Backend Login Feature initial commit

2 years ago · fb7c368bff
6 changed files with 133 additions and 11 deletions
--- a/Server/DevBiskilogclientsContext.cs
+++ b/Server/DevBiskilogclientsContext.cs
@ -5,13 +5,13 @@ using Microsoft.EntityFrameworkCore;

 namespace Biskilog_Accounting.Server;

-public partial class DevBiskilogclientsContext : DbContext
+public partial class BiskilogClientsContext : DbContext
 {
-    public DevBiskilogclientsContext()
+    public BiskilogClientsContext()
    {
    }

-    public DevBiskilogclientsContext(DbContextOptions<DevBiskilogclientsContext> options)
+    public BiskilogClientsContext(DbContextOptions<BiskilogClientsContext> options)
        : base(options)
    {
    }
@ -30,10 +30,6 @@ public partial class DevBiskilogclientsContext : DbContext

    public virtual DbSet<Userauth> Userauths { get; set; }

-    protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
-#warning To protect potentially sensitive information in your connection string, you should move it out of source code. You can avoid scaffolding the connection string by using the Name= syntax to read it from configuration - see https://go.microsoft.com/fwlink/?linkid=2131148. For more guidance on storing connection strings, see http://go.microsoft.com/fwlink/?LinkId=723263.
-        => optionsBuilder.UseMySql("server=54.37.19.162;database=dev_biskilogclients;user=biskilog;password=mefbuk-6niFsu-fytrew", ServerVersion.Parse("10.3.38-mariadb"));
-
    protected override void OnModelCreating(ModelBuilder modelBuilder)
    {
        modelBuilder
--- a/Server/Program.cs
+++ b/Server/Program.cs
@ -1,7 +1,74 @@
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.ResponseCompression;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
+using System.Text.Json.Serialization;
+using System.Text;
+using Biskilog_Accounting.Server;

 var builder = WebApplication.CreateBuilder(args);

+// Add services to the container.
+builder.Services.AddControllers().AddJsonOptions(x => x.JsonSerializerOptions.ReferenceHandler = ReferenceHandler.IgnoreCycles);
+builder.Services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
+builder.Logging.ClearProviders();
+builder.Logging.AddConsole();
+builder.Services.AddEntityFrameworkMySql().AddDbContext<BiskilogClientsContext>(options =>
+{
+    options.UseMySql(builder.Configuration.GetConnectionString("Connection"), new MariaDbServerVersion(new Version()));
+});
+//builder.Services.AddScoped<IAuthService, AuthRepo>();
+
+builder.Services.AddCors(options =>
+{
+    options.AddPolicy("CorsPolicy",
+        builder => builder.AllowAnyOrigin()
+        .AllowAnyMethod()
+        .AllowAnyHeader()
+        );
+});
+builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
+{
+    options.RequireHttpsMetadata = false;
+    options.SaveToken = true;
+    options.TokenValidationParameters = new TokenValidationParameters()
+    {
+        ValidateIssuer = true,
+        ValidateAudience = true,
+        ValidAudience = builder.Configuration["Jwt:Audience"],
+        ValidIssuer = builder.Configuration["Jwt:Issuer"],
+        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
+    };
+});
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen(c =>
+{
+    c.SwaggerDoc("v1", new OpenApiInfo { Title = "MyBlazor", Version = "v1" });
+    c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+    {
+        In = ParameterLocation.Header,
+        Description = "Please enter a valid token",
+        Name = "Authorization",
+        Type = SecuritySchemeType.Http,
+        BearerFormat = "JWT",
+        Scheme = "Bearer"
+    });
+    c.AddSecurityRequirement(new OpenApiSecurityRequirement
+    {
+        {
+            new OpenApiSecurityScheme
+            {
+                Reference = new OpenApiReference
+                {
+                    Type=ReferenceType.SecurityScheme,
+                    Id="Bearer"
+                }
+            },
+            new string[]{}
+        }
+    });
+});
 builder.Services.AddControllersWithViews();
 builder.Services.AddRazorPages();

@ -10,19 +77,31 @@ var app = builder.Build();
 // Configure the HTTP request pipeline.
 if (app.Environment.IsDevelopment())
 {
+
    app.UseWebAssemblyDebugging();
+    app.UseSwagger();
+    app.UseSwaggerUI(c =>
+    {
+        c.SwaggerEndpoint("/swagger/v1/swagger.json", "MyBlazor v1");
+        c.RoutePrefix = "api/docs";
+    });
 }
 else
 {
+    app.UseExceptionHandler("/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
 }
-
 app.UseHttpsRedirection();
+
 app.UseBlazorFrameworkFiles();
 app.UseStaticFiles();

 app.UseRouting();
+app.UseCors("CorsPolicy");
+
+app.UseAuthentication();
+app.UseAuthorization();

 app.MapRazorPages();
 app.MapControllers();
--- a/Server/appsettings.json
+++ b/Server/appsettings.json
@ -5,5 +5,13 @@
      "Microsoft.AspNetCore": "Warning"
    }
  },
-  "AllowedHosts": "*"
+  "ConnectionStrings": {
+    "Connection": "server=54.37.19.162;database=dev_biskilogclients;user=biskilog;password=mefbuk-6niFsu-fytrew"
+  },
+  "AllowedHosts": "*",
+  "JWT": {
+    "Key": "@@BISKILOG2023DEV??//##$",
+    "Issuer": "AUTH SERVER",
+    "Audience": "BISKILOG"
+  }
 }
--- a/Accounting.Shared.csproj
+++ b/Accounting.Shared.csproj
@ -15,7 +15,6 @@
  </ItemGroup>

  <ItemGroup>
-    <Folder Include="Interfaces\" />
    <Folder Include="Enums\" />
  </ItemGroup>
 </Project>
--- a/Shared/Interfaces/IAuthService.cs
+++ b/Shared/Interfaces/IAuthService.cs
@ -0,0 +1,25 @@
+using Biskilog_Accounting.Shared.ClientContractModels;
+
+namespace Biskilog_Accounting.Shared.Interfaces
+{
+    public interface IAuthService
+    {
+        /// <summary>
+        /// Prepares and returns the connection string for a client using the specified database id
+        /// </summary>
+        /// <param name="a_databaseId">Specified database id to use</param>
+        /// <returns></returns>
+        string GetClientConnectionString(int a_databaseId);
+        /// <summary>
+        /// Authenticates user or client 
+        /// </summary>
+        /// <param name="a_username"></param>
+        /// <param name="a_password"></param>
+        /// <returns>A tokenized string with relevant information on the authenticated user</returns>
+        Task<string> AuthenticateClient(string a_username, string a_password);
+        Contract GetContract(int a_clientId, int a_businessId);
+        Databasemap GetClientDB(int a_clientId);
+        Siteaccesspermission GetSiteaccesspermission(int a_clientId);
+        Clientbusiness GetClientbusiness(int a_clientId);
+    }
+}
--- a/Shared/Interfaces/ITokenService.cs
+++ b/Shared/Interfaces/ITokenService.cs
@ -0,0 +1,15 @@
+using Biskilog_Accounting.Shared.ClientContractModels;
+
+
+namespace Biskilog_Accounting.Shared.Interfaces
+{
+    public interface ITokenService
+    {
+        bool ValidateToken(string a_token);
+        string GenerateToken(Userauth a_user, Contract a_clientContract, Databasemap a_database, Siteaccesspermission a_accessPermission);
+        int? GetRoleFromToken(string a_token);
+        int? GetUserIdFromToken(string a_token);
+        string? GetUserNameFromToken(string a_token);
+
+    }
+}