diff --git a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/AnalyticsService.API.csproj b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/AnalyticsService.API.csproj
index 07fa780..44c9a53 100644
--- a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/AnalyticsService.API.csproj
+++ b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/AnalyticsService.API.csproj
@@ -11,6 +11,7 @@
+
diff --git a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Controllers/AnalyticsController.cs b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Controllers/AnalyticsController.cs
index 06bf711..c8a50b5 100644
--- a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Controllers/AnalyticsController.cs
+++ b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Controllers/AnalyticsController.cs
@@ -1,11 +1,12 @@
using AnalyticsService.Common.Entities;
using AnalyticsService.Common.Repositories;
using AutoMapper;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace AnalyticsService.API.Controllers;
-// [Authorize]
+[Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class AnalyticsController : ControllerBase
@@ -18,7 +19,7 @@ public AnalyticsController(IAnalyticsRepository repository)
}
// Individual Trainings
- // [Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Trainer")]
[HttpGet("individual/trainer/{trainerId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetIndividualTrainingsByTrainerId(string trainerId)
@@ -27,7 +28,7 @@ public async Task>> GetIndividualTr
return Ok(reservations);
}
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client")]
[HttpGet("individual/client/{clientId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetIndividualTrainingsByClientId(string clientId)
@@ -37,7 +38,7 @@ public async Task>> GetIndividualTr
}
// Group Trainings
- // [Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Trainer")]
[HttpGet("group/trainer/{trainerId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetGroupTrainingsByTrainerId(string trainerId)
@@ -46,7 +47,7 @@ public async Task>> GetGroupTrainingsByT
return Ok(reservations);
}
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client")]
[HttpGet("group/client/{clientId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetGroupTrainingsByClientId(string clientId)
diff --git a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Program.cs b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Program.cs
index 0497d50..7a5aba0 100644
--- a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Program.cs
+++ b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/Program.cs
@@ -1,8 +1,11 @@
using System.Reflection;
+using System.Text;
using AnalyticsService.API.EventBusConsumers;
using AnalyticsService.Common.Extensions;
using EventBus.Messages.Constants;
using MassTransit;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
var builder = WebApplication.CreateBuilder(args);
@@ -48,6 +51,29 @@
});
});
+var jwtSettings = builder.Configuration.GetSection("JwtSettings");
+var secretKey = jwtSettings.GetValue("secretKey");
+
+builder.Services.AddAuthentication(options =>
+ {
+ options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+ options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+ })
+ .AddJwtBearer(options =>
+ {
+ options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+ {
+ ValidateIssuer = true,
+ ValidateAudience = true,
+ ValidateLifetime = true,
+ ValidateIssuerSigningKey = true,
+
+ ValidIssuer = jwtSettings.GetSection("validIssuer").Value,
+ ValidAudience = jwtSettings.GetSection("validAudience").Value,
+ IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
+ };
+ });
+
var app = builder.Build();
// Configure the HTTP request pipeline.
@@ -59,6 +85,11 @@
app.UseCors("CorsPolicy");
+app.UseRouting();
app.UseHttpsRedirection();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
app.MapControllers();
app.Run();
diff --git a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/appsettings.Development.json b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/appsettings.Development.json
index 779a833..d3d8b81 100644
--- a/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/appsettings.Development.json
+++ b/Fitness/Backend/Services/AnalyticsService/AnalyticsService.API/appsettings.Development.json
@@ -7,5 +7,14 @@
},
"DatabaseSettings": {
"ConnectionString": "mongodb://localhost:27017"
+ },
+ "EventBusSettings": {
+ "HostAddress": "amqp://guest:guest@localhost:5672"
+ },
+ "JwtSettings": {
+ "validIssuer": "Fitness Identity",
+ "validAudience": "Fitness",
+ "secretKey": "MyVeryVerySecretMessageForSecretKey",
+ "expires": 15
}
}
diff --git a/Fitness/Backend/Services/ChatService/ChatService.API/ChatService.API.csproj b/Fitness/Backend/Services/ChatService/ChatService.API/ChatService.API.csproj
index f2b0e72..5f08d46 100644
--- a/Fitness/Backend/Services/ChatService/ChatService.API/ChatService.API.csproj
+++ b/Fitness/Backend/Services/ChatService/ChatService.API/ChatService.API.csproj
@@ -13,6 +13,7 @@
+
runtime; build; native; contentfiles; analyzers; buildtransitive
diff --git a/Fitness/Backend/Services/ChatService/ChatService.API/Controllers/ChatController.cs b/Fitness/Backend/Services/ChatService/ChatService.API/Controllers/ChatController.cs
index 7458daf..d4c3a8f 100644
--- a/Fitness/Backend/Services/ChatService/ChatService.API/Controllers/ChatController.cs
+++ b/Fitness/Backend/Services/ChatService/ChatService.API/Controllers/ChatController.cs
@@ -1,11 +1,11 @@
using ChatService.API.Models;
using ChatService.API.Services;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace ChatService.API.Controllers;
-//TO DO AUTHORIZATION AND AUTHENTICATION
-
+[Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class ChatController : ControllerBase
@@ -17,7 +17,7 @@ public ChatController(IChatService chatService)
_chatService = chatService;
}
-
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("sessions/{userId}/my-sessions-summary")]
public async Task GetBasicInfoForSessions(string userId)
{
@@ -30,7 +30,7 @@ public async Task GetBasicInfoForSessions(string userId)
return Ok(basicInfo);
}
-
+ [Authorize(Roles = "Trainer, Client")]
[HttpPost("sessions/messages")]
public async Task AddMessageToSession([FromQuery] string trainerId, [FromQuery] string clientId, [FromBody] string content, [FromQuery] string senderType)
{
@@ -45,6 +45,7 @@ public async Task AddMessageToSession([FromQuery] string trainerI
}
}
+ [Authorize(Roles = "Trainer, Client")]
[HttpGet("sessions/messages")]
public async Task GetMessagesFromSession([FromQuery] string trainerId, [FromQuery] string clientId)
{
@@ -65,7 +66,7 @@ public async Task GetMessagesFromSession([FromQuery] string train
return Ok(messages);
}
-
+ [Authorize(Roles = "Client")]
[HttpPost("sessions")]
public async Task CreateChatSession([FromQuery] string trainerId, [FromQuery] string clientId)
{
@@ -80,6 +81,7 @@ public async Task CreateChatSession([FromQuery] string trainerId,
}
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("sessions")]
public async Task GetChatSession([FromQuery] string trainerId, [FromQuery] string clientId)
{
@@ -87,6 +89,7 @@ public async Task GetChatSession([FromQuery] string trainerId, [F
