M1: Identity & access — members, RBAC, JWT auth, invitations
Adds the access foundation everything else enforces against. SharedKernel (shared access contracts, no Identity dependency for consumers): - ScopeRef/ScopeType, RoleType, Capability, AccessPolicy (role x capability matrix), ICurrentUser, IPermissionService (scope-chain evaluation). Identity module: - Member, Membership, Invitation entities; internal IdentityDbContext (schema "identity") + InitialIdentity migration; design-time factory. - JWT auth (HS256) issuing membership claims; PasswordHasher<Member>; CurrentUser (claims -> ICurrentUser) and PermissionService implementations. - Public IMemberDirectory contract for other modules to resolve member display info. - Endpoints: POST /bootstrap (first owner), /auth/login, GET /me, POST /invitations, POST /invitations/accept. Owner-only actions enforced via IPermissionService. - Web host wires UseAuthentication/UseAuthorization and string-enum JSON. Verified: build green; ArchitectureTests 8/8 (Identity references only SharedKernel); IntegrationTests 11/11 incl. a new end-to-end flow — bootstrap -> login -> /me -> invite -> accept -> login as invitee, and a Member is 403'd from inviting. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
@@ -19,6 +19,13 @@
|
||||
<PackageVersion Include="Pgvector.EntityFrameworkCore" Version="0.3.0" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup Label="Identity / auth">
|
||||
<PackageVersion Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.8" />
|
||||
<PackageVersion Include="Microsoft.Extensions.Identity.Core" Version="10.0.8" />
|
||||
<PackageVersion Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.19.1" />
|
||||
<PackageVersion Include="Microsoft.IdentityModel.Tokens" Version="8.19.1" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup Label="Web / API">
|
||||
<PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="10.0.8" />
|
||||
<PackageVersion Include="Microsoft.Extensions.Diagnostics.HealthChecks.EntityFrameworkCore" Version="10.0.8" />
|
||||
|
||||
Reference in New Issue
Block a user