I have a simple backend app. I have and endpoint called /notes for fetching notes. I have added RequireAuthorization() to it but I can't authorize the users. I have written the login and signup endpoints myself so that they send JWT tokens.
This is where I setup auth:
void ConfigAuth(WebApplicationBuilder builder)
{
builder.Services.AddIdentityApiEndpoints<User>().AddEntityFrameworkStores<MyDBContext>();
builder.Services.AddAuthentication().AddJwtBearer();
builder.Services.AddAuthorization();
builder
.Services
.AddAuthorizationBuilder()
.AddPolicy("admin", policy => policy.RequireRole("admin"))
.AddDefaultPolicy("user", policy => policy.RequireAuthenticatedUser());
}
This is the error I get after calling /notes route with authorization header:
Microsoft.Extensions.DependencyInjection.IdentityServiceCollectionExtensions+CompositeIdentityHandler[7]
Identity.BearerAndApplication was not authenticated. Failure message: Unprotected token failed
This is how I implement login: Link
Here is the link to my code in github: https://github.com/OmidNejadabbasi/notit-backend