return session != null ? Ok(session) : NotFound(new { Message = "Chat session not found." });
}
+ [Authorize(Roles = "Admin")]
[HttpDelete("sessions")]
public async Task DeleteChatSession([FromQuery] string trainerId, [FromQuery] string clientId)
{
@@ -95,6 +98,7 @@ public async Task DeleteChatSession([FromQuery] string trainerId,
: NotFound(new { Message = "Session not found or already deleted." });
}
+ [Authorize(Roles = "Client")]
[HttpPost("sessions/extend")]
public async Task ExtendChatSession([FromQuery] string trainerId, [FromQuery] string clientId)
{
diff --git a/Fitness/Backend/Services/ChatService/ChatService.API/Program.cs b/Fitness/Backend/Services/ChatService/ChatService.API/Program.cs
index 5984291..162d4a2 100644
--- a/Fitness/Backend/Services/ChatService/ChatService.API/Program.cs
+++ b/Fitness/Backend/Services/ChatService/ChatService.API/Program.cs
@@ -1,3 +1,4 @@
+using System.Text;
using ChatService.API.Data;
using ChatService.API.Middleware;
using ChatService.API.Models;
@@ -10,6 +11,8 @@
using ConsulConfig.Settings;
using EventBus.Messages.Events;
using MassTransit;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
var builder = WebApplication.CreateBuilder(args);
@@ -70,8 +73,33 @@
});
});
+var jwtSettings = builder.Configuration.GetSection("JwtSettings");
+var secretKey = jwtSettings.GetValue("secretKey");
+
+builder.Services.AddAuthentication(options =>
+ {
+ options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+ options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+ })
+ .AddJwtBearer(options =>
+ {
+ options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+ {
+ ValidateIssuer = true,
+ ValidateAudience = true,
+ ValidateLifetime = true,
+ ValidateIssuerSigningKey = true,
+
+ ValidIssuer = jwtSettings.GetSection("validIssuer").Value,
+ ValidAudience = jwtSettings.GetSection("validAudience").Value,
+ IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
+ };
+ });
+
var app = builder.Build();
+app.UseCors("AllowAll");
+
app.Lifetime.ApplicationStarted.Register(() =>
{
var consulClient = app.Services.GetRequiredService();
@@ -93,8 +121,6 @@
consulClient.Agent.ServiceDeregister(consulConfig.ServiceId).Wait();
});
-
-
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
@@ -103,11 +129,14 @@
}
app.UseRouting();
-app.UseCors("AllowAll");
-app.UseHttpsRedirection();
+
+app.UseAuthentication();
app.UseAuthorization();
+
+// app.UseHttpsRedirection();
app.UseWebSockets();
app.UseMiddleware();
+
app.MapControllers();
app.Run();
diff --git a/Fitness/Backend/Services/ChatService/ChatService.API/appsettings.Development.json b/Fitness/Backend/Services/ChatService/ChatService.API/appsettings.Development.json
index 4697dde..791447c 100644
--- a/Fitness/Backend/Services/ChatService/ChatService.API/appsettings.Development.json
+++ b/Fitness/Backend/Services/ChatService/ChatService.API/appsettings.Development.json
@@ -11,6 +11,12 @@
"ChatSessionsCollection": "ChatSessions",
"MessagesCollection": "Messages"
},
+ "JwtSettings": {
+ "validIssuer": "Fitness Identity",
+ "validAudience": "Fitness",
+ "secretKey": "MyVeryVerySecretMessageForSecretKey",
+ "expires": 15
+ },
"ConsulConfig": {
"Address": "http://consul:8500",
"ServiceName": "ChatService.API",
@@ -18,6 +24,4 @@
"ServiceAddress": "chatservice.api",
"ServicePort": 8080
}
-
-
}
diff --git a/Fitness/Backend/Services/ClientService/ClientService.API/Controllers/ClientController.cs b/Fitness/Backend/Services/ClientService/ClientService.API/Controllers/ClientController.cs
index 893392f..5ae2cce 100644
--- a/Fitness/Backend/Services/ClientService/ClientService.API/Controllers/ClientController.cs
+++ b/Fitness/Backend/Services/ClientService/ClientService.API/Controllers/ClientController.cs
@@ -7,7 +7,7 @@
namespace ClientService.API.Controllers
{
- // [Authorize]
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class ClientController:ControllerBase
@@ -21,7 +21,7 @@ public ClientController(IRepository repository, IMapper mapper)
_mapper = mapper ?? throw new ArgumentNullException(nameof(mapper));
}
- // [Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Trainer")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetClients()
@@ -30,7 +30,7 @@ public async Task>> GetClients()
return Ok(clients);
}
- // [Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("{id}", Name = "GetClient")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -46,7 +46,7 @@ public async Task> GetClientById(string id)
// TODO("Dodati GetClientsByIds - mozda gRPC!!!")
- // [Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[Route("[action]/{name}")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
@@ -56,7 +56,7 @@ public async Task>> GetClientsByName(string nam
return Ok(results);
}
- // [Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[Route("[action]/{surname}")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
@@ -66,7 +66,7 @@ public async Task>> GetClientsBySurname(string
return Ok(results);
}
- // [Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[Route("[action]/{email}")]
[HttpGet]
[ProducesResponseType(typeof(Client), StatusCodes.Status200OK)]
@@ -84,7 +84,7 @@ public async Task> CreateClient([FromBody] Client client)
return CreatedAtRoute("GetClient", new { id = client.Id }, client);
}
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client")]
[HttpPut]
[ProducesResponseType(typeof(Client), StatusCodes.Status200OK)]
public async Task UpdateClient([FromBody] Client client)
@@ -92,7 +92,7 @@ public async Task UpdateClient([FromBody] Client client)
return Ok(await _repository.UpdateClient(client));
}
- // [Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin")]
[HttpDelete("{id}", Name = "DeleteClient")]
[ProducesResponseType(typeof(Client), StatusCodes.Status200OK)]
public async Task DeleteClient(string id)
@@ -100,7 +100,7 @@ public async Task DeleteClient(string id)
return Ok(await _repository.DeleteClient(id));
}
- // [Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin")]
[Route("[action]")]
[HttpDelete]
[ProducesResponseType(typeof(Client), StatusCodes.Status200OK)]
diff --git a/Fitness/Backend/Services/ClientService/ClientService.API/Program.cs b/Fitness/Backend/Services/ClientService/ClientService.API/Program.cs
index 8196c38..41b0292 100644
--- a/Fitness/Backend/Services/ClientService/ClientService.API/Program.cs
+++ b/Fitness/Backend/Services/ClientService/ClientService.API/Program.cs
@@ -1,6 +1,5 @@
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
-// using Microsoft.IdentityModel.Tokens;
using System.Reflection;
using System.Text;
using Consul;
@@ -96,10 +95,11 @@
consulClient.Agent.ServiceDeregister(consulConfig.ServiceId).Wait();
});
-// app.UseAuthentication();
-// app.UseAuthorization();
-
app.UseRouting();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
app.MapControllers();
app.Run();
diff --git a/Fitness/Backend/Services/NotificationService/NotificationService.API/Controller/NotificationController.cs b/Fitness/Backend/Services/NotificationService/NotificationService.API/Controller/NotificationController.cs
index 0b70d13..009db14 100644
