From f6962fac3aa8ee0bdb6b5e328ffd8924aaaa0c56 Mon Sep 17 00:00:00 2001
From: Robert Marshall <rob@robware.uk>
Date: Sat, 8 May 2021 09:28:07 +0100
Subject: [PATCH] Require api key for user authentication

---
 src/Robware.Api.Auth/Controllers/UserController.cs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Robware.Api.Auth/Controllers/UserController.cs b/src/Robware.Api.Auth/Controllers/UserController.cs
index ba5a51f..e8f6545 100644
--- a/src/Robware.Api.Auth/Controllers/UserController.cs
+++ b/src/Robware.Api.Auth/Controllers/UserController.cs
@@ -1,9 +1,9 @@
 using System;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
 using Robware.Api.Auth.Models;
-using Robware.Auth;
 using Robware.Auth.Users;
 
 namespace Robware.Api.Auth.Controllers {
@@ -19,6 +19,7 @@ namespace Robware.Api.Auth.Controllers {
 		}
 
 		[HttpPost(nameof(Authenticate))]
+		[Authorize]
 		public async Task<ActionResult<User>> Authenticate(LoginRequest request) {
 			var (result, user) = await _authenticator.Authenticate(request.Username, request.Password);
 			switch (result) {