Instructions

[shads3]

Hi,

I have completed the task, please see the attachment.

I created a new project "UserAuthApp" and implemented authentication and authorization.

I also combined/integrated this code in the project

Please follow below steps to test the project.

1. Extract the attached file.
2. Create a new database (you can also use existing database if it doesn't have "User" table already).
3. Run the script of "UserScript.txt" file against this database to create the User table and insert sample data in it.
4. Open the project in Visual Studio.
5. Open appsettings.json file and change the database connection string.
6. Press Ctrl + F5 (on windows) to run the project without debugging.
7. When run, then open PostMan to test the endpoints. It's a chrome extension. You will have to install if you don't have it already.

Note: In the database User table Samehra has Admin role while Smith has User role.

Logging In:
Send a post request to the following endpoint with below data using PostMan.
Endpoint: http://localhost:7429/api/users/authenticate
Data: {"Username":"Samehra", "Password":"pass111"}
In response you will get user info with a token.

Below endpoint can be accessed by admin role only.
http://localhost:7429/api/users/adminendpoint

Below endpoint can be accessed by user role only.
http://localhost:7429/api/users/userendpoint

To call the above endpoints, you will need to send the token (that you got using the authenticate endpoint) in the header.
The key should be "Authorization" while its value should be "Bearer [token]". Replace "[token]" with the actual token.

If you call these endpoints without any token, it will return 401 - Unauthorized.

If you call an endpoint that's not accessible by that person/role, it will return 403 - Forbidden.

Please let me know if you have questions.