Skip to content

H
HIAST-Clinics
Commit 66384a51 authored by Almouhannad's avatar Almouhannad
Browse files
Options

(B) Add role to JWT, make controllers authorized

parent 2ea3eb22
Hide whitespace changes
Inline Side-by-side
Showing with 12 additions and 7 deletions
Clinics.Backend/Domain/Entities/Identity/UserRoles/Roles.cs
View file @ 66384a51
...@@ -4,9 +4,13 @@ public static class Roles ...@@ -4,9 +4,13 @@ public static class Roles
{ {
#region Constant values #region Constant values
public static int Count => 3; public static int Count => 3;
public static Role Admin => Role.Create(1, "admin"); public const string AdminName = "admin";
public static Role Doctor => Role.Create(2, "doctor"); public const string DoctorName = "doctor";
public static Role Receptionist => Role.Create(3, "receptionist"); public const string ReceptionistName = "receptionist";
public static Role Admin => Role.Create(1, AdminName);
public static Role Doctor => Role.Create(2, DoctorName);
public static Role Receptionist => Role.Create(3, ReceptionistName);
public static List<Role> GetAll() public static List<Role> GetAll()
{ {
......
Clinics.Backend/Persistence/Identity/Authentication/JWT/JWTProvider.cs
View file @ 66384a51
...@@ -21,8 +21,8 @@ public sealed class JWTProvider : IJWTProvider ...@@ -21,8 +21,8 @@ public sealed class JWTProvider : IJWTProvider
{ {
var claims = new Claim[] var claims = new Claim[]
{ {
new(JwtRegisteredClaimNames.Sub, user.Id.ToString()), new(ClaimTypes.Name, user.UserName),
new(JwtRegisteredClaimNames.UniqueName, user.UserName), new(ClaimTypes.Role, user.Role.Name)
}; };
......
Clinics.Backend/Presentation/Controllers/EmployeesController.cs
View file @ 66384a51
using Application.Employees.Commands.AttachFamilyMemberToEmployee; using Application.Employees.Commands.AttachFamilyMemberToEmployee;
using Application.Employees.Commands.CreateEmployee; using Application.Employees.Commands.CreateEmployee;
using Domain.Entities.Identity.UserRoles;
using MediatR; using MediatR;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
...@@ -17,7 +18,7 @@ public class EmployeesController : ApiController ...@@ -17,7 +18,7 @@ public class EmployeesController : ApiController
} }
#endregion #endregion
[Authorize] [Authorize(Roles = Roles.AdminName)]
[HttpPost] [HttpPost]
public async Task<IActionResult> Create([FromBody] CreateEmployeeCommand command) public async Task<IActionResult> Create([FromBody] CreateEmployeeCommand command)
{ {
...@@ -26,7 +27,7 @@ public class EmployeesController : ApiController ...@@ -26,7 +27,7 @@ public class EmployeesController : ApiController
return HandleFailure(result); return HandleFailure(result);
return Created(); return Created();
} }
[Authorize(Roles = Roles.DoctorName)]
[HttpPut("FamilyMembers")] [HttpPut("FamilyMembers")]
public async Task<IActionResult> AttachFamilyMember([FromBody] AttachFamilyMemberToEmployeeCommand command) public async Task<IActionResult> AttachFamilyMember([FromBody] AttachFamilyMemberToEmployeeCommand command)
{ {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

HIAST - GitLab