Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
1 changed file
with
39 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
Hi, | ||
|
||
I have completed the task, please see the attachment. | ||
|
||
I created a new project "UserAuthApp" and implemented authentication and authorization. | ||
|
||
I also combined/integrated this code in the project | ||
|
||
Please follow below steps to test the project. | ||
|
||
Extract the attached file. | ||
Create a new database (you can also use existing database if it doesn't have "User" table already). | ||
Run the script of "UserScript.txt" file against this database to create the User table and insert sample data in it. | ||
Open the project in Visual Studio. | ||
Open appsettings.json file and change the database connection string. | ||
Press Ctrl + F5 (on windows) to run the project without debugging. | ||
When run, then open PostMan to test the endpoints. It's a chrome extension. You will have to install if you don't have it already. | ||
Note: In the database User table Samehra has Admin role while Smith has User role. | ||
|
||
Logging In: | ||
Send a post request to the following endpoint with below data using PostMan. | ||
Endpoint: http://localhost:7429/api/users/authenticate | ||
Data: {"Username":"Samehra", "Password":"pass111"} | ||
In response you will get user info with a token. | ||
|
||
Below endpoint can be accessed by admin role only. | ||
http://localhost:7429/api/users/adminendpoint | ||
|
||
Below endpoint can be accessed by user role only. | ||
http://localhost:7429/api/users/userendpoint | ||
|
||
To call the above endpoints, you will need to send the token (that you got using the authenticate endpoint) in the header. | ||
The key should be "Authorization" while its value should be "Bearer [token]". Replace "[token]" with the actual token. | ||
|
||
If you call these endpoints without any token, it will return 401 - Unauthorized. | ||
|
||
If you call an endpoint that's not accessible by that person/role, it will return 403 - Forbidden. | ||
|
||
Please let me know if you have questions. |