IdentityWebApi is a .NET 6 Web API used to manage user data and authentication in PostOShare. It depends on .NET 6 and communicates with a SQL Server database using Entity Framework core.
The following need to be available to ensure that the API and the SQL Server database can be setup:
- .NET 6
- Visual Studio 2022 or higher
- SQL Server
- SQL Server Management Studio (SSMS)
- Azure user account
Steps that can be used to setup the API are
git clone https://github.com/PostOShare/IdentityWebApi.git
cd IdentityWebApi\IdentityWebApi
dotnet restore
cd ..\EntityORM
dotnet restoreThe API and the SQL Server instance need to be published to a cloud provider to ensure that remote connections can call the API. Azure is used as the provider to publish the API and host the instance.
- MailKit
- Microsoft.AspNetCore.Authentication.JwtBearer
- Microsoft.AspNetCore.Identity.EntityFrameworkCore
- Microsoft.AspNetCore.Identity.UI
- Microsoft.EntityFrameworkCore.SqlServer
- Microsoft.EntityFrameworkCore.Tools
These dependencies are used only in development:
- Swashbuckle.AspNetCore
- Swashbuckle.AspNetCore.Annotations
This endpoint is used to check whether login details are available.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/login-identity' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "username",
"password": "password",
"registeredDate": "2024-02-28T15:01:55.693Z",
"lastLoginTime": "2024-02-28T15:01:55.693Z",
"userRole": "userRole",
"isActive": true
}'
-
200 - User exists
Sample Response
{ "refreshToken": "w0czWF0pbdd9hB4h2d1YF+I3ctdzpcfUaOmKagmsy10=", "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImdkZmdkIiwibmJmIjoxNzA5MzA0ODk5LCJleHAiOjE3MDkzMDU3OTksImlhdCI6MTcwOTMwNDg5OX0.Hw1GmtW4O245qfD11cHOCQtQ91p2inAOlm6cIjL31rU", "result": true, "error": "" } -
400 - Invalid request, Invalid username and/or password (User does not exist)
-
500 -
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }
This endpoint is used to register the user data with the given username.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/register-identity' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "user",
"password": "password",
"title": "mr.",
"firstName": "Edwin",
"lastName": "Doe",
"suffix": "",
"emailAddress": "edwar123@outlook.com",
"phone": "1234561234",
"userRole": "user"
}'
-
201 - User created
-
400 - Invalid request, Please choose a different username and/or password (User exists)
-
500 -
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }
This endpoint is used to check whether a user exists. Please note that the values for OTP and Password fields are not validated, but should be passed when making a request.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/search-identity' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "user",
"emailAddress": "edwar123@outlook.com",
"otp": 0,
"password": "password"
}'
-
200 - User exists
{ "refreshToken": "", "accessToken": "", "result": true, "error": "" } -
400 - Invalid username and/or password (User does not exist), Invalid request
-
500 - An internal error occurred
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }
This endpoint is used to generate an OTP, save the OTP to DB and send the OTP to the user's email. Please note that the values for OTP and Password fields are not validated, but should be passed when making a request.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/verify-identity' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "user",
"emailAddress": "edwar123@outlook.com",
"otp": 0,
"password": "password"
}'
-
201 - Created
-
400 - Invalid username and/or password (User does not exist), Invalid request
-
500 - An internal error occurred
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }500 - InternalServerError (Error when sending email)
This endpoint is used to check if the OTP response sent when validating a user is valid. Please note that the values for Email and Password fields are not validated, but should be passed when making a request.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/validate-passcode-identity' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "user",
"emailAddress": "edwar123@outlook.com",
"otp": 236784,
"password": "password"
}'
-
200 - OTP is valid
-
400 - Invalid username and/or password, Invalid OTP, Invalid request
-
500 - An internal error occurred
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }
This endpoint is used to update key and salt of a user based on password sent in the request. Please note that the values for Email and OTP fields are not validated, but should be passed when making a request.
curl -X 'PATCH' \
'https://localhost:7224/api/v1/auth/change-credentials-identity' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "user",
"emailAddress": "edwar123@outlook.com",
"otp": 0,
"password": "password"
}'
-
200 - Key and Salt for the user were updated
{ "refreshToken": "", "accessToken": "", "result": true, "error": "" } -
400 - Invalid request, Invalid username and/or password
-
500 - An internal error occurred
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }
This endpoint is used to create an access token based on the user's refresh token. Please note that the access token is not validated, but should be passed when making a request.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/generate-accessToken' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"refreshToken": "w0czWF0pbdd9hB4h2d1YF+I3ctdzpcfUaOmKagmsy10=",
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImdkZmdkIiwibmJmIjoxNzA5MzA0ODk5LCJleHAiOjE3MDkzMDU3OTksImlhdCI6MTcwOTMwNDg5OX0.Hw1GmtW4O245qfD11cHOCQtQ91p2inAOlm6cIjL31rU"
}'
-
201 - Access token was generated
Sample Response
{ "refreshToken": "w0czWF0pbdd9hB4h2d1YF+I3ctdzpcfUaOmKagmsy10=", "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImdkZmdkIiwibmJmIjoxNzA5NjUwMzgwLCJleHAiOjE3MDk2NTEyODAsImlhdCI6MTcwOTY1MDM4MH0.D-JUimEo_6UDQvGf_ZggyXM_XoXEIaJ6R_RErMK0qa8", "result": true, "error": "" } -
400 - Invalid request, Invalid refresh token
-
500 - An internal error occurred
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }
This endpoint is used to validate an access token. Please note that the refresh token is not validated, but should be passed when making a request.
curl -X 'POST' \
'https://localhost:7224/api/v1/auth/validate-accessToken' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"refreshToken": "w0czWF0pbdd9hB4h2d1YF+I3ctdzpcfUaOmKagmsy10=",
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImdkZmdkIiwibmJmIjoxNzA5MzA0ODk5LCJleHAiOjE3MDkzMDU3OTksImlhdCI6MTcwOTMwNDg5OX0.Hw1GmtW4O245qfD11cHOCQtQ91p2inAOlm6cIjL31rU"
}'
-
200 - Access token is valid
Sample Response
{ "refreshToken": "w0czWF0pbdd9hB4h2d1YF+I3ctdzpcfUaOmKagmsy10=", "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImdkZmdkIiwibmJmIjoxNzA5NjUwMzgwLCJleHAiOjE3MDk2NTEyODAsImlhdCI6MTcwOTY1MDM4MH0.D-JUimEo_6UDQvGf_ZggyXM_XoXEIaJ6R_RErMK0qa8", "result": true, "error": "" } -
400 - Invalid request, Invalid access token, Token is expired
-
500 - An internal error occurred
{ "refreshToken": "", "accessToken": "", "result": false, "error": "<Specific error>" }