Skip to content

new-git-pix/Products-API

BranchesTags

Repository files navigation

Product CRUD API

A secure and scalable ASP.NET Core Web API with JWT Authentication and Role-Based Authorization.

Tech Stack

  • ASP.NET Core 8 Web API
  • Entity Framework Core 8
  • SQL Server (LocalDB)
  • JWT Authentication
  • BCrypt Password Hashing
  • Swagger UI

Project Structure

ProductsAPI/ ├── Controllers/ │ ├── AuthController.cs │ └── ProductController.cs ├── Models/ │ ├── User.cs │ └── Product.cs ├── DTOs/ │ ├── RegisterDto.cs │ ├── LoginDto.cs │ ├── ProductDto.cs │ └── AuthResponseDto.cs ├── Data/ │ └── ApplicationDbContext.cs ├── Repositories/ │ ├── IAuthRepository.cs │ ├── AuthRepository.cs │ ├── IProductRepository.cs │ └── ProductRepository.cs ├── Services/ │ ├── IAuthService.cs │ ├── AuthService.cs │ ├── IProductService.cs │ └── ProductService.cs ├── Helpers/ │ └── JwtHelper.cs ├── Middleware/ │ └── ExceptionMiddleware.cs ├── appsettings.json └── Program.cs

How to Run

Prerequisites

  • Visual Studio 2022
  • .NET 8 SDK
  • SQL Server

Step 1 - Clone Repository

git clone https://github.com/new-git-pix/Products-API.git

Step 2 - Update Connection String

Open appsettings.json and update:

"ConnectionStrings": {
  "DefaultConnection": "Your SQL Server connection string here"
}

Step 3 - Create Database

Open Package Manager Console and run: Add-Migration InitialCreate Update-Database

Step 4 - Run the Project

Press F5 in Visual Studio Open https://localhost:{port}/swagger

Test Credentials

Admin User

Field Value
Email admin@test.com
Password Admin@123
Role Admin

Normal User

Field Value
Email david@gmail.com
Password David@123
Role User

How to Test APIs

Step 1 - Register Admin User

POST /api/auth/register { "username": "admin", "email": "admin@test.com", "password": "Admin@123", "role": "Admin" }

Step 2 - Copy Token from Response

Step 3 - Authorize in Swagger

Click Authorize button (top right) Enter: Bearer {paste your token here} Click Authorize then Close

Step 4 - Test Product APIs

Quick Test Guide

Login as Admin

POST /api/auth/login { "email": "admin@test.com", "password": "Admin@123" }

Login as Normal User

POST /api/auth/login { "email": "david@gmail.com", "password": "David@123" }

API Endpoints

Method Endpoint Access
POST /api/auth/register Public
POST /api/auth/login Public
GET /api/product Authenticated Users
GET /api/product/{id} Authenticated Users
POST /api/product Admin Only
PUT /api/product/{id} Admin Only
DELETE /api/product/{id} Admin Only

Access Control

Role Register Login View Products
Guest
User
Admin
Role Create Update Delete
Guest
User
Admin

Security

  • Passwords are hashed using BCrypt
  • JWT tokens expire after 2 hours
  • Role based authorization using [Authorize] attribute
  • Global exception handling middleware
    • ⚠️ Note: In production environment, JWT SecretKey should be stored in Azure Key Vault or Environment Variables, not in appsettings.json

Author

MANJU JOSE

About

ASP.NET Core Web API with JWT Authentication

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages