Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RSN-40] Add user authentication #43

Merged
merged 5 commits into from
Jun 6, 2024
Merged

[RSN-40] Add user authentication #43

merged 5 commits into from
Jun 6, 2024

Conversation

raczu
Copy link
Collaborator

@raczu raczu commented Jun 1, 2024
edited
Loading

Description

The purpose of this PR is to add authentication of users using JWT token and authorization to given resources/routes depending on their roles. A secrey key must be set in appsettings.json in order for JWT to work properly, the easiest way to generate key is to use following command:

openssl rand -base64 32

and manually replace placeholder value or directly with usage of jq:

export SECRET_KEY=$(openssl rand -base64 32); jq '.JwtSettings.Key = env.SECRET_KEY' appsettings.json > tmp.json && mv tmp.json appsettings.json

Additionally, mappers have been added, which extends database models for easier mapping to appropiate DTO, and handlers for easier handling exceptions in service layer or unhandled one. It allowed to standarize the format of problems returned by API to problem+json. When it comes to data validation, a library FluentValidation has been added, and its exceptions are also handled with usage of handlers.

Related issue and/or ticket

RSN-40

@raczu raczu added scope: backend Indicates that PR relates to backend changes. type: feature PR's categorised as feature. status: ready for review Determines that PR is ready for review. labels Jun 1, 2024
@raczu raczu requested a review from wzarek June 1, 2024 19:25
@raczu
Copy link
Collaborator Author

raczu commented Jun 1, 2024

@wzarek

wzarek
wzarek requested changes Jun 3, 2024
View reviewed changes
Copy link
Owner

@wzarek wzarek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't we use the same validators as in #32 - RSN-31?

@wzarek wzarek added status: require changes Determines that PR requires changes to be approved. and removed status: ready for review Determines that PR is ready for review. labels Jun 3, 2024
@raczu
Copy link
Collaborator Author

raczu commented Jun 5, 2024

Can't we use the same validators as in #32 - RSN-31?

We decided to use fluent validation for creating validators, the @mkoper02 validators have already been rewritten to use this library, see #32

@wzarek wzarek added status: ready for review Determines that PR is ready for review. and removed status: require changes Determines that PR requires changes to be approved. labels Jun 5, 2024
@wzarek
Copy link
Owner

wzarek commented Jun 5, 2024

@raczu resolve conflicts / rebase

@raczu
Copy link
Collaborator Author

raczu commented Jun 5, 2024

@wzarek

@raczu raczu mentioned this pull request Jun 6, 2024
Merged
@wzarek
Copy link
Owner

wzarek commented Jun 6, 2024

@raczu conflicts again

@wzarek wzarek mentioned this pull request Jun 6, 2024
Merged
raczu added 4 commits June 6, 2024 21:17
@raczu
feat: add jwt and exceptions handlers
e5992cd 
Simplify the logic on the controllers' side, custom exceptions and
a library for validation were added. The implemented handlers are
allow to catch those exceptions and return the corresponding
statuses and detailed response.

Additionally, mappers have been created to more easily convert
entities into the corresponding DTOs, fixed enum conversion
when it comes to UserRole and export postgres port on the
development environment.
@raczu
test: add unit tests for jwt, handlers and validators
9b156d4
@raczu
refactor: disallow registering user when phone is already used
72f35d8
@raczu
feat: add global route prefix middleware
7769327
wzarek
wzarek approved these changes Jun 6, 2024
View reviewed changes
Copy link
Owner

@wzarek wzarek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@wzarek wzarek merged commit 642adc3 into main Jun 6, 2024
7 checks passed
@wzarek wzarek deleted the RSN-40 branch June 6, 2024 19:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wzarek wzarek wzarek approved these changes

Assignees

@raczu raczu

Labels
scope: backend Indicates that PR relates to backend changes. status: ready for review Determines that PR is ready for review. type: feature PR's categorised as feature.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@raczu @wzarek