Adding Endpoints with Authorization in separate PublicApi project (#413)

* Adding tests for GetById endpoint * Updating tests and messages * Adding paged endpoint and also AutoMapper * Authenticate endpoint works as bool with tests * Got JWT token security working with Create and Delete endpoints and Swashbuckle. * Working on getting cookie and jwt token auth working in the same app All tests are passing * Creating new project and moving APIs Build succeeds; tests need updated. * all tests passing after moving services to PublicApi project * Fix authorize attributes * Uncomment and update ApiCatalogControllerLists tests Co-authored-by: Eric Fleming <eric-fleming18@hotmail.com>
2020-06-30 11:36:28 -04:00
parent e5e9868003
commit dd5a435cb4
49 changed files with 1024 additions and 75 deletions
--- a/src/PublicApi/AuthEndpoints/Authenticate.cs
+++ b/src/PublicApi/AuthEndpoints/Authenticate.cs
@@ -0,0 +1,50 @@
+using Ardalis.ApiEndpoints;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.eShopWeb.ApplicationCore.Constants;
+using Microsoft.eShopWeb.ApplicationCore.Entities;
+using Microsoft.eShopWeb.ApplicationCore.Interfaces;
+using Microsoft.eShopWeb.Infrastructure.Identity;
+using Microsoft.IdentityModel.Tokens;
+using Swashbuckle.AspNetCore.Annotations;
+using System;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Microsoft.eShopWeb.PublicApi.AuthEndpoints
+{
+    public class Authenticate : BaseAsyncEndpoint<AuthenticateRequest, AuthenticateResponse>
+    {
+        private readonly SignInManager<ApplicationUser> _signInManager;
+        private readonly ITokenClaimsService _tokenClaimsService;
+
+        public Authenticate(SignInManager<ApplicationUser> signInManager,
+            ITokenClaimsService tokenClaimsService)
+        {
+            _signInManager = signInManager;
+            _tokenClaimsService = tokenClaimsService;
+        }
+
+        [HttpPost("api/authenticate")]
+        [SwaggerOperation(
+            Summary = "Authenticates a user",
+            Description = "Authenticates a user",
+            OperationId = "auth.authenticate",
+            Tags = new[] { "AuthEndpoints" })
+        ]
+        public override async Task<ActionResult<AuthenticateResponse>> HandleAsync(AuthenticateRequest request)
+        {
+            var response = new AuthenticateResponse(request.CorrelationId());
+
+            var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true);
+
+            response.Result = result.Succeeded;
+
+            response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
+
+            return response;
+        }
+    }
+}