Tokens are validated in respective endpoints

This commit is contained in:
Kun Deng
2022-08-27 21:35:49 -04:00
parent 665407aac5
commit f8ec65fd29
9 changed files with 126 additions and 115 deletions
+11 -6
View File
@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using Microsoft.AspNetCore.Authorization;
@@ -10,18 +9,16 @@ using Microsoft.Extensions.Logging;
using Icarus.Models;
using Icarus.Database.Contexts;
// using Icarus.Database.Repositories;
namespace Icarus.Controllers.V1
{
[Route("api/v1/album")]
[ApiController]
public class AlbumController : ControllerBase
public class AlbumController : BaseController
{
#region Fields
private readonly ILogger<AlbumController> _logger;
private string _connectionString;
private IConfiguration _config;
#endregion
@@ -41,9 +38,13 @@ namespace Icarus.Controllers.V1
#region HTTP Routes
[HttpGet]
[Authorize("read:albums")]
public IActionResult Get()
{
if (!IsTokenValid("read:albums"))
{
return StatusCode(401, "Not allowed");
}
List<Album> albums = new List<Album>();
var albumContext = new AlbumContext(_connectionString);
@@ -57,9 +58,13 @@ namespace Icarus.Controllers.V1
}
[HttpGet("{id}")]
[Authorize("read:albums")]
public IActionResult Get(int id)
{
if (!IsTokenValid("read:albums"))
{
return StatusCode(401, "Not allowed");
}
Album album = new Album
{
AlbumID = id