Adding Endpoints with Authorization in separate PublicApi project (#413)

* Adding tests for GetById endpoint * Updating tests and messages * Adding paged endpoint and also AutoMapper * Authenticate endpoint works as bool with tests * Got JWT token security working with Create and Delete endpoints and Swashbuckle. * Working on getting cookie and jwt token auth working in the same app All tests are passing * Creating new project and moving APIs Build succeeds; tests need updated. * all tests passing after moving services to PublicApi project * Fix authorize attributes * Uncomment and update ApiCatalogControllerLists tests Co-authored-by: Eric Fleming <eric-fleming18@hotmail.com>
2020-06-30 11:36:28 -04:00
parent e5e9868003
commit dd5a435cb4
49 changed files with 1024 additions and 75 deletions
--- a/src/Web/API/BaseRequest.cs
+++ b/src/Web/API/BaseRequest.cs
@@ -1,20 +0,0 @@
-using System;
-
-namespace Microsoft.eShopWeb.Web.API
-{
-    /// <summary>
-    /// Base class used by API requests
-    /// </summary>
-    public abstract class BaseMessage
-    {
-        /// <summary>
-        /// Unique Identifier used by logging
-        /// </summary>
-        protected Guid _correlationId = Guid.NewGuid();
-        public Guid CorrelationId() => _correlationId;
-    }
-
-    public abstract class BaseRequest : BaseMessage 
-    {
-    }
-}
--- a/src/Web/API/BaseResponse.cs
+++ b/src/Web/API/BaseResponse.cs
@@ -1,19 +0,0 @@
-using System;
-
-namespace Microsoft.eShopWeb.Web.API
-{
-    /// <summary>
-    /// Base class used by API responses
-    /// </summary>
-    public abstract class BaseResponse : BaseMessage
-    {
-        public BaseResponse(Guid correlationId) : base()
-        {
-            base._correlationId = correlationId;
-        }
-
-        public BaseResponse()
-        {
-        }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/CatalogItemDto.cs
+++ b/src/Web/API/CatalogItemEndpoints/CatalogItemDto.cs
@@ -1,13 +0,0 @@
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class CatalogItemDto
-    {
-        public int Id { get; set; }
-        public string Name { get; set; }
-        public string Description { get; set; }
-        public decimal Price { get; set; }
-        public string PictureUri { get; set; }
-        public int CatalogTypeId { get; set; }
-        public int CatalogBrandId { get; set; }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/Create.CreateCatalogItemRequest.cs
+++ b/src/Web/API/CatalogItemEndpoints/Create.CreateCatalogItemRequest.cs
@@ -1,12 +0,0 @@
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class CreateCatalogItemRequest : BaseRequest 
-    {
-        public int CatalogBrandId { get; set; }
-        public int CatalogTypeId { get; set; }
-        public string Description { get; set; }
-        public string Name { get; set; }
-        public string PictureUri { get; set; }
-        public decimal Price { get; set; }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/Create.CreateCatalogItemResponse.cs
+++ b/src/Web/API/CatalogItemEndpoints/Create.CreateCatalogItemResponse.cs
@@ -1,13 +0,0 @@
-using System;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class CreateCatalogItemResponse : BaseResponse
-    {
-        public CreateCatalogItemResponse(Guid correlationId) : base(correlationId)
-        {
-        }
-
-        public CatalogItemDto CatalogItem { get; set; }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/Create.cs
+++ b/src/Web/API/CatalogItemEndpoints/Create.cs
@@ -1,48 +0,0 @@
-using Ardalis.ApiEndpoints;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.eShopWeb.ApplicationCore.Entities;
-using Microsoft.eShopWeb.ApplicationCore.Interfaces;
-using Swashbuckle.AspNetCore.Annotations;
-using System.Threading.Tasks;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class Create : BaseAsyncEndpoint<CreateCatalogItemRequest, CreateCatalogItemResponse>
-    {
-        private readonly IAsyncRepository<CatalogItem> _itemRepository;
-
-        public Create(IAsyncRepository<CatalogItem> itemRepository)
-        {
-            _itemRepository = itemRepository;
-        }
-
-        [HttpPost("api/catalog-items")]
-        [SwaggerOperation(
-            Summary = "Creates a new Catalog Item",
-            Description = "Creates a new Catalog Item",
-            OperationId = "catalog-items.create",
-            Tags = new[] { "CatalogItemEndpoints" })
-        ]
-        public override async Task<ActionResult<CreateCatalogItemResponse>> HandleAsync(CreateCatalogItemRequest request)
-        {
-            var response = new CreateCatalogItemResponse(request.CorrelationId());
-
-            CatalogItem newItem = new CatalogItem(request.CatalogTypeId, request.CatalogBrandId, request.Description, request.Name, request.Price, request.PictureUri);
-
-            newItem = await _itemRepository.AddAsync(newItem);
-
-            var dto = new CatalogItemDto
-            {
-                Id = newItem.Id,
-                CatalogBrandId = newItem.CatalogBrandId,
-                CatalogTypeId = newItem.CatalogTypeId,
-                Description = newItem.Description,
-                Name = newItem.Name,
-                PictureUri = newItem.PictureUri,
-                Price = newItem.Price
-            };
-            response.CatalogItem = dto;
-            return response;
-        }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/Delete.DeleteCatalogItemRequest.cs
+++ b/src/Web/API/CatalogItemEndpoints/Delete.DeleteCatalogItemRequest.cs
@@ -1,10 +0,0 @@
-using Microsoft.AspNetCore.Mvc;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class DeleteCatalogItemRequest : BaseRequest 
-    {
-        //[FromRoute]
-        public int CatalogItemId { get; set; }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/Delete.DeleteCatalogItemResponse.cs
+++ b/src/Web/API/CatalogItemEndpoints/Delete.DeleteCatalogItemResponse.cs
@@ -1,13 +0,0 @@
-using System;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class DeleteCatalogItemResponse : BaseResponse
-    {
-        public DeleteCatalogItemResponse(Guid correlationId) : base(correlationId)
-        {
-        }
-
-        public string Status { get; set; } = "Deleted";
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/Delete.cs
+++ b/src/Web/API/CatalogItemEndpoints/Delete.cs
@@ -1,38 +0,0 @@
-using Ardalis.ApiEndpoints;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.eShopWeb.ApplicationCore.Entities;
-using Microsoft.eShopWeb.ApplicationCore.Interfaces;
-using Swashbuckle.AspNetCore.Annotations;
-using System.Threading.Tasks;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class Delete : BaseAsyncEndpoint<DeleteCatalogItemRequest, DeleteCatalogItemResponse>
-    {
-        private readonly IAsyncRepository<CatalogItem> _itemRepository;
-
-        public Delete(IAsyncRepository<CatalogItem> itemRepository)
-        {
-            _itemRepository = itemRepository;
-        }
-
-        [HttpDelete("api/catalog-items/{CatalogItemId}")]
-        [SwaggerOperation(
-            Summary = "Deletes a Catalog Item",
-            Description = "Deletes a Catalog Item",
-            OperationId = "catalog-items.Delete",
-            Tags = new[] { "CatalogItemEndpoints" })
-        ]
-        public override async Task<ActionResult<DeleteCatalogItemResponse>> HandleAsync([FromRoute]DeleteCatalogItemRequest request)
-        {
-            var response = new DeleteCatalogItemResponse(request.CorrelationId());
-
-            var itemToDelete = await _itemRepository.GetByIdAsync(request.CatalogItemId);
-            if (itemToDelete is null) return NotFound();
-
-            await _itemRepository.DeleteAsync(itemToDelete);
-
-            return Ok(response);
-        }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/GetById.GetByIdCatalogItemRequest.cs
+++ b/src/Web/API/CatalogItemEndpoints/GetById.GetByIdCatalogItemRequest.cs
@@ -1,7 +0,0 @@
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class GetByIdCatalogItemRequest : BaseRequest 
-    {
-        public int CatalogItemId { get; set; }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/GetById.GetByIdCatalogItemResponse.cs
+++ b/src/Web/API/CatalogItemEndpoints/GetById.GetByIdCatalogItemResponse.cs
@@ -1,13 +0,0 @@
-using System;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class GetByIdCatalogItemResponse : BaseResponse
-    {
