Implements authorisation in the app based on our three current user types: admins, mods, and users. All controller actions now default to requiring authenticated users unless explicitly given the [AllowAnonymous] attribute. Also, actions requiring specific authZ will have an [Authorize(Policy = <UserType>)] attribute. These are handled by the UserTypeAuthorizationHandler class.
Todo:
[x] Tests tests tests
[x] Figure out how to trigger Forbiddens when authZ handler fails
[x] Make _jwtValidationParams take from a singleton
[x] Rebase this onto PR/main that has Admin property on Users
Closes: #52.
Implements authorisation in the app based on our three current user types: admins, mods, and users. All controller actions now default to requiring authenticated users unless explicitly given the
[AllowAnonymous]attribute. Also, actions requiring specific authZ will have an[Authorize(Policy = <UserType>)]attribute. These are handled by theUserTypeAuthorizationHandlerclass.Todo:
_jwtValidationParamstake from a singletonAdminproperty on Users