diff --git a/WorkFlow.API/Controllers/PlaceHolderAuthController.cs b/WorkFlow.API/Controllers/PlaceHolderAuthController.cs index c233eca..651cdc3 100644 --- a/WorkFlow.API/Controllers/PlaceHolderAuthController.cs +++ b/WorkFlow.API/Controllers/PlaceHolderAuthController.cs @@ -7,7 +7,7 @@ namespace WorkFlow.API.Controllers; //TODO: implement up-to-date AuthController in UserManager [APIKeyAuth] -[Route("Auth")] +[Route("api/Auth")] [ApiController] [Tags("Auth")] public class PlaceholderAuthController : ControllerBase diff --git a/WorkFlow.API/Program.cs b/WorkFlow.API/Program.cs index 90423c1..e657377 100644 --- a/WorkFlow.API/Program.cs +++ b/WorkFlow.API/Program.cs @@ -57,8 +57,12 @@ try var authTokenKeys = config.GetSection(nameof(AuthTokenKeys)).Get() ?? new(); - builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) - .AddJwtBearer(opt => + builder.Services.AddAuthentication(options => + { + options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; + options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; + }) + .AddJwtBearer(opt => { opt.TokenValidationParameters = new TokenValidationParameters { @@ -93,6 +97,30 @@ try builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(setupAct => { + setupAct.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme + { + Description = "JWT Authorization header using the Bearer scheme. Example: \"Bearer {token}\"", + Name = "Authorization", + In = ParameterLocation.Header, + Type = SecuritySchemeType.Http, + Scheme = "Bearer" + }); + + setupAct.AddSecurityRequirement(new OpenApiSecurityRequirement + { + { + new OpenApiSecurityScheme + { + Reference = new OpenApiReference + { + Type = ReferenceType.SecurityScheme, + Id = "Bearer" + } + }, + Array.Empty() + } + }); + if (!disableAPIKeyAuth) setupAct.OperationFilter();