--- a/Fitness/Backend/Services/NotificationService/NotificationService.API/Controller/NotificationController.cs
+++ b/Fitness/Backend/Services/NotificationService/NotificationService.API/Controller/NotificationController.cs
@@ -1,11 +1,12 @@
using AutoMapper;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using NotificationService.API.Entities;
using NotificationService.API.Repositories;
namespace NotificationService.API.Controller;
-//[Authorize]
+[Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class NotificationController : ControllerBase
@@ -17,7 +18,7 @@ public NotificationController(IRepository repository, IMapper mapper)
_repository = repository ?? throw new ArgumentNullException(nameof(repository));
}
- //[Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetNotifications()
@@ -26,7 +27,7 @@ public async Task>> GetNotifications()
return Ok(notifications);
}
- //[Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("user/{userId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetNotificationsByUserId(string userId)
@@ -35,7 +36,7 @@ public async Task>> GetNotificationsByUse
return Ok(notifications);
}
- //[Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("{id}")]
[ProducesResponseType(typeof(Notification), StatusCodes.Status200OK)]
public async Task> GetNotificationById(string id)
@@ -44,7 +45,7 @@ public async Task> GetNotificationById(string id)
return Ok(notification);
}
- //[Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpPut]
[ProducesResponseType(typeof(Notification), StatusCodes.Status200OK)]
public async Task UpdateNotification([FromBody] Notification notification)
@@ -53,6 +54,7 @@ public async Task UpdateNotification([FromBody] Notification noti
}
// PUT api/notifications/{id}/read
+ [Authorize(Roles = "Trainer, Client")]
[HttpPut("{id}/read")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -67,7 +69,7 @@ public async Task MarkAsRead(string id)
}
- //[Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin")]
[HttpDelete]
[ProducesResponseType(typeof(Notification), StatusCodes.Status200OK)]
public async Task DeleteNotifications()
@@ -76,7 +78,7 @@ public async Task DeleteNotifications()
return Ok();
}
- //[Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpDelete("/user/{userId}")]
[ProducesResponseType(typeof(Notification), StatusCodes.Status200OK)]
public async Task DeleteNotificationsByUserTypeAndUserId(string userId)
@@ -84,7 +86,7 @@ public async Task DeleteNotificationsByUserTypeAndUserId(string u
return Ok( await _repository.DeleteNotificationsByUserId(userId));
}
- //[Authorize(Roles = "Admin, Trainer, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpDelete("{id}")]
[ProducesResponseType(typeof(Notification), StatusCodes.Status200OK)]
public async Task DeleteNotification(string id)
diff --git a/Fitness/Backend/Services/NotificationService/NotificationService.API/Program.cs b/Fitness/Backend/Services/NotificationService/NotificationService.API/Program.cs
index 68e1da9..ba65f41 100644
--- a/Fitness/Backend/Services/NotificationService/NotificationService.API/Program.cs
+++ b/Fitness/Backend/Services/NotificationService/NotificationService.API/Program.cs
@@ -1,3 +1,4 @@
+using System.Text;
using ClientService.GRPC.Protos;
using Consul;
using ConsulConfig.Settings;
@@ -5,6 +6,8 @@
using EventBus.Messages.Events;
using FluentEmail.MailKitSmtp;
using MassTransit;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
using NotificationService.API.Data;
using NotificationService.API.Email;
using NotificationService.API.Entities;
@@ -90,7 +93,6 @@
var jwtSettings = builder.Configuration.GetSection("JwtSettings");
var secretKey = jwtSettings.GetValue("secretKey")!;
-/*
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
@@ -110,7 +112,6 @@
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
};
});
- */
var app = builder.Build();
@@ -146,8 +147,8 @@
app.UseRouting();
-//app.UseAuthentication();
-//app.UseAuthorization();
+app.UseAuthentication();
+app.UseAuthorization();
app.MapControllers();
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/FoodController.cs b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/FoodController.cs
index 4c8f936..bb1c3cf 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/FoodController.cs
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/FoodController.cs
@@ -1,9 +1,11 @@
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MongoDB.Driver;
using NutritionService.API.Models;
namespace NutritionService.API.Controllers
{
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class FoodController : ControllerBase
@@ -14,7 +16,8 @@ public FoodController(IMongoDatabase db)
{
_foods = db.GetCollection("Food");
}
-
+
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPost]
public async Task AddFood([FromBody] Food food)
{
@@ -24,7 +27,8 @@ public async Task AddFood([FromBody] Food food)
await _foods.InsertOneAsync(food);
return Ok(food);
}
-
+
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet]
public async Task GetAllFoods()
{
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/GoalsController.cs b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/GoalsController.cs
index 6e912e8..4ae4ba5 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/GoalsController.cs
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/GoalsController.cs
@@ -1,9 +1,11 @@
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MongoDB.Driver;
using NutritionService.API.Models;
namespace NutritionService.API.Controllers
-{
+{
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class GoalsController : ControllerBase
@@ -14,7 +16,8 @@ public GoalsController(IMongoDatabase db)
{
_goals = db.GetCollection("Goals");
}
-
+
+ [Authorize(Roles = "Client")]
[HttpPost]
public async Task SetGoal([FromBody] UserGoal goal)
{
@@ -61,7 +64,8 @@ public async Task SetGoal([FromBody] UserGoal goal)
await _goals.InsertOneAsync(goal);
return Ok(goal);
}
-
+
+ [Authorize(Roles = "Client")]
[HttpGet("plan/{clientId}")]
public async Task GetPlan(string clientId)
{
@@ -74,7 +78,8 @@ public async Task GetPlan(string clientId)
return NotFound("No goal found for this client.");
return Ok(goal);
}
-
+
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("all")]
public async Task GetAllGoals()
{
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/HealthController.cs b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/HealthController.cs
index cec3124..a8add4e 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/HealthController.cs
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/HealthController.cs
@@ -1,11 +1,14 @@
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace NutritionService.API.Controllers
-{
+{
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class HealthController : ControllerBase
{
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet]
public IActionResult Get() => Ok("NutritionService running..");
}
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/MealPlansController.cs b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/MealPlansController.cs
index b2c9610..cec4a72 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/MealPlansController.cs
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/Controllers/MealPlansController.cs
@@ -1,9 +1,11 @@
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MongoDB.Driver;
using NutritionService.API.Models;
namespace NutritionService.API.Controllers
-{
+{
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class MealPlansController : ControllerBase
@@ -16,7 +18,8 @@ public MealPlansController(IMongoDatabase db)
_plans = db.GetCollection("MealPlans");
_foods = db.GetCollection("Food");
}
-
+
+ [Authorize(Roles = "Trainer")]
[HttpPost]
public async Task CreatePlan([FromBody] MealPlan plan)
{
@@ -57,7 +60,8 @@ async Task> FillFoodsAsync(List foods)
await _plans.InsertOneAsync(plan);
return Ok(plan);
}
-
+
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("trainer/{trainerId}/goal/{goalType}")]
public async Task GetPlanByTrainerAndGoal(string trainerId, string goalType)
{
@@ -71,14 +75,16 @@ public async Task GetPlanByTrainerAndGoal(string trainerId, strin
return Ok(plan);
}
-
+
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet]
public async Task GetAllPlans()
{
var plans = await _plans.Find(_ => true).ToListAsync();
return Ok(plans);
}
-
+
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("trainer/{trainerId}")]
public async Task GetPlansForTrainer(string trainerId)
{
@@ -89,7 +95,8 @@ public async Task GetPlansForTrainer(string trainerId)
return Ok(trainerPlans);
}
-
+
+ [Authorize(Roles = "Trainer")]
[HttpDelete("trainer/{trainerId}/goal/{goalType}")]
public async Task DeletePlan(string trainerId, string goalType)
{
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/NutritionService.API.csproj b/Fitness/Backend/Services/NutritionService/NutritionService.API/NutritionService.API.csproj
index 2bbff4c..34d66d9 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/NutritionService.API.csproj
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/NutritionService.API.csproj
@@ -9,6 +9,7 @@
+
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/Program.cs b/Fitness/Backend/Services/NutritionService/NutritionService.API/Program.cs
index 398f7c4..57f5d2a 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/Program.cs
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/Program.cs
@@ -1,3 +1,6 @@
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
using MongoDB.Driver;
using NutritionService.API.Repositories;
@@ -21,6 +24,29 @@
builder.Services.AddSingleton();
+var jwtSettings = builder.Configuration.GetSection("JwtSettings");
+var secretKey = jwtSettings.GetValue("secretKey");
+
+builder.Services.AddAuthentication(options =>
+ {
+ options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+ options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+ })
+ .AddJwtBearer(options =>
+ {
+ options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+ {
+ ValidateIssuer = true,
+ ValidateAudience = true,
+ ValidateLifetime = true,
+ ValidateIssuerSigningKey = true,
+
+ ValidIssuer = jwtSettings.GetSection("validIssuer").Value,
+ ValidAudience = jwtSettings.GetSection("validAudience").Value,
+ IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
+ };
+ });
+
var app = builder.Build();
app.UseCors("CorsPolicy");
@@ -31,6 +57,11 @@
app.UseSwaggerUI();
}
+app.UseRouting();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
app.MapControllers();
app.Run();
diff --git a/Fitness/Backend/Services/NutritionService/NutritionService.API/appsettings.Development.json b/Fitness/Backend/Services/NutritionService/NutritionService.API/appsettings.Development.json
index 228094a..6395a63 100644
--- a/Fitness/Backend/Services/NutritionService/NutritionService.API/appsettings.Development.json
+++ b/Fitness/Backend/Services/NutritionService/NutritionService.API/appsettings.Development.json
@@ -1,22 +1,26 @@
{
- "Logging": {
- "LogLevel": {
- "Default": "Information",
- "Microsoft.AspNetCore": "Warning"
- }
- },
- "ConsulConfig": {
- "Address": "http://consul:8500",
- "ServiceName": "NutritionService.API",
- "ServiceId": "NutritionService.API-1",
- "ServiceAddress": "nutritionservice.api",
- "ServicePort": 8080
- },
- "DatabaseSettings": {
- "ConnectionString": "mongodb://nutritiondb:27017",
- "DatabaseName": "NutritionDb"
- }
-
-
+ "Logging": {
+ "LogLevel": {
+ "Default": "Information",
+ "Microsoft.AspNetCore": "Warning"
+ }
+ },
+ "ConsulConfig": {
+ "Address": "http://consul:8500",
+ "ServiceName": "NutritionService.API",
+ "ServiceId": "NutritionService.API-1",
+ "ServiceAddress": "nutritionservice.api",
+ "ServicePort": 8080
+ },
+ "DatabaseSettings": {
+ "ConnectionString": "mongodb://nutritiondb:27017",
+ "DatabaseName": "NutritionDb"
+ },
+ "JwtSettings": {
+ "validIssuer": "Fitness Identity",
+ "validAudience": "Fitness",
+ "secretKey": "MyVeryVerySecretMessageForSecretKey",
+ "expires": 15
+ }
}
diff --git a/Fitness/Backend/Services/PaymentService/PaymentService.API/Program.cs b/Fitness/Backend/Services/PaymentService/PaymentService.API/Program.cs
index 13f62b0..08645b7 100644
--- a/Fitness/Backend/Services/PaymentService/PaymentService.API/Program.cs
+++ b/Fitness/Backend/Services/PaymentService/PaymentService.API/Program.cs
@@ -67,7 +67,7 @@
});
-// app.UseAuthorization();
+app.UseAuthorization();
app.MapControllers();
diff --git a/Fitness/Backend/Services/ReservationService/ReservationService.API/Controllers/ReservationController.cs b/Fitness/Backend/Services/ReservationService/ReservationService.API/Controllers/ReservationController.cs
index 65f3ac7..cf1ae97 100644
--- a/Fitness/Backend/Services/ReservationService/ReservationService.API/Controllers/ReservationController.cs
+++ b/Fitness/Backend/Services/ReservationService/ReservationService.API/Controllers/ReservationController.cs
@@ -7,7 +7,7 @@
namespace ReservationService.API.Controllers;
-//[Authorize]
+[Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class ReservationController : ControllerBase
@@ -19,7 +19,7 @@ public ReservationController(IReservationService reservationService)
_reservationService = reservationService ?? throw new ArgumentNullException(nameof(reservationService));
}
- //[Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("individual")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetIndividualReservations()
@@ -28,7 +28,7 @@ public async Task>> GetIndividua
return Ok(reservations);
}
- //[Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("group")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetGroupReservations()
@@ -37,7 +37,7 @@ public async Task>> GetGroupReservati
return Ok(reservations);
}
- //[Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("individual/{id}", Name="GetIndividualReservation")]
[ProducesResponseType(typeof(IndividualReservation), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -48,7 +48,7 @@ public async Task> GetIndividualReservation(
return Ok(reservation);
}
- //[Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("group/{id}", Name = "GetGroupReservation")]
[ProducesResponseType(typeof(GroupReservation), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -59,7 +59,7 @@ public async Task> GetGroupReservation(string id)
return Ok(reservation);
}
- //[Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("individual/client/{clientId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetIndividualReservationsByClientId(string clientId)
@@ -68,7 +68,7 @@ public async Task>> GetIndividua
return Ok(reservations);
}
- //[Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("group/client/{clientId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetGroupReservationsByClientId(string clientId)
@@ -77,7 +77,7 @@ public async Task>> GetGroupReservati
return Ok(reservations);
}
- //[Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("individual/trainer/{trainerId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetIndividualReservationsByTrainerId(string trainerId)
@@ -86,7 +86,7 @@ public async Task>> GetIndividua
return Ok(reservations);
}
- //[Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("group/trainer/{trainerId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetGroupReservationsByTrainerId(string trainerId)
@@ -95,7 +95,7 @@ public async Task>> GetGroupReservati
return Ok(reservations);
}
- //[Authorize(Roles = "Client")]
+ [Authorize(Roles = "Client")]
[HttpPost("individual")]
[ProducesResponseType(typeof(IndividualReservation), StatusCodes.Status201Created)]
public async Task> CreateIndividualReservation([FromBody] IndividualReservation reservation)
@@ -111,7 +111,7 @@ public async Task> CreateIndividualReservati
}
}
- //[Authorize(Roles = "Trainer")]
+ [Authorize(Roles = "Trainer")]
[HttpPost("group")]
[ProducesResponseType(typeof(GroupReservation), StatusCodes.Status201Created)]
public async Task> CreateGroupReservation([FromBody] GroupReservation reservation)
@@ -127,7 +127,7 @@ public async Task> CreateGroupReservation([FromBo
}
}
- //[Authorize(Roles = "Trainer")]
+ [Authorize(Roles = "Trainer")]
[HttpDelete("group/{id}")]
[ProducesResponseType(typeof(GroupReservation), StatusCodes.Status200OK)]
public async Task DeleteGroupReservation(string id)
@@ -143,7 +143,7 @@ public async Task DeleteGroupReservation(string id)
}
}
- //[Authorize(Roles = "Client")]
+ [Authorize(Roles = "Client")]
[HttpPut("individual/client/cancel/{id}")]
[ProducesResponseType(typeof(IndividualReservation), StatusCodes.Status204NoContent)]
public async Task CancelClientIndividualReservation(string id)
@@ -152,7 +152,7 @@ public async Task CancelClientIndividualReservation(string id)
return cancelled ? Ok(cancelled) : BadRequest();
}
- //[Authorize(Roles = "Trainer")]
+ [Authorize(Roles = "Trainer")]
[HttpPut("individual/trainer/cancel/{id}")]
[ProducesResponseType(typeof(IndividualReservation), StatusCodes.Status204NoContent)]
public async Task CancelTrainerIndividualReservation(string id)
@@ -161,7 +161,7 @@ public async Task CancelTrainerIndividualReservation(string id)
return cancelled ? Ok(cancelled) : BadRequest();
}
- //[Authorize(Roles = "Client")]
+ [Authorize(Roles = "Client")]
[HttpPost("group/book/{id}")]
[ProducesResponseType(typeof(GroupReservation), StatusCodes.Status200OK)]
public async Task BookGroupReservation(string id, [FromQuery] string clientId)
@@ -177,7 +177,7 @@ public async Task BookGroupReservation(string id, [FromQuery] str
}
}
- //[Authorize(Roles = "Client")]
+ [Authorize(Roles = "Client")]
[HttpPost("group/cancel/{id}")]
[ProducesResponseType(typeof(GroupReservation), StatusCodes.Status204NoContent)]
public async Task CancelGroupReservation(string id, [FromQuery] string clientId)
diff --git a/Fitness/Backend/Services/ReservationService/ReservationService.API/Program.cs b/Fitness/Backend/Services/ReservationService/ReservationService.API/Program.cs
index 5577db7..81f1b69 100644
--- a/Fitness/Backend/Services/ReservationService/ReservationService.API/Program.cs
+++ b/Fitness/Backend/Services/ReservationService/ReservationService.API/Program.cs
@@ -1,5 +1,8 @@
+using System.Text;
using EventBus.Messages.Events;
using MassTransit;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
using ReservationService.API.Data;
using ReservationService.API.Entities;
using ReservationService.API.Publishers;
@@ -46,6 +49,30 @@
cfg.Host(builder.Configuration["EventBusSettings:HostAddress"]);
});
});
+
+var jwtSettings = builder.Configuration.GetSection("JwtSettings");
+var secretKey = jwtSettings.GetValue("secretKey");
+
+builder.Services.AddAuthentication(options =>
+ {
+ options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+ options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+ })
+ .AddJwtBearer(options =>
+ {
+ options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+ {
+ ValidateIssuer = true,
+ ValidateAudience = true,
+ ValidateLifetime = true,
+ ValidateIssuerSigningKey = true,
+
+ ValidIssuer = jwtSettings.GetSection("validIssuer").Value,
+ ValidAudience = jwtSettings.GetSection("validAudience").Value,
+ IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
+ };
+ });
+
var app = builder.Build();
app.UseCors("CorsPolicy");
@@ -59,8 +86,8 @@
app.UseRouting();
-//app.UseAuthentication();
-//app.UseAuthorization();
+app.UseAuthentication();
+app.UseAuthorization();
app.MapControllers();
diff --git a/Fitness/Backend/Services/ReservationService/ReservationService.API/ReservationService.API.csproj b/Fitness/Backend/Services/ReservationService/ReservationService.API/ReservationService.API.csproj
index de6cf5b..732fb13 100644
--- a/Fitness/Backend/Services/ReservationService/ReservationService.API/ReservationService.API.csproj
+++ b/Fitness/Backend/Services/ReservationService/ReservationService.API/ReservationService.API.csproj
@@ -13,6 +13,7 @@
+
diff --git a/Fitness/Backend/Services/ReservationService/ReservationService.API/appsettings.Development.json b/Fitness/Backend/Services/ReservationService/ReservationService.API/appsettings.Development.json
index 0c208ae..bdc1820 100644
--- a/Fitness/Backend/Services/ReservationService/ReservationService.API/appsettings.Development.json
+++ b/Fitness/Backend/Services/ReservationService/ReservationService.API/appsettings.Development.json
@@ -4,5 +4,11 @@
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
+ },
+ "JwtSettings": {
+ "validIssuer": "Fitness Identity",
+ "validAudience": "Fitness",
+ "secretKey": "MyVeryVerySecretMessageForSecretKey",
+ "expires": 15
}
}
diff --git a/Fitness/Backend/Services/ReviewService/ReviewService.API/Controllers/ReviewController.cs b/Fitness/Backend/Services/ReviewService/ReviewService.API/Controllers/ReviewController.cs
index 9d96462..7479b16 100644
--- a/Fitness/Backend/Services/ReviewService/ReviewService.API/Controllers/ReviewController.cs
+++ b/Fitness/Backend/Services/ReviewService/ReviewService.API/Controllers/ReviewController.cs
@@ -7,7 +7,7 @@
namespace ReviewService.API.Controllers
{
- // [Authorize]
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class ReviewController : ControllerBase
@@ -21,7 +21,7 @@ public ReviewController(IReviewRepository repository, IReviewPublisher reviewPub
_reviewPublisher = reviewPublisher ?? throw new ArgumentNullException(nameof(reviewPublisher));
}
- // [Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Trainer")]
[HttpGet("trainer/{trainerId}", Name = "GetReviewsByTrainerId")]
[ProducesResponseType(typeof(ReviewDTO), StatusCodes.Status200OK)]
