Merge pull request #10 from DiyorMarket/integration

weekly-master-update

Author: Mirazyzz

CheckDrive.Api/CheckDrive.Api/Controllers/AccountsController.cs

@@ -1,5 +1,7 @@
-using CheckDrive.Application.DTOs.Account;
+using CheckDrive.Application.Constants;
+using CheckDrive.Application.DTOs.Account;
 using CheckDrive.Application.Interfaces;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace CheckDrive.Api.Controllers;
@@ -32,6 +34,7 @@ public async Task<ActionResult<AccountDto>> GetAccountByIdAsync(string id)
     }
 
     [HttpPost]
+    [Authorize(Roles = $"{Roles.Manager},{Roles.Administrator}")]
     public async Task<ActionResult<AccountDto>> CreateAsync([FromBody] CreateAccountDto account)
     {
         var createdAccount = await _service.CreateAsync(account);

CheckDrive.Api/CheckDrive.Api/Controllers/Authorization/AuthController.cs

@@ -0,0 +1,27 @@
+using CheckDrive.Application.Constants;
+using CheckDrive.Application.DTOs.Identity;
+using CheckDrive.Application.Interfaces;
+using CheckDrive.Application.Interfaces.Authorization;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace CheckDrive.Api.Controllers.Authorization;
+
+[Route("api/auth")]
+[ApiController]
+public class AuthController : ControllerBase
+{
+    private readonly IAuthService _authService;
+
+    public AuthController(IAuthService authService)
+    {
+        _authService = authService ?? throw new ArgumentNullException(nameof(authService));
+    }
+
+    [HttpPost("login")]
+    public async Task<IActionResult> LoginAsync([FromBody] LoginDto request)
+    {
+        var token = await _authService.LoginAsync(request);
+        return Ok(token);
+    }
+}

CheckDrive.Api/CheckDrive.Api/Extensions/DependencyInjection.cs

@@ -1,5 +1,6 @@
-using CheckDrive.Api.Filters;
-using CheckDrive.Application.Extensions;
+using CheckDrive.Infrastructure.Persistence;
+using FluentEmail.MailKitSmtp;
+using CheckDrive.Application.Extensions;
 using CheckDrive.Infrastructure.Configurations;
 using CheckDrive.Infrastructure.Extensions;
 using CheckDrive.TestDataCreator.Configurations;
@@ -10,6 +11,8 @@
 using Newtonsoft.Json.Converters;
 using Newtonsoft.Json.Serialization;
 using System.Text;
+using Microsoft.AspNetCore.Identity;
+using CheckDrive.Api.Filters;
 
 namespace CheckDrive.Api.Extensions;
 
@@ -158,3 +161,4 @@ private static void AddSyncfusion(IConfiguration configuration)
         Syncfusion.Licensing.SyncfusionLicenseProvider.RegisterLicense(key);
     }
 }
+

CheckDrive.Api/CheckDrive.Api/Extensions/StartupExtensions.cs

@@ -1,7 +1,6 @@
-
-
-using CheckDrive.Api.Helpers;
+using CheckDrive.Api.Helpers;
 using CheckDrive.Api.Middlewares;
+using CheckDrive.Application.Constants;
 using CheckDrive.Domain.Interfaces;
 using CheckDrive.TestDataCreator.Configurations;
 using Microsoft.AspNetCore.Identity;

CheckDrive.Api/CheckDrive.Api/Middlewares/ErrorHandlerMiddleware.cs

@@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Http.HttpResults;
+using CheckDrive.Domain.Exceptions;
+using Microsoft.AspNetCore.Http.HttpResults;
 using System.Net;
 
 namespace CheckDrive.Api.Middlewares;
@@ -37,6 +38,18 @@ private async Task HandleAsync(HttpContext context, Exception exception)
             message = exception.Message;
         }
 
+        if (exception is InvalidLoginAttemptException)
+        {
+            context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
+            message = exception.Message;
+        }
+
+        if (exception is RegistrationFailedException)
+        {
+            context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
+            message = exception.Message;
+        }
+
         await context.Response.WriteAsync(message);
         _logger.LogError($"{message}. {exception.Message}");
     }

CheckDrive.Api/CheckDrive.Application/Constants/Roles.cs

@@ -0,0 +1,12 @@
+namespace CheckDrive.Application.Constants;
+
+public class Roles
+{
+    public const string Administrator = nameof(Administrator);
+    public const string Driver = nameof(Driver);
+    public const string Doctor = nameof(Doctor);
+    public const string Manager = nameof(Manager);
+    public const string Operator = nameof(Operator);
+    public const string Mechanic = nameof(Mechanic);
+    public const string Dispatcher = nameof(Dispatcher);
+}

CheckDrive.Api/CheckDrive.Application/DTOs/Identity/LoginDto.cs

@@ -0,0 +1,7 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace CheckDrive.Application.DTOs.Identity;
+
+public sealed record LoginDto(
+    string UserName,
+    string Password);

