Merge pull request #85 from nixhantb/feature/nishantb/authentication

generate jwt tokens for to authorize the end points
nixhantb · Jan 21, 2025 · b4773ae · b4773ae
2 parents f268e1c + a241936
commit b4773ae
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 2 deletions.
diff --git a/Server/JobLeet.WebApi/JobLeet.Api/Controllers/Identity/Accounts/AccountsController.cs b/Server/JobLeet.WebApi/JobLeet.Api/Controllers/Identity/Accounts/AccountsController.cs
@@ -1,6 +1,10 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
 using JobLeet.WebApi.JobLeet.Api.Models.Identity.Accounts;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.IdentityModel.Tokens;
 
 namespace JobLeet.WebApi.JobLeet.Api.Controllers.Identity.Accounts
 {
@@ -11,16 +15,19 @@ public class AccountController : ControllerBase
         private readonly UserManager<IdentityUser> _userManager;
         private readonly SignInManager<IdentityUser> _signInManager;
         private readonly ILogger<AccountController> _logger;
+        private readonly IConfiguration _configuration;
 
         public AccountController(
             UserManager<IdentityUser> userManager,
             SignInManager<IdentityUser> signInManager,
-            ILogger<AccountController> logger
+            ILogger<AccountController> logger,
+            IConfiguration configuration
         )
         {
             _userManager = userManager;
             _signInManager = signInManager;
             _logger = logger;
+            _configuration = configuration;
         }
 
         [HttpPost("register")]
@@ -64,7 +71,9 @@ public async Task<IActionResult> Login([FromBody] LoginModel model)
                 if (result.Succeeded)
                 {
                     _logger.LogInformation("User logged in.");
-                    return Ok(new { message = "Login successful" });
+                    var user = await _userManager.FindByEmailAsync(model.Email);
+                    var token = GenerateJwtToken(user);
+                    return Ok(new { message = "Login successful", token = token });
                 }
 
                 if (result.IsLockedOut)
@@ -85,5 +94,27 @@ public async Task<IActionResult> Logout()
             _logger.LogInformation("User logged out.");
             return Ok(new { message = "Logout successful" });
         }
+
+        private string GenerateJwtToken(IdentityUser user)
+        {
+            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"]));
+            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+
+            var claims = new[]
+            {
+                new Claim(JwtRegisteredClaimNames.Sub, user.Email),
+                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
+            };
+
+            var token = new JwtSecurityToken(
+                issuer: _configuration["Jwt:Issuer"],
+                audience: _configuration["Jwt:Audience"],
+                claims: claims,
+                expires: DateTime.Now.AddMinutes(30),
+                signingCredentials: creds
+            );
+
+            return new JwtSecurityTokenHandler().WriteToken(token);
+        }
     }
 }
diff --git a/Server/JobLeet.WebApi/JobLeet.Api/Controllers/Job/V1/JobController.cs b/Server/JobLeet.WebApi/JobLeet.Api/Controllers/Job/V1/JobController.cs
@@ -2,10 +2,12 @@
 using JobLeet.WebApi.JobLeet.Api.Models.Jobs.V1;
 using JobLeet.WebApi.JobLeet.Core.Entities.Jobs.V1;
 using JobLeet.WebApi.JobLeet.Core.Interfaces.Jobs.V1;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace JobLeet.WebApi.JobLeet.Api.Controllers.Job.V1
 {
+    [Authorize]
     [Route("api/v1/jobs")]
     [ApiController]
     public class JobController : BaseApiController<JobEntity, JobModel, IJobService>