[ProducesResponseType(typeof(void), StatusCodes.Status404NotFound)]
@@ -35,7 +35,7 @@ public async Task>> GetReviewsByTrainerId(st
return Ok(reviews);
}
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client")]
[HttpGet("client/{clientId}", Name = "GetReviewsByClientId")]
[ProducesResponseType(typeof(ReviewDTO), StatusCodes.Status200OK)]
[ProducesResponseType(typeof(void), StatusCodes.Status404NotFound)]
@@ -49,7 +49,7 @@ public async Task>> GetReviewsByClientId(str
return Ok(reviews);
}
- // [Authorize(Roles = "Trainer")]
+ [Authorize(Roles = "Trainer")]
[HttpPost("trainer/{trainerId}")]
[ProducesResponseType(typeof(ReviewDTO), StatusCodes.Status201Created)]
public async Task> TrainerReview(string trainerId, [FromBody] SubmitReviewDTO reviewDTO)
@@ -67,7 +67,7 @@ public async Task> TrainerReview(string trainerId, [From
return updated ? Ok(review) : BadRequest();
}
- // [Authorize(Roles = "Client")]
+ [Authorize(Roles = "Client")]
[HttpPost("client/{clientId}")]
[ProducesResponseType(typeof(ReviewDTO), StatusCodes.Status201Created)]
public async Task> ClientReview(string clientId, [FromBody] SubmitReviewDTO reviewDTO)
diff --git a/Fitness/Backend/Services/ReviewService/ReviewService.API/Program.cs b/Fitness/Backend/Services/ReviewService/ReviewService.API/Program.cs
index cf2c254..b773ebe 100644
--- a/Fitness/Backend/Services/ReviewService/ReviewService.API/Program.cs
+++ b/Fitness/Backend/Services/ReviewService/ReviewService.API/Program.cs
@@ -105,8 +105,8 @@
app.UseRouting();
-// app.UseAuthentication();
-// app.UseAuthorization();
+app.UseAuthentication();
+app.UseAuthorization();
app.MapControllers();
diff --git a/Fitness/Backend/Services/TrainerService/TrainerService.API/Controllers/TrainerController.cs b/Fitness/Backend/Services/TrainerService/TrainerService.API/Controllers/TrainerController.cs
index 2a4a516..7428f50 100644
--- a/Fitness/Backend/Services/TrainerService/TrainerService.API/Controllers/TrainerController.cs
+++ b/Fitness/Backend/Services/TrainerService/TrainerService.API/Controllers/TrainerController.cs
@@ -10,7 +10,7 @@
namespace TrainerService.API.Controllers
{
- // [Authorize]
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class TrainerController : ControllerBase
@@ -29,7 +29,7 @@ public TrainerController(ITrainerRepository repository, ReviewGrpcService review
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetTrainers()
@@ -44,7 +44,7 @@ public async Task>> GetTrainers()
return Ok(trainers);
}
- // [Authorize(Roles = "Admin, Client, Trainer")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("{id}", Name = "GetTrainer")]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status200OK)]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status404NotFound)]
@@ -63,7 +63,7 @@ public async Task> GetTrainerById(string id)
}
}
- // [Authorize(Roles = "Admin, Client, Trainer")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[HttpGet("[action]/{email}", Name = "GetTrainerByEmail")]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status200OK)]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status404NotFound)]
@@ -82,7 +82,7 @@ public async Task> GetTrainerByEmail(string email)
}
}
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client")]
[Route("[action]/{minRating}")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
@@ -99,7 +99,7 @@ public async Task>> GetTrainersByRating(double
return Ok(filteredTrainers);
}
- // [Authorize(Roles = "Admin, Client")]
+ [Authorize(Roles = "Admin, Client")]
[Route("[action]/{trainingType}")]
[HttpGet]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
@@ -115,7 +115,7 @@ public async Task>> GetTrainersByTrainingType(
return Ok(trainers);
}
- // [Authorize(Roles = "Admin, Client, Trainer")]
+ [Authorize(Roles = "Admin, Client, Trainer")]
[Route("[action]/{trainerId}/{trainingType}")]
[HttpGet]
[ProducesResponseType(typeof(decimal), StatusCodes.Status200OK)]
@@ -126,7 +126,7 @@ public async Task> GetPrice(string trainerId, string train
return Ok(price);
}
- // [Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin")]
[HttpPost]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status201Created)]
public async Task> CreateTrainer([FromBody] Trainer trainer)
@@ -146,7 +146,7 @@ public async Task> CreateTrainer([FromBody] Trainer traine
return CreatedAtRoute("GetTrainer", new { id = trainer.Id }, trainer);
}
- // [Authorize(Roles = "Admin, Trainer")]
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPut]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status200OK)]
public async Task UpdateTrainer([FromBody] Trainer trainer)
@@ -162,7 +162,7 @@ public async Task UpdateTrainer([FromBody] Trainer trainer)
return Ok(await _repository.UpdateTrainer(trainer));
}
- // [Authorize(Roles = "Admin")]
+ [Authorize(Roles = "Admin")]
[HttpDelete("{id}", Name = "DeleteTrainer")]
[ProducesResponseType(typeof(Trainer), StatusCodes.Status200OK)]
public async Task DeleteTrainer(string id)
diff --git a/Fitness/Backend/Services/TrainerService/TrainerService.API/Program.cs b/Fitness/Backend/Services/TrainerService/TrainerService.API/Program.cs
index ba1df3c..4d30751 100644
--- a/Fitness/Backend/Services/TrainerService/TrainerService.API/Program.cs
+++ b/Fitness/Backend/Services/TrainerService/TrainerService.API/Program.cs
@@ -104,8 +104,8 @@
app.UseRouting();
-// app.UseAuthentication();
-// app.UseAuthorization();
+app.UseAuthentication();
+app.UseAuthorization();
app.MapControllers();
diff --git a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/TrainingController.cs b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/TrainingController.cs
index 272df4f..4c29f06 100644
--- a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/TrainingController.cs
+++ b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/TrainingController.cs
@@ -1,9 +1,11 @@
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using videoTrainingService.API.Entities;
using videoTrainingService.API.Repositories;
namespace videoTrainingService.API.Controllers
{
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
@@ -16,6 +18,7 @@ public TrainingController(ITrainingRepository repository)
_repository = repository ?? throw new ArgumentNullException(nameof(repository));
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("exercises/{trainerId}")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetExercises(string trainerId)
@@ -24,6 +27,7 @@ public async Task>> GetExercises(string train
return Ok(exercises);
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("exercise/{id}", Name = "GetExercise")]
[ProducesResponseType(typeof(Exercise), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -36,7 +40,8 @@ public async Task> GetExercise(string id)
}
return Ok(exercise);
}
-
+
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPost("exercise")]
[ProducesResponseType(typeof(Exercise), StatusCodes.Status201Created)]
public async Task CreateExercise([FromBody] Exercise exercise)
@@ -45,6 +50,7 @@ public async Task CreateExercise([FromBody] Exercise exercise)
return CreatedAtRoute("GetExercise", new { id = exercise.Id} , exercise);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPut("exercise")]