CheckDrive.Api/CheckDrive.Application/Extensions/DependencyInjection.cs

@@ -1,7 +1,10 @@
-using CheckDrive.Application.Interfaces;
+using CheckDrive.Application.Interfaces.Authorization;
 using CheckDrive.Application.Interfaces.Review;
+using CheckDrive.Application.Services.Authorization;
+using CheckDrive.Application.Interfaces;
 using CheckDrive.Application.Services;
 using CheckDrive.Application.Services.Review;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace CheckDrive.Application.Extensions;
@@ -11,14 +14,14 @@ public static class DependencyInjection
     public static IServiceCollection RegisterApplication(this IServiceCollection services)
     {
         AddServices(services);
-
         services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
 
         return services;
     }
 
     private static void AddServices(IServiceCollection services)
     {
+        services.AddScoped<IAuthService, AuthService>();
         services.AddScoped<IDoctorReviewService, DoctorReviewService>();
         services.AddScoped<IMechanicHandoverService, MechanicHandoverService>();
         services.AddScoped<IOperatorReviewService, OperatorReviewService>();

CheckDrive.Api/CheckDrive.Application/Interfaces/Authorization/IAuthService.cs

@@ -0,0 +1,9 @@
+using CheckDrive.Application.DTOs.Account;
+using CheckDrive.Application.DTOs.Identity;
+
+namespace CheckDrive.Application.Interfaces.Authorization;
+
+public interface IAuthService
+{
+    Task<string> LoginAsync(LoginDto login);
+}

CheckDrive.Api/CheckDrive.Application/Interfaces/Authorization/IJwtTokenGenerator.cs

@@ -0,0 +1,8 @@
+using Microsoft.AspNetCore.Identity;
+
+namespace CheckDrive.Application.Interfaces.Authorization;
+
+public interface IJwtTokenGenerator
+{
+    string GenerateToken(IdentityUser user, IList<string> roles);
+}

CheckDrive.Api/CheckDrive.Application/Services/Authorization/AuthService.cs

@@ -0,0 +1,44 @@
+using CheckDrive.Application.DTOs.Identity;
+using CheckDrive.Application.Interfaces.Authorization;
+using CheckDrive.Domain.Exceptions;
+using Microsoft.AspNetCore.Identity;
+
+namespace CheckDrive.Application.Services.Authorization;
+
+internal sealed class AuthService : IAuthService
+{
+    private readonly IJwtTokenGenerator _jwtTokenGenerator;
+    private readonly UserManager<IdentityUser> _userManager;
+
+    public AuthService(IJwtTokenGenerator jwtTokenGenerator, UserManager<IdentityUser> userManager)
+    {
+        _jwtTokenGenerator = jwtTokenGenerator ?? throw new ArgumentNullException(nameof(jwtTokenGenerator));
+        _userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
+    }
+
+    public async Task<string> LoginAsync(LoginDto loginDto)
+    {
+        if (loginDto is null)
+        {
+            throw new ArgumentNullException(nameof(loginDto));
+        }
+
+        var user = await _userManager.FindByNameAsync(loginDto.UserName);
+
+        if (user is null)
+        {
+            throw new InvalidLoginAttemptException("Invalid email or password");
+        }
+
+        if (!await _userManager.CheckPasswordAsync(user, loginDto.Password))
+        {
+            throw new InvalidLoginAttemptException("Invalid email or password");
+        }
+       
+        var roles = await _userManager.GetRolesAsync(user);
+
+        var token = _jwtTokenGenerator.GenerateToken(user, roles);
+
+        return token;
+    }
+}

CheckDrive.Api/CheckDrive.Application/Services/Review/MechanicHandoverService.cs

@@ -57,6 +57,7 @@ private async Task<Mechanic> GetAndValidateMechanicAsync(int mechanicId)
     private async Task<CheckPoint> GetAndValidateCheckPointAsync(int checkPointId)
     {
         var checkPoint = await _context.CheckPoints
+            .Include(x => x.DoctorReview)
             .FirstOrDefaultAsync(x => x.Id == checkPointId);
 
         if (checkPoint == null)

CheckDrive.Api/CheckDrive.Domain/Exceptions/InvalidLoginAttemptException.cs

@@ -0,0 +1,7 @@
+namespace CheckDrive.Domain.Exceptions;
+
+public class InvalidLoginAttemptException : Exception
+{
+    public InvalidLoginAttemptException() : base() { }
+    public InvalidLoginAttemptException(string message) : base(message) { }
+}

CheckDrive.Api/CheckDrive.Domain/Exceptions/RegistrationFailedException.cs

@@ -0,0 +1,7 @@
+namespace CheckDrive.Domain.Exceptions;
+
+public class RegistrationFailedException : Exception
+{
+    public RegistrationFailedException() { }
+    public RegistrationFailedException(string message) : base(message) { }
+}

CheckDrive.Api/CheckDrive.Infrastructure/Extensions/DependencyInjection.cs

@@ -1,5 +1,5 @@
+using CheckDrive.Domain.Interfaces;
 using CheckDrive.Application.Interfaces;
-using CheckDrive.Domain.Interfaces;
 using CheckDrive.Infrastructure.Configurations;
 using CheckDrive.Infrastructure.Email;
 using CheckDrive.Infrastructure.Persistence;
@@ -9,6 +9,8 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using CheckDrive.Application.Interfaces.Authorization;
+using CheckDrive.Infrastructure.Helpers;
 
 namespace CheckDrive.Infrastructure.Extensions;
 
@@ -20,6 +22,7 @@ public static IServiceCollection RegisterInfrastructure(this IServiceCollection
         AddConfigurations(services, configuration);
         AddFluentEmail(services, configuration);
         AddServices(services);
+        AddIdentity(services);
 
         return services;
     }
@@ -28,10 +31,6 @@ private static void AddPersistence(IServiceCollection services, IConfiguration c
     {
         services.AddDbContext<ICheckDriveDbContext, CheckDriveDbContext>(options =>
             options.UseSqlServer(configuration.GetConnectionString("DefaultConnection")));
-
-        services.AddIdentity<IdentityUser, IdentityRole>()
-            .AddEntityFrameworkStores<CheckDriveDbContext>()
-            .AddDefaultTokenProviders();
     }
 
     private static void AddConfigurations(IServiceCollection services, IConfiguration configuration)
@@ -50,6 +49,11 @@ private static void AddConfigurations(IServiceCollection services, IConfiguratio
             .Bind(configuration.GetSection(SmsConfigurations.SectionName))
             .ValidateDataAnnotations()
             .ValidateOnStart();
+
+        services.AddOptions<JwtOptions>()
+            .Bind(configuration.GetSection(JwtOptions.SectionName))
+            .ValidateDataAnnotations()
+            .ValidateOnStart();
     }
 
     private static void AddFluentEmail(IServiceCollection services, IConfiguration configuration)
@@ -82,5 +86,25 @@ private static void AddServices(IServiceCollection services)
     {
         services.AddScoped<IEmailService, EmailService>();
         services.AddScoped<ISmsService, SmsService>();
+        services.AddSingleton<IJwtTokenGenerator, JwtTokenGenerator>();
+    }
+
+    private static void AddIdentity(IServiceCollection services)
+    {
+        services.AddIdentity<IdentityUser, IdentityRole>(options =>
+        {
+            options.Password.RequiredLength = 7;
+            options.Password.RequireUppercase = false;
+            options.Password.RequireLowercase = false;
+            options.Password.RequireNonAlphanumeric = false;
+            options.Password.RequireDigit = false;
+        })
+            .AddEntityFrameworkStores<CheckDriveDbContext>()
+            .AddDefaultTokenProviders();
+
+        services.Configure<DataProtectionTokenProviderOptions>(options =>
+        {
+            options.TokenLifespan = TimeSpan.FromHours(12);
+        });
     }
 }

CheckDrive.Api/CheckDrive.Infrastructure/Helpers/JwtTokenGenerator.cs

@@ -0,0 +1,59 @@
+using CheckDrive.Application.Interfaces.Authorization;
+using CheckDrive.Infrastructure.Configurations;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace CheckDrive.Infrastructure.Helpers;
+
+internal sealed class JwtTokenGenerator : IJwtTokenGenerator
+{
+    private readonly JwtOptions _options;
+
+    public JwtTokenGenerator(IOptions<JwtOptions> options )
+    {
+        _options = options?.Value ?? throw new ArgumentNullException(nameof(options));
+    }
+
+    public string GenerateToken(IdentityUser user,
+        IList<string> roles)
+    {
+        var claims = GetClaims(user, roles);
+
+        var signingKey = GetSigningKey();
+        var securityToken = new JwtSecurityToken(
+            claims: claims,
+            expires: DateTime.UtcNow.AddHours(_options.ExpiresHours),
+            signingCredentials: signingKey);
+
+        var token = new JwtSecurityTokenHandler().WriteToken(securityToken);
+
+        return token;
+    }
+
+    private SigningCredentials GetSigningKey()
+    {
+        var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.SecretKey));
+        var signingKey = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+
+        return signingKey;
+    }
+
+    private static List<Claim> GetClaims(IdentityUser user, IList<string> roles)
+    {
+        var claims = new List<Claim>()
+        {
+            new(ClaimTypes.NameIdentifier, user.Id.ToString()),
+        };
+
+        foreach (var role in roles)
+        {
+            claims.Add(new Claim(ClaimTypes.Role, role));
+        }
+
+        return claims;
+    }
+}