From d97c36413536a523e27bafa3a415757aedbe3837 Mon Sep 17 00:00:00 2001 From: "Samehra Shad (shads3)" Date: Thu, 14 Mar 2019 18:23:37 +0000 Subject: [PATCH] Add files via upload --- instruction vbbbbbbbbbbbbbb auth.txt | 39 ++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 instruction vbbbbbbbbbbbbbb auth.txt diff --git a/instruction vbbbbbbbbbbbbbb auth.txt b/instruction vbbbbbbbbbbbbbb auth.txt new file mode 100644 index 0000000..8d9a664 --- /dev/null +++ b/instruction vbbbbbbbbbbbbbb auth.txt @@ -0,0 +1,39 @@ +Hi, + +I have completed the task, please see the attachment. + +I created a new project "UserAuthApp" and implemented authentication and authorization. + +I also combined/integrated this code in the project + +Please follow below steps to test the project. + +Extract the attached file. +Create a new database (you can also use existing database if it doesn't have "User" table already). +Run the script of "UserScript.txt" file against this database to create the User table and insert sample data in it. +Open the project in Visual Studio. +Open appsettings.json file and change the database connection string. +Press Ctrl + F5 (on windows) to run the project without debugging. +When run, then open PostMan to test the endpoints. It's a chrome extension. You will have to install if you don't have it already. +Note: In the database User table Samehra has Admin role while Smith has User role. + +Logging In: +Send a post request to the following endpoint with below data using PostMan. +Endpoint: http://localhost:7429/api/users/authenticate +Data: {"Username":"Samehra", "Password":"pass111"} +In response you will get user info with a token. + +Below endpoint can be accessed by admin role only. +http://localhost:7429/api/users/adminendpoint + +Below endpoint can be accessed by user role only. +http://localhost:7429/api/users/userendpoint + +To call the above endpoints, you will need to send the token (that you got using the authenticate endpoint) in the header. +The key should be "Authorization" while its value should be "Bearer [token]". Replace "[token]" with the actual token. + +If you call these endpoints without any token, it will return 401 - Unauthorized. + +If you call an endpoint that's not accessible by that person/role, it will return 403 - Forbidden. + +Please let me know if you have questions. \ No newline at end of file