[ProducesResponseType(typeof(Exercise), StatusCodes.Status200OK)]
public async Task UpdateExercise([FromBody] Exercise exercise)
@@ -53,6 +59,7 @@ public async Task UpdateExercise([FromBody] Exercise exercise)
return Ok(result);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpDelete("exercise/{id}")]
[ProducesResponseType(typeof(Exercise), StatusCodes.Status200OK)]
public async Task DeleteExercise(string id)
@@ -61,6 +68,7 @@ public async Task DeleteExercise(string id)
return Ok(result);
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("training/trainingClient", Name = "GetTrainingsForClient")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetTrainingsForClient()
@@ -69,6 +77,7 @@ public async Task>> GetTrainingsForClient()
return Ok(trainings);
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("training/trainingTrainer/{trainerId}", Name = "GetTrainingsForTrainer")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetTrainingsForTrainer(string trainerId)
@@ -77,6 +86,7 @@ public async Task>> GetTrainingsForTrainer(st
return Ok(trainings);
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("training/{id}", Name = "GetTraining")]
[ProducesResponseType(typeof(Training), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -90,6 +100,7 @@ public async Task> GetTraining(string id)
return Ok(training);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPost("training")]
[ProducesResponseType(typeof(Training), StatusCodes.Status201Created)]
public async Task CreateTraining([FromBody] Training training)
@@ -98,6 +109,7 @@ public async Task CreateTraining([FromBody] Training training)
return CreatedAtRoute("GetTraining", new { id = training.TrainingId} , training);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPut("training")]
[ProducesResponseType(typeof(Training), StatusCodes.Status200OK)]
public async Task UpdateTraining([FromBody] Training training)
@@ -106,6 +118,7 @@ public async Task UpdateTraining([FromBody] Training training)
return Ok(result);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpDelete("training/{id}")]
[ProducesResponseType(typeof(Training), StatusCodes.Status200OK)]
public async Task DeleteTraining(string id)
@@ -114,6 +127,7 @@ public async Task DeleteTraining(string id)
return Ok(result);
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("trainingExercises/{trainingId}", Name = "GetTrainingExercises")]
[ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)]
public async Task>> GetTrainingExercises(string trainingId)
@@ -122,6 +136,7 @@ public async Task>> GetTrainingExerci
return Ok(trainingExercises);
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("trainingExercise/{id}", Name = "GetTrainingExercise")]
[ProducesResponseType(typeof(TrainingExercise), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -135,6 +150,7 @@ public async Task> GetTrainingExercise(string id)
return Ok(trainingExercise);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPost("trainingExercise")]
[ProducesResponseType(typeof(TrainingExercise), StatusCodes.Status201Created)]
public async Task CreateTrainingExercise([FromBody] TrainingExercise trainingExercise)
@@ -143,6 +159,7 @@ public async Task CreateTrainingExercise([FromBody] TrainingExerci
return CreatedAtRoute("GetTrainingExercise", new { id = trainingExercise.Id} , trainingExercise);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpPut("trainingExercise")]
[ProducesResponseType(typeof(TrainingExercise), StatusCodes.Status200OK)]
public async Task UpdateTrainingExercise([FromBody] TrainingExercise trainingExercises)
@@ -151,6 +168,7 @@ public async Task UpdateTrainingExercise([FromBody] TrainingExerc
return Ok(result);
}
+ [Authorize(Roles = "Admin, Trainer")]
[HttpDelete("trainingExercise/{trainingId}")]
[ProducesResponseType(typeof(TrainingExercise), StatusCodes.Status200OK)]
public async Task DeleteTrainingExercises(string trainingId)
@@ -158,7 +176,8 @@ public async Task DeleteTrainingExercises(string trainingId)
var result = await _repository.DeleteTrainingExercises(trainingId);
return Ok(result);
}
-
+
+ [Authorize(Roles = "Client")]
[HttpPost("training/{trainingId}/addClient/{clientId}")]
public async Task AddClientToTraining(string trainingId, string clientId)
{
@@ -170,6 +189,7 @@ public async Task AddClientToTraining(string trainingId, string c
return Ok($"Client {clientId} added to training {trainingId}.");
}
+ [Authorize(Roles = "Admin, Trainer, Client")]
[HttpGet("training/byClient/{clientId}")]
public async Task>> GetTrainingsByClient(string clientId)
{
diff --git a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/UploadController.cs b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/UploadController.cs
index 0e54891..81a696d 100644
--- a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/UploadController.cs
+++ b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Controllers/UploadController.cs
@@ -3,11 +3,13 @@
using Microsoft.AspNetCore.Hosting;
using System.IO;
using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
namespace videoTrainingService.API.Controllers
{
-
+
+ [Authorize]
[ApiController]
[Route("api/v1/[controller]")]
public class UploadController : ControllerBase
@@ -22,7 +24,8 @@ public UploadController(IWebHostEnvironment env)
Directory.CreateDirectory(_uploadsPath);
}
}
-
+
+ [Authorize(Roles="Admin, Trainer")]
[HttpPost("video")]
[ApiExplorerSettings(IgnoreApi = true)]
public async Task UploadVideo([FromForm] IFormFile file)
@@ -39,7 +42,8 @@ public async Task UploadVideo([FromForm] IFormFile file)
return Ok(new { FileName = file.FileName });
}
-
+
+ [Authorize(Roles="Admin, Trainer")]
[HttpDelete("video/delete/{fileName}")]
public IActionResult DeleteVideo(string fileName)
{
diff --git a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Program.cs b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Program.cs
index eaf3a99..d9ac75d 100644
--- a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Program.cs
+++ b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/Program.cs
@@ -1,6 +1,9 @@
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
using videoTrainingService.API.Data;
using videoTrainingService.API.Repositories;
using Microsoft.Extensions.FileProviders;
+using Microsoft.IdentityModel.Tokens;
var builder = WebApplication.CreateBuilder(args);
@@ -28,6 +31,29 @@
builder.Services.AddControllers();
+var jwtSettings = builder.Configuration.GetSection("JwtSettings");
+var secretKey = jwtSettings.GetValue("secretKey");
+
+builder.Services.AddAuthentication(options =>
+ {
+ options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+ options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+ })
+ .AddJwtBearer(options =>
+ {
+ options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+ {
+ ValidateIssuer = true,
+ ValidateAudience = true,
+ ValidateLifetime = true,
+ ValidateIssuerSigningKey = true,
+
+ ValidIssuer = jwtSettings.GetSection("validIssuer").Value,
+ ValidAudience = jwtSettings.GetSection("validAudience").Value,
+ IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
+ };
+ });
+
var app = builder.Build();
// Configure the HTTP request pipeline.
