From c7d2eeb87b0bf7af58e9a4f1115df3709ee207d2 Mon Sep 17 00:00:00 2001
From: Byakuya <dylan.pischedda@hotmail.com>
Date: Sun, 3 Aug 2025 17:34:34 +0200
Subject: [PATCH] Modification du Progam

---
 Program.cs                             | 14 ++++++-
 Services/BasicAuthenticationHandler.cs | 52 ++++++++++++++++++++++++++
 2 files changed, 65 insertions(+), 1 deletion(-)
 create mode 100644 Services/BasicAuthenticationHandler.cs

diff --git a/Program.cs b/Program.cs
index 4326cf5..06984ba 100644
--- a/Program.cs
+++ b/Program.cs
@@ -1,5 +1,7 @@
 using administration.Models;
 using administration.Services;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.EntityFrameworkCