Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fixed security issue
  • Loading branch information
Badea741 committed Sep 22, 2022
1 parent b7605bb commit 2a06fcf
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 19 deletions.
8 changes: 4 additions & 4 deletions Soccer.Api/Controllers/AuthController.cs
Expand Up @@ -12,7 +12,7 @@
namespace Soccer.Api.Controllers;
[ApiController]
[Route("[controller]/[action]")]
[Authorize(AuthenticationSchemes = "Bearer")]
// [Authorize(AuthenticationSchemes = "Bearer")]
public class AuthController : ControllerBase
{
private readonly IAuthentication<ApplicationUser> _auth;
Expand Down Expand Up @@ -64,7 +64,7 @@ public async Task<IActionResult> ResetPassword(string username, string token, st
return BadRequest(results);
return Ok(results);
}
[Authorize(Roles = Roles.User)]
[Authorize(Roles = Roles.Admin)]
[HttpPost]
public async Task<IActionResult> AddUserToRole([FromQuery] string username, string role)
{
Expand All @@ -83,7 +83,7 @@ public async Task<IActionResult> RemoveUserFromRole([FromQuery] string username,
return BadRequest(results);
return Ok(results);
}
// [Authorize(Roles = Roles.Admin)]
[Authorize(Roles = Roles.Admin)]
[HttpGet]
public IActionResult GetUsers()
{
Expand All @@ -92,7 +92,7 @@ public IActionResult GetUsers()
return BadRequest(results);
return Ok(results.Select(u => _mapper.Map<ApplicationUserDto>(u)));
}
// [Authorize(Roles = Roles.Admin)]
[Authorize(Roles = Roles.Admin)]
[HttpGet]
public async Task<IActionResult> GetUsersInRoles([FromQuery] string role)
{
Expand Down
4 changes: 3 additions & 1 deletion SoccerProject.code-workspace
Expand Up @@ -43,5 +43,7 @@
"path": "Soccer.Shared/AutoMapperProfiles"
}
],
"settings": {}
"settings": {
"liveServer.settings.multiRootWorkspaceName": "SoccerProject"
}
}
Expand Up @@ -6,7 +6,7 @@ public partial class Authentication<TUser> where TUser : IdentityUser
{
public List<TUser> GetAllUsers()
{
return _userManager.Users.ToList();
return _userManager.Users.AsParallel().ToList();
}
public virtual async Task<List<TUser>> GetUsersInRoleAsync(string role)
{
Expand All @@ -15,6 +15,6 @@ public virtual async Task<List<TUser>> GetUsersInRoleAsync(string role)


var users = await _userManager.GetUsersInRoleAsync(role);
return users.ToList();
return users.AsParallel().ToList();
}
}
27 changes: 15 additions & 12 deletions docker-compose.yml
Expand Up @@ -4,33 +4,36 @@ version: '3.8'

services:
server:
# image: soccerapi:dev
image: soccerapi:dev
build:
context: .
dockerfile: Soccer.Api/Dockerfile
ports:
- 5000:5000
depends_on:
- seq
- db
# - db
environment:
- SimpleProperty="Hello from docker compose"
- ConnectionStrings__DefaultConnection=Server=db;Database=SoccerDb;Username=root;Password=2510203121;
- Debug:ShowHost=true
# - Seq="http://seq:5341"
networks:
- server-database
volumes:
- .:/src
deploy:
replicas: 6
entrypoint: dotnet run

seq:
image: datalust/seq:latest
environment:
- ACCEPT_EULA=Y
ports:
- 5343:80
networks:
- server-database
- 5344:80
# networks:
# - server-database

db:
image: mysql/mysql-server:latest
Expand All @@ -39,17 +42,17 @@ services:
- MYSQL_DATABASE=SoccerDb
- MYSQL_USER=root
- MYSQL_PASSWORD=2510203121
volumes:
- dbvolume4:/var/lib/mysql
- ./_MySQL_Init_Script:/docker-entrypoint-initdb.d
# volumes:
# - dbvolume4:/var/lib/mysql
# - ./_MySQL_Init_Script:/docker-entrypoint-initdb.d

networks:
- server-database
# networks:
# - server-database
# ports:
# - 3306:3306

volumes:
dbvolume4:
# volumes:
# dbvolume4:
networks:
server-database:
driver: bridge

0 comments on commit 2a06fcf

Please sign in to comment.