Tokens are validated in respective endpoints
This commit is contained in:
@@ -1,6 +1,5 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Configuration;
|
||||
using System.Linq;
|
||||
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
@@ -10,18 +9,16 @@ using Microsoft.Extensions.Logging;
|
||||
|
||||
using Icarus.Models;
|
||||
using Icarus.Database.Contexts;
|
||||
// using Icarus.Database.Repositories;
|
||||
|
||||
namespace Icarus.Controllers.V1
|
||||
{
|
||||
[Route("api/v1/album")]
|
||||
[ApiController]
|
||||
public class AlbumController : ControllerBase
|
||||
public class AlbumController : BaseController
|
||||
{
|
||||
#region Fields
|
||||
private readonly ILogger<AlbumController> _logger;
|
||||
private string _connectionString;
|
||||
private IConfiguration _config;
|
||||
#endregion
|
||||
|
||||
|
||||
@@ -41,9 +38,13 @@ namespace Icarus.Controllers.V1
|
||||
|
||||
#region HTTP Routes
|
||||
[HttpGet]
|
||||
[Authorize("read:albums")]
|
||||
public IActionResult Get()
|
||||
{
|
||||
if (!IsTokenValid("read:albums"))
|
||||
{
|
||||
return StatusCode(401, "Not allowed");
|
||||
}
|
||||
|
||||
List<Album> albums = new List<Album>();
|
||||
|
||||
var albumContext = new AlbumContext(_connectionString);
|
||||
@@ -57,9 +58,13 @@ namespace Icarus.Controllers.V1
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
[Authorize("read:albums")]
|
||||
public IActionResult Get(int id)
|
||||
{
|
||||
if (!IsTokenValid("read:albums"))
|
||||
{
|
||||
return StatusCode(401, "Not allowed");
|
||||
}
|
||||
|
||||
Album album = new Album
|
||||
{
|
||||
AlbumID = id
|
||||
|
||||
Reference in New Issue
Block a user