diff --git a/EnvelopeGenerator.API/Controllers/AuthController.cs b/EnvelopeGenerator.API/Controllers/AuthController.cs index f47bfdfe..64f2edc6 100644 --- a/EnvelopeGenerator.API/Controllers/AuthController.cs +++ b/EnvelopeGenerator.API/Controllers/AuthController.cs @@ -34,7 +34,7 @@ public partial class AuthController(IOptions authTokenKeyOptions) /// Wenn es kein zugelassenes Cookie gibt, wird „nicht zugelassen“ zurückgegeben. [ProducesResponseType(typeof(string), StatusCodes.Status200OK, "text/javascript")] [ProducesResponseType(typeof(void), StatusCodes.Status401Unauthorized)] - [Authorize(Policy = AuthorizationPolicies.SenderOrReceiverFullyAuth)] + [Authorize(Policy = AuthPolicy.SenderOrReceiverFullyAuth)] [HttpPost("logout")] public async Task Logout() { @@ -56,7 +56,7 @@ public partial class AuthController(IOptions authTokenKeyOptions) [ProducesResponseType(typeof(void), StatusCodes.Status200OK)] [ProducesResponseType(typeof(void), StatusCodes.Status401Unauthorized)] [HttpGet("check")] - [Authorize(Policy = AuthorizationPolicies.SenderOrReceiverFullyAuth)] + [Authorize(Policy = AuthPolicy.SenderOrReceiverFullyAuth)] public IActionResult Check([FromQuery] string role) => User.IsInRole(role) ? Ok() : Unauthorized(); /// diff --git a/EnvelopeGenerator.API/Controllers/TfaRegistrationController.cs b/EnvelopeGenerator.API/Controllers/TfaRegistrationController.cs index ccfefa28..c391429d 100644 --- a/EnvelopeGenerator.API/Controllers/TfaRegistrationController.cs +++ b/EnvelopeGenerator.API/Controllers/TfaRegistrationController.cs @@ -111,7 +111,7 @@ public class TfaRegistrationController : ControllerBase /// /// Logs out the envelope receiver from cookie authentication. /// - [Authorize(Policy = AuthorizationPolicies.ReceiverFullyAuth)] + [Authorize(Policy = AuthPolicy.ReceiverFullyAuth)] [HttpPost("auth/logout")] public async Task LogOutAsync() { diff --git a/EnvelopeGenerator.API/Program.cs b/EnvelopeGenerator.API/Program.cs index 87168775..8750ac5c 100644 --- a/EnvelopeGenerator.API/Program.cs +++ b/EnvelopeGenerator.API/Program.cs @@ -178,9 +178,9 @@ try }); builder.Services.AddAuthorizationBuilder() - .AddPolicy(AuthorizationPolicies.SenderOrReceiverFullyAuth, policy => + .AddPolicy(AuthPolicy.SenderOrReceiverFullyAuth, policy => policy.RequireRole(Role.Sender, Role.Receiver.FullyAuth)) - .AddPolicy(AuthorizationPolicies.ReceiverFullyAuth, policy => + .AddPolicy(AuthPolicy.ReceiverFullyAuth, policy => policy.RequireRole(Role.Receiver.FullyAuth)); // User manager diff --git a/EnvelopeGenerator.Domain/Constants/AuthorizationPolicies.cs b/EnvelopeGenerator.Domain/Constants/AuthPolicy.cs similarity index 82% rename from EnvelopeGenerator.Domain/Constants/AuthorizationPolicies.cs rename to EnvelopeGenerator.Domain/Constants/AuthPolicy.cs index 6e88e3ee..2ebc8887 100644 --- a/EnvelopeGenerator.Domain/Constants/AuthorizationPolicies.cs +++ b/EnvelopeGenerator.Domain/Constants/AuthPolicy.cs @@ -1,6 +1,6 @@ namespace EnvelopeGenerator.Domain.Constants { - public static class AuthorizationPolicies + public static class AuthPolicy { public const string SenderOrReceiverFullyAuth = "SenderOrReceiverFullyAuth"; public const string ReceiverFullyAuth = "ReceiverFullyAuth";