-        public GetByIdCatalogItemResponse(Guid correlationId) : base(correlationId)
-        {
-        }
-
-        public CatalogItemDto CatalogItem { get; set; }
-    }
-}
--- a/src/Web/API/CatalogItemEndpoints/GetById.cs
+++ b/src/Web/API/CatalogItemEndpoints/GetById.cs
@@ -1,46 +0,0 @@
-using Ardalis.ApiEndpoints;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.eShopWeb.ApplicationCore.Entities;
-using Microsoft.eShopWeb.ApplicationCore.Interfaces;
-using Swashbuckle.AspNetCore.Annotations;
-using System.Threading.Tasks;
-
-namespace Microsoft.eShopWeb.Web.API.CatalogItemEndpoints
-{
-    public class GetById : BaseAsyncEndpoint<GetByIdCatalogItemRequest, GetByIdCatalogItemResponse>
-    {
-        private readonly IAsyncRepository<CatalogItem> _itemRepository;
-
-        public GetById(IAsyncRepository<CatalogItem> itemRepository)
-        {
-            _itemRepository = itemRepository;
-        }
-
-        [HttpGet("api/catalog-items/{CatalogItemId}")]
-        [SwaggerOperation(
-            Summary = "Get a Catalog Item by Id",
-            Description = "Gets a Catalog Item by Id",
-            OperationId = "catalog-items.GetById",
-            Tags = new[] { "CatalogItemEndpoints" })
-        ]
-        public override async Task<ActionResult<GetByIdCatalogItemResponse>> HandleAsync([FromRoute]GetByIdCatalogItemRequest request)
-        {
-            var response = new GetByIdCatalogItemResponse(request.CorrelationId());
-
-            var item = await _itemRepository.GetByIdAsync(request.CatalogItemId);
-            if (item is null) return NotFound();
-
-            response.CatalogItem = new CatalogItemDto
-            {
-                Id = item.Id,
-                CatalogBrandId = item.CatalogBrandId,
-                CatalogTypeId = item.CatalogTypeId,
-                Description = item.Description,
-                Name = item.Name,
-                PictureUri = item.PictureUri,
-                Price = item.Price
-            };
-            return Ok(response);
-        }
-    }
-}
--- a/src/Web/API/CustomSchemaFilters.cs
+++ b/src/Web/API/CustomSchemaFilters.cs
@@ -1,17 +0,0 @@
-using Microsoft.OpenApi.Models;
-using Swashbuckle.AspNetCore.SwaggerGen;
-
-namespace Microsoft.eShopWeb.Web.API
-{
-    public class CustomSchemaFilters : ISchemaFilter
-    {
-        public void Apply(OpenApiSchema schema, SchemaFilterContext context)
-        {
-            var excludeProperties = new[] { "CorrelationId" };
-
-            foreach (var prop in excludeProperties)
-                if (schema.Properties.ContainsKey(prop))
-                    schema.Properties.Remove(prop);
-        }
-    }
-}
--- a/src/Web/API/README.md
+++ b/src/Web/API/README.md
@@ -1,4 +0,0 @@
-# API Endpoints
-
-This folder demonstrates how to configure API endpoints as individual classes. You can compare it to the traditional controller-based approach found in /Controllers/Api.
-
--- a/src/Web/Areas/Identity/Pages/Account/Logout.cshtml.cs
+++ b/src/Web/Areas/Identity/Pages/Account/Logout.cshtml.cs
@@ -1,4 +1,5 @@
 using System.Threading.Tasks;
+using AutoMapper.Configuration.Annotations;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
@@ -9,6 +10,7 @@ using Microsoft.Extensions.Logging;
 namespace Microsoft.eShopWeb.Web.Areas.Identity.Pages.Account
 {
    [AllowAnonymous]
+    [IgnoreAntiforgeryToken]
    public class LogoutModel : PageModel
    {
        private readonly SignInManager<ApplicationUser> _signInManager;
--- a/src/Web/Controllers/Api/BaseApiController.cs
+++ b/src/Web/Controllers/Api/BaseApiController.cs
@@ -2,6 +2,7 @@

 namespace Microsoft.eShopWeb.Web.Controllers.Api
 {
+    // No longer used - shown for reference only if using full controllers instead of Endpoints for APIs
    [Route("api/[controller]/[action]")]
    [ApiController]
    public class BaseApiController : ControllerBase
--- a/src/Web/Controllers/Api/CatalogController.cs
+++ b/src/Web/Controllers/Api/CatalogController.cs
@@ -1,21 +0,0 @@
-using Microsoft.eShopWeb.Web.Services;
-using Microsoft.AspNetCore.Mvc;
-using System.Threading.Tasks;
-
-namespace Microsoft.eShopWeb.Web.Controllers.Api
-{
-    public class CatalogController : BaseApiController
-    {
