added admin restrictions

2025-03-14 07:44:54 +00:00 · 2024-01-28 04:04:08 -05:00 · 2024-01-28 04:04:08 -05:00 · 65c7a720c4
commit 65c7a720c4
parent 85fade49b5
6 changed files with 36 additions and 12 deletions
--- a/src/ArtPlatform.API/ArtPlatform.API.csproj
+++ b/src/ArtPlatform.API/ArtPlatform.API.csproj
@ -22,10 +22,19 @@
      <Content Include="..\.dockerignore">
        <Link>.dockerignore</Link>
      </Content>
+      <None Remove="react\public\favicon.ico" />
+      <None Remove="react\public\index.html" />
+      <None Remove="react\public\logo192.png" />
+      <None Remove="react\public\logo512.png" />
+      <None Remove="react\public\robots.txt" />
    </ItemGroup>

    <ItemGroup>
      <ProjectReference Include="..\ArtPlatform.Database\ArtPlatform.Database.csproj" />
    </ItemGroup>

+    <ItemGroup>
+      <Folder Include="react\" />
+    </ItemGroup>
+
 </Project>
--- a/src/ArtPlatform.API/Controllers/AdminSellerProfileRequestsController.cs
+++ b/src/ArtPlatform.API/Controllers/AdminSellerProfileRequestsController.cs
@ -8,6 +8,7 @@ using Microsoft.EntityFrameworkCore;
 namespace ArtPlatform.API.Controllers;

 [ApiController]
+[Authorize("admin")]
 [Route("api/[controller]")]
 public class AdminSellerProfileRequestsController : Controller
 {
--- a/src/ArtPlatform.API/Middleware/UserMiddleware.cs
+++ b/src/ArtPlatform.API/Middleware/UserMiddleware.cs
@ -30,11 +30,17 @@ public class UserMiddleware
                    Id = userId, 
                    DisplayName = context.User.Identity.Name ?? "Anonymous", 
                    Biography = string.Empty,
-                    Email = context.User.Claims.FirstOrDefault(x=>x.Type=="email")?.Value ?? string.Empty,
+                    Email = context.User.Claims.FirstOrDefault(x=>x.Type==ClaimTypes.Email)?.Value ?? string.Empty,
                };
                dbContext.Users.Add(user);
                await dbContext.SaveChangesAsync();
            }
+            else
+            {
+                user.Email= context.User.Claims.FirstOrDefault(x=>x.Type==ClaimTypes.Email)?.Value ?? string.Empty;
+                dbContext.Users.Update(user);
+                await dbContext.SaveChangesAsync();
+            }
        }

        await _next(context);
--- a/src/ArtPlatform.API/Program.cs
+++ b/src/ArtPlatform.API/Program.cs
@ -8,6 +8,7 @@ using ArtPlatform.Database;
 using Auth0.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.Extensions.FileProviders;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;

@ -19,7 +20,6 @@ var builder = WebApplication.CreateBuilder(args);
 builder.Services.AddSingleton<IStorageService,ImgCdnStorageServiceProvider>();
 builder.Services.AddSingleton<IPaymentService,StripePaymentServiceProvider>();

-
 builder.Services.AddHttpContextAccessor();
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddDbContext<ApplicationDbContext>();
@ -87,18 +87,21 @@ builder.Services.AddControllers()
        options.JsonSerializerOptions.ReferenceHandler = System.Text.Json.Serialization.ReferenceHandler.IgnoreCycles
        );

-builder.Services.AddAuthentication(options =>
-{
-    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
-}).AddJwtBearer(options =>
+builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
 {
    options.Authority = $"{builder.Configuration.GetValue<string>("Auth0:Domain")}";
    options.Audience = $"{builder.Configuration.GetValue<string>("Auth0:Audience")}";
+    options.TokenValidationParameters = new TokenValidationParameters
+    {
+        NameClaimType = ClaimTypes.NameIdentifier,
+        RoleClaimType = ClaimTypes.Role
+    };
 });

 builder.Services.AddAuthorization(options =>
 {
+    options.AddPolicy("admin", policy => policy.RequireClaim(ClaimTypes.Role, "Admin"));
+    
    options.AddPolicy("read:user", policy => policy.Requirements.Add(new 
        HasScopeRequirement("read:user", builder.Configuration.GetValue<string>("Auth0:Domain"))));
    options.AddPolicy("write:user", policy => policy.Requirements.Add(new 
@ -139,6 +142,7 @@ builder.Services.AddSingleton<IAuthorizationHandler, HasScopeHandler>();


 var app = builder.Build();
+
 app.UseSwagger();
 app.UseSwaggerUI(settings =>
 {
@ -147,9 +151,13 @@ app.UseSwaggerUI(settings =>
        settings.OAuthClientId(builder.Configuration.GetValue<string>("Auth0:ClientId"));
        settings.OAuthClientSecret(builder.Configuration.GetValue<string>("Auth0:ClientSecret"));
        settings.OAuthUsePkce();
-    }   
+    }
 });
+var defaultFilesOptions = new DefaultFilesOptions();
+defaultFilesOptions.DefaultFileNames.Clear();
+defaultFilesOptions.DefaultFileNames.Add("index.html"); // replace 'yourf
 app.UseStaticFiles();
+
 app.UseHttpsRedirection();
 app.UseAuthentication();
 app.UseMiddleware<UserMiddleware>();
--- a/src/ArtPlatform.API/Properties/launchSettings.json
+++ b/src/ArtPlatform.API/Properties/launchSettings.json
@ -13,7 +13,7 @@
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
-      "launchUrl": "swagger",
+      "launchUrl": "",
      "applicationUrl": "http://localhost:5290",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
@ -23,7 +23,7 @@
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
-      "launchUrl": "swagger",
+      "launchUrl": "",
      "applicationUrl": "https://localhost:7148;http://localhost:5290",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
--- a/src/ArtPlatform.API/appsettings.json
+++ b/src/ArtPlatform.API/appsettings.json
@ -11,8 +11,8 @@
  },
  "Logging": {
    "LogLevel": {
-      "Default": "Information",
-      "Microsoft.AspNetCore": "Warning"
+      "Default": "Trace",
+      "Microsoft.AspNetCore": "Trace"
    }
  },
  "AllowedHosts": "*"