]
[Authorize]
public async Task<ActionResult> Delete(string key) => await _apiKeyRepository.Delete(key) ? (ActionResult) NoContent() : BadRequest(); public async Task<ActionResult> Delete(string key) => await _apiKeyRepository.Delete(key) ? (ActionResult) NoContent() : BadRequest();
private async Task<ActionResult> SetEnabled(string key, bool enabled) { private async Task<ActionResult> SetEnabled(string key, bool enabled) {
@ -48,11 +44,9 @@ namespace Robware.Api.Auth.Controllers {
} }
[HttpPatch(nameof(Disable))] [HttpPatch(nameof(Disable))]
[Authorize]
public async Task<ActionResult> Disable(string key) => await SetEnabled(key, false); public async Task<ActionResult> Disable(string key) => await SetEnabled(key, false);
[HttpPatch(nameof(Enable))] [HttpPatch(nameof(Enable))]
[Authorize]
public async Task<ActionResult> Enable(string key) => await SetEnabled(key, true); public async Task<ActionResult> Enable(string key) => await SetEnabled(key, true);
} }
} }

2
src/Robware.Api.Auth/Controllers/UserController.cs
View file

@ -1,6 +1,5 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using Robware.Api.Auth.Models; using Robware.Api.Auth.Models;
@ -19,7 +18,6 @@ namespace Robware.Api.Auth.Controllers {
} }
[HttpPost(nameof(Authenticate))] [HttpPost(nameof(Authenticate))]
[Authorize]
public async Task<ActionResult<User>> Authenticate(LoginRequest request) { public async Task<ActionResult<User>> Authenticate(LoginRequest request) {
var (result, user) = await _authenticator.Authenticate(request.Username, request.Password); var (result, user) = await _authenticator.Authenticate(request.Username, request.Password);
switch (result) { switch (result) {

2
src/Robware.Api.Auth/Startup.cs
View file

@ -55,7 +55,7 @@ namespace Robware.Api.Auth {
app.UseAuthorization(); app.UseAuthorization();
app.UseEndpoints(endpoints => { app.UseEndpoints(endpoints => {
endpoints.MapControllers(); endpoints.MapControllers().RequireAuthorization();
}); });
} }
} }