@@ -50,7 +76,13 @@
});
app.UseCors("AllowAll");
+
+app.UseRouting();
app.UseHttpsRedirection();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
app.MapControllers();
app.Run();
diff --git a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/appsettings.Development.json b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/appsettings.Development.json
index ee42267..edbc877 100644
--- a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/appsettings.Development.json
+++ b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/appsettings.Development.json
@@ -5,7 +5,12 @@
"Microsoft.AspNetCore": "Warning"
}
},
-
+ "JwtSettings": {
+ "validIssuer": "Fitness Identity",
+ "validAudience": "Fitness",
+ "secretKey": "MyVeryVerySecretMessageForSecretKey",
+ "expires": 15
+ },
"DatabaseSettings": {
"ConnectionString": "mongodb://videotrainingdb:27017"
}
diff --git a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/videoTrainingService.API.csproj b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/videoTrainingService.API.csproj
index d1b6105..e21152f 100644
--- a/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/videoTrainingService.API.csproj
+++ b/Fitness/Backend/Services/videoTrainingService/videoTrainingService.API/videoTrainingService.API.csproj
@@ -8,6 +8,7 @@
+
diff --git a/Fitness/Frontend/src/services/ChatService.js b/Fitness/Frontend/src/services/ChatService.js
index b4abe20..e0653a1 100644
--- a/Fitness/Frontend/src/services/ChatService.js
+++ b/Fitness/Frontend/src/services/ChatService.js
@@ -13,6 +13,7 @@ const TRAINERS = `${GATEWAY_URL}/trainer`;
export async function getBasicInfoForTrainerSessions(trainerId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${CHAT}/sessions/${trainerId}/my-sessions-summary`);
return response.data;
} catch (error) {
@@ -23,6 +24,7 @@ export async function getBasicInfoForTrainerSessions(trainerId) {
export async function getBasicInfoForClientSessions(clientId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${CHAT}/sessions/${clientId}/my-sessions-summary`);
return response.data;
} catch (error) {
@@ -33,6 +35,7 @@ export async function getBasicInfoForClientSessions(clientId) {
export async function getMessagesFromSession(trainerId, clientId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${CHAT}/sessions/messages?trainerId=${trainerId}&clientId=${clientId}`);
return response.data;
} catch (error) {
@@ -43,6 +46,7 @@ export async function getMessagesFromSession(trainerId, clientId) {
export async function sendMessageToSession(trainerId, clientId, content, senderType) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(
`${CHAT}/sessions/messages`,
content,
@@ -66,6 +70,7 @@ export async function sendMessageToSession(trainerId, clientId, content, senderT
export async function createChatSession(trainerId, clientId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(
`${CHAT}/sessions`,
null,
@@ -82,6 +87,7 @@ export async function createChatSession(trainerId, clientId) {
return response;
} catch (error) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
console.error("Error creating chat session:", error);
alert("Failed to create chat session. Please try again.");
throw error;
@@ -90,6 +96,7 @@ export async function createChatSession(trainerId, clientId) {
export async function getChatSession(trainerId, clientId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${CHAT}/sessions?trainerId=${trainerId}&clientId=${clientId}`);
return response;
} catch (error) {
@@ -100,6 +107,7 @@ export async function getChatSession(trainerId, clientId) {
export async function extendChatSession(trainerId, clientId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(
`${CHAT}/sessions/extend`,
null,
@@ -124,6 +132,7 @@ export async function extendChatSession(trainerId, clientId) {
export async function getClientById(clientId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${CLIENT}/${clientId}`);
return response.data;
} catch (error) {
@@ -134,6 +143,7 @@ export async function getClientById(clientId) {
export async function getTrainerById(trainerId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${TRAINERS}/${trainerId}`);
return response.data;
} catch (error) {
diff --git a/Fitness/Frontend/src/services/NotificationService.js b/Fitness/Frontend/src/services/NotificationService.js
index 21a4557..e77b396 100644
--- a/Fitness/Frontend/src/services/NotificationService.js
+++ b/Fitness/Frontend/src/services/NotificationService.js
@@ -9,7 +9,9 @@ const NOTIFICATIONS = "http://localhost:8004/api/v1/Notification";
// Admin
export async function getNotifications() {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${NOTIFICATIONS}`);
return response.data;
} catch (error) {
@@ -20,6 +22,7 @@ export async function getNotifications() {
export async function getNotificationsByUserId(userId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${NOTIFICATIONS}/user/${userId}`);
return response.data;
} catch (error) {
@@ -30,6 +33,7 @@ export async function getNotificationsByUserId(userId) {
export async function getNotificationById(id) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${NOTIFICATIONS}/${id}`);
return response.data;
} catch (error) {
@@ -40,6 +44,7 @@ export async function getNotificationById(id) {
export async function updateNotification(notification) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.put(`${NOTIFICATIONS}`, notification, {
headers: { "Content-Type": "application/json" }
});
@@ -52,6 +57,7 @@ export async function updateNotification(notification) {
}
export async function markNotificationAsRead(notificationId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
return axios.put(
`${NOTIFICATIONS}/${notificationId}/read`,
{},
@@ -67,6 +73,7 @@ export async function markNotificationAsRead(notificationId) {
export async function deleteAllNotifications() {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.delete(`${NOTIFICATIONS}`);
return response.data;
} catch (error) {
@@ -77,6 +84,7 @@ export async function deleteAllNotifications() {
export async function deleteNotificationsByUserId(userId) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.delete(`/user/${userId}`);
return response.data;
} catch (error) {
@@ -87,6 +95,7 @@ export async function deleteNotificationsByUserId(userId) {
export async function deleteNotificationById(id) {
try {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.delete(`${NOTIFICATIONS}/${id}`);
return response.data;
} catch (error) {
diff --git a/Fitness/Frontend/src/services/ReservationService.js b/Fitness/Frontend/src/services/ReservationService.js
index 0c27ba1..83593c8 100644
--- a/Fitness/Frontend/src/services/ReservationService.js
+++ b/Fitness/Frontend/src/services/ReservationService.js
@@ -12,30 +12,35 @@ const RESERVATIONS = "http://localhost:8103/api/v1/Reservation"; //temporary
// Admin - get all individual
export async function getAllIndividualReservations() {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/individual`);
return response;
}
// Admin - get individual by id
export async function getIndividualReservationById(id) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/individual/${id}`);
return response;
}
// Client - get individual by clientId
export async function getIndividualReservationsByClient(clientId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/individual/client/${clientId}`);
return response;
}
// Trainer - get individual by trainerId
export async function getIndividualReservationsByTrainer(trainerId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/individual/trainer/${trainerId}`);
return response;
}
// Client - create individual reservation
export async function createIndividualReservation(reservation) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(`${RESERVATIONS}/individual`, reservation, {
headers: { "Content-Type": "application/json" },
});
@@ -46,30 +51,35 @@ export async function createIndividualReservation(reservation) {
// Admin - get all group
export async function getAllGroupReservations() {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/group`);
return response;
}
// Admin - get group by id
export async function getGroupReservationById(id) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/group/${id}`);
return response;
}
// Client - get group by clientId
export async function getGroupReservationsByClient(clientId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/group/client/${clientId}`);
return response;
}
// Trainer - get group by trainerId
export async function getGroupReservationsByTrainer(trainerId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.get(`${RESERVATIONS}/group/trainer/${trainerId}`);
return response;
}
// Trainer - create group reservation
export async function createGroupReservation(reservation) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(`${RESERVATIONS}/group`, reservation, {
headers: { "Content-Type": "application/json" },
});
@@ -78,6 +88,7 @@ export async function createGroupReservation(reservation) {
// Trainer - delete group reservation
export async function deleteGroupReservation(id) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.delete(`${RESERVATIONS}/group/${id}`);
return response;
}
@@ -86,6 +97,7 @@ export async function deleteGroupReservation(id) {
// Client - book group reservation
export async function bookGroupReservation(id, clientId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(`${RESERVATIONS}/group/book/${id}`, null, {
params: { clientId },
});
@@ -94,12 +106,14 @@ export async function bookGroupReservation(id, clientId) {
// Client - cancel individual reservation
export async function cancelClientIndividualReservation(id) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.put(`${RESERVATIONS}/individual/client/cancel/${id}`);
return response;
}
// Client - cancel group reservation
export async function cancelGroupReservation(id, clientId) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.post(`${RESERVATIONS}/group/cancel/${id}`, null, {
params: { clientId },
});
@@ -108,6 +122,7 @@ export async function cancelGroupReservation(id, clientId) {
// Trainer - cancel individual reservation
export async function cancelTrainerIndividualReservation(id) {
+ axios.defaults.headers.common = { 'Authorization': `Bearer ${sessionStorage.getItem('accessToken')}` };
const response = await axios.put(`${RESERVATIONS}/individual/trainer/cancel/${id}`);
return response;
}