Merge pull request #67 from LD-Reborn/66-bugfix-swagger-and-other-endpoints-visible-outside-of-development-environment

Added authorization to controllers, added environment check to swagge…

src/Controllers/AssetsController.cs

@@ -3,7 +3,9 @@ using Berufsschule_HAM.Models;
 using Berufsschule_HAM.Services;
 using System.Text.Json;
 using Novell.Directory.Ldap;
+using Microsoft.AspNetCore.Authorization;
 
+[Authorize]
 [Route("[controller]")]
 public class AssetsController : Controller
 {

src/Controllers/GroupsController.cs

@@ -3,7 +3,9 @@ using Microsoft.AspNetCore.Mvc;
 using Novell.Directory.Ldap;
 using Berufsschule_HAM.Models;
 using System.Text.Json;
+using Microsoft.AspNetCore.Authorization;
 
+[Authorize]
 [Route("[controller]")]
 public class GroupsController : Controller
 {

src/Controllers/LocationsController.cs

@@ -2,7 +2,9 @@ using Berufsschule_HAM.Services;
 using Berufsschule_HAM.Models;
 using Microsoft.AspNetCore.Mvc;
 using System.Text.Json;
+using Microsoft.AspNetCore.Authorization;
 
+[Authorize]
 [Route("[controller]")]
 public class LocationsController : Controller
 {

src/Controllers/UsersController.cs

@@ -5,7 +5,9 @@ using Novell.Directory.Ldap;
 using Berufsschule_HAM.Models;
 using System.Security.Cryptography;
 using System.Text;
+using Microsoft.AspNetCore.Authorization;
 
+[Authorize]
 [Route("[controller]")]
 public class UsersController : Controller
 {

src/Program.cs

@@ -53,8 +53,11 @@ if (!app.Environment.IsDevelopment())
 }
 
 app.UseElmah();
+if (app.Environment.IsDevelopment())
+{
     app.UseSwagger();
     app.UseSwaggerUI();
+}
 
 app.UseStaticFiles();
 app.UseRouting();
@@ -71,7 +74,8 @@ app.MapControllerRoute(
     name: "default",
     pattern: "{controller=Home}/{action=Index}/{id?}");
 
-app.MapHealthChecks("/healthz");
+app.MapHealthChecks("/healthz")
+    .RequireAuthorization();
 
 // Run migrations
 using var scope = app.Services.CreateScope();