-        private readonly ICatalogViewModelService _catalogViewModelService;
-
-        public CatalogController(ICatalogViewModelService catalogViewModelService) => _catalogViewModelService = catalogViewModelService;
-
-        [HttpGet]
-        public async Task<IActionResult> List(int? brandFilterApplied, int? typesFilterApplied, int? page)
-        {
-            var itemsPage = 10;           
-            var catalogModel = await _catalogViewModelService.GetCatalogItems(page ?? 0, itemsPage, brandFilterApplied, typesFilterApplied);
-            return Ok(catalogModel);
-        }
-    }
-}
--- a/src/Web/Controllers/OrderController.cs
+++ b/src/Web/Controllers/OrderController.cs
@@ -1,4 +1,5 @@
 using MediatR;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.eShopWeb.Web.Features.MyOrders;
--- a/src/Web/Pages/Basket/Checkout.cshtml.cs
+++ b/src/Web/Pages/Basket/Checkout.cshtml.cs
@@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
--- a/src/Web/Startup.cs
+++ b/src/Web/Startup.cs
@@ -8,7 +8,10 @@ using Microsoft.AspNetCore.Mvc.ApplicationModels;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.eShopWeb.Infrastructure.Data;
 using Microsoft.eShopWeb.Infrastructure.Identity;
-using Microsoft.eShopWeb.Web.API;
+using Microsoft.eShopWeb.Infrastructure.Logging;
+using Microsoft.eShopWeb.Infrastructure.Services;
+using Microsoft.eShopWeb.Web.Interfaces;
+using Microsoft.eShopWeb.Web.Services;
 using Microsoft.eShopWeb.Web.Configuration;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -107,12 +110,6 @@ namespace Microsoft.eShopWeb.Web
            });
            services.AddControllersWithViews();
            services.AddHttpContextAccessor();
-            services.AddSwaggerGen(c =>
-            {
-                c.SwaggerDoc("v1", new OpenApi.Models.OpenApiInfo { Title = "My API", Version = "v1" });
-                c.EnableAnnotations();
-                c.SchemaFilter<CustomSchemaFilters>();
-            });
            services.AddHealthChecks();
            services.Configure<ServiceConfig>(config =>
            {
@@ -166,15 +163,6 @@ namespace Microsoft.eShopWeb.Web
            app.UseCookiePolicy();
            app.UseAuthentication();
            app.UseAuthorization();
-            // Enable middleware to serve generated Swagger as a JSON endpoint.
-            app.UseSwagger();
-
-            // Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.), 
-            // specifying the Swagger JSON endpoint.
-            app.UseSwaggerUI(c =>
-            {
-                c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
-            });

            app.UseEndpoints(endpoints =>
            {
--- a/src/Web/Web.csproj
+++ b/src/Web/Web.csproj
@@ -23,6 +23,7 @@
    <PackageReference Include="Ardalis.ApiEndpoints" Version="1.0.0" />
    <PackageReference Include="Ardalis.ListStartupServices" Version="1.1.3" />
    <PackageReference Include="Ardalis.Specification" Version="3.0.0" />
+    <PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="7.0.0" />

    <PackageReference Include="MediatR" Version="8.0.1" />
    <PackageReference Include="MediatR.Extensions.Microsoft.DependencyInjection" Version="8.0.0" />
@@ -30,17 +31,17 @@
    <PackageReference Include="Microsoft.CodeAnalysis" Version="3.6.0" />
    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="3.1.5" />
    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="3.1.3" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.5.0" />
-    <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="5.5.0" />
-    <PackageReference Include="Swashbuckle.AspNetCore.Annotations" Version="5.5.0" />
+    <PackageReference Include="Microsoft.Web.LibraryManager.Build" Version="2.1.76" />
    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="3.1.5" />
    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.1.5" />
    <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="3.1.5" />
    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.1.5" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.1.0" />
    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="3.1.5">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.7.0" />
  </ItemGroup>
  <ItemGroup>
    <Folder Include="wwwroot\fonts\" />