swagger authorize option enable , db script file added & minor code changes

Author: ajayvishu

ReactwithDotnetCore/Controllers/LoginController.cs

@@ -13,7 +13,6 @@ namespace ReactwithDotnetCore.Controllers
 {
     public class LoginController(IConfiguration configuration) : Controller
     {
-        private readonly IConfiguration _config = configuration ?? throw new ArgumentNullException(nameof(configuration));
         private readonly string _connectionString = configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string is missing.");
 
         [AllowAnonymous]
@@ -60,7 +59,7 @@ public async Task<IActionResult> UserRegister([FromBody] User register)
         private string GenerateJSONWebToken(User userInfo)
         {
             // Ensure the key has at least 256 bits
-            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"].PadRight(32)));
+            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration?["Jwt:Key"]?.PadRight(32)));
             var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
 
             var claims = new[] {
@@ -70,8 +69,8 @@ private string GenerateJSONWebToken(User userInfo)
                 new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
             };
 
-            var token = new JwtSecurityToken(_config["Jwt:Issuer"],
-                _config["Jwt:Audience"],
+            var token = new JwtSecurityToken(configuration?["Jwt:Issuer"],
+                configuration?["Jwt:Audience"],
                 claims,
                 expires: DateTime.Now.AddMinutes(120),
                 signingCredentials: credentials);

ReactwithDotnetCore/Controllers/StudentController.cs

@@ -35,8 +35,7 @@ public async Task<IActionResult> StudentData2(Student student)
                 using IDbConnection dbConnection = new SqlConnection(_connectionString);
                 dbConnection.Open();
 
-                // Assuming your table name is 'Students'
-                string query = "INSERT INTO Students (name, email, phone, image) VALUES (@Name, @Email, @Phone, @Image)";
+                string query = "INSERT INTO TBLB_Student (name, email, phone, image) VALUES (@Name, @Email, @Phone, @Image)";
                 int rowsAffected = await dbConnection.ExecuteAsync(query, student);
 
                 if (rowsAffected > 0)
@@ -60,11 +59,47 @@ public async Task<IActionResult> GetAllStudents()
         {
             try
             {
+                /*
+                
+                //This code assumes that the token is in the "Bearer <token>" format in the Authorization header. 
+                //It splits the header and takes the last part as the token for validation. If your token format is 
+                //different, adjust the code accordingly.
+
+                // Retrieve the user name from the claims
+                var userName = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+
+                // Retrieve the token from the Authorization header
+                var token = HttpContext.Request.Headers.Authorization.FirstOrDefault()?.Split(" ").Last();
+
+                if (string.IsNullOrEmpty(token))
+                {
+                    return Unauthorized("Token not provided");
+                }
+
+                // Validate the token
+                var tokenHandler = new JwtSecurityTokenHandler();
+                var validationParameters = new TokenValidationParameters
+                {
+                    ValidateIssuer = true,
+                    ValidateAudience = true,
+                    ValidateLifetime = true,
+                    ValidateIssuerSigningKey = true,
+                    ValidIssuer = configuration?["Jwt:Issuer"]?.ToString(),
+                    ValidAudience = configuration?["Jwt:Audience"]?.ToString(),
+                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration?["Jwt:Key"]?.PadRight(32)))
+                };
+
+                var principal = tokenHandler.ValidateToken(token, validationParameters, out SecurityToken validatedToken);
+
+                // At this point, the token is valid, and you can retrieve additional claims
+                var dateOfJoin = principal.FindFirst("DateOfJoin")?.Value;
+
+                */
+
                 using IDbConnection dbConnection = new SqlConnection(_connectionString);
                 dbConnection.Open();
 
-                // Assuming your table name is 'Students'
-                string query = "SELECT * FROM Students";
+                string query = "SELECT * FROM TBLB_Student";
                 var students = await dbConnection.QueryAsync<Student>(query);
 
                 return Ok(students);
@@ -75,7 +110,6 @@ public async Task<IActionResult> GetAllStudents()
             }
         }
 
-
         [HttpPost("insertstudent")]
         public async Task<IActionResult> InsertStudent(Student student)
         {
@@ -87,12 +121,12 @@ public async Task<IActionResult> InsertStudent(Student student)
                 if (student.rollNumber.HasValue && student.rollNumber > 0)
                 {
                     // Update record if rollNumber is greater than 0
-                    string updateQuery = "UPDATE Students SET name = @Name, email = @Email, phone = @Phone, image = @Image WHERE rollNumber = @rollNumber;";
+                    string updateQuery = "UPDATE TBLB_Student SET name = @Name, email = @Email, phone = @Phone, image = @Image WHERE rollNumber = @rollNumber;";
                     int rowsAffected = await dbConnection.ExecuteAsync(updateQuery, student);
 
                     if (rowsAffected > 0)
                     {
-                        string query = "SELECT * FROM Students";
+                        string query = "SELECT * FROM TBLB_Student";
                         var students = await dbConnection.QueryAsync<Student>(query);
 
                         return Ok(students);
@@ -105,12 +139,12 @@ public async Task<IActionResult> InsertStudent(Student student)
                 else
                 {
                     // Insert record if rollNumber is not provided or less than or equal to 0
-                    string insertQuery = "INSERT INTO Students (name, email, phone, image) VALUES (@Name, @Email, @Phone, @Image);";
+                    string insertQuery = "INSERT INTO TBLB_Student (name, email, phone, image) VALUES (@Name, @Email, @Phone, @Image);";
                     int rowsAffected = await dbConnection.ExecuteAsync(insertQuery, student);
 
                     if (rowsAffected > 0)
                     {
-                        string query = "SELECT * FROM Students";
+                        string query = "SELECT * FROM TBLB_Student";
                         var students = await dbConnection.QueryAsync<Student>(query);
 
                         return Ok(students);
@@ -135,8 +169,7 @@ public async Task<IActionResult> DeleteStudent(int rollNumber)
                 using IDbConnection dbConnection = new SqlConnection(_connectionString);
                 dbConnection.Open();
 
-                // Assuming your table name is 'Students'
-                string query = "DELETE FROM Students WHERE rollNumber = @rollNumber";
+                string query = "DELETE FROM TBLB_Student WHERE rollNumber = @rollNumber";
                 int rowsAffected = await dbConnection.ExecuteAsync(query, new { RollNumber = rollNumber });
 
                 if (rowsAffected > 0)

ReactwithDotnetCore/Program.cs

@@ -1,6 +1,7 @@
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Rewrite;
 using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
 using System.Text;
 
 const string CorsPolicyName = "_myCorsPolicy";
@@ -31,7 +32,35 @@
 builder.Services.AddControllers();
 // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
 builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
+// Add Swagger
+builder.Services.AddSwaggerGen(c =>
+{
+    c.SwaggerDoc("v1", new OpenApiInfo { Title = ".Net Core API", Version = "v1" });
+
+    // Add JWT token configuration
+    c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+    {
+        Description = "JWT Authorization header using the Bearer scheme",
+        Type = SecuritySchemeType.Http,
+        Scheme = "bearer"
+    });
+
+    // Add a requirement for the token
+    c.AddSecurityRequirement(new OpenApiSecurityRequirement
+    {
+        {
+            new OpenApiSecurityScheme
+            {
+                Reference = new OpenApiReference
+                {
+                    Type = ReferenceType.SecurityScheme,
+                    Id = "Bearer"
+                }
+            },
+            Array.Empty<string>()
+        }
+    });
+});
 
 var app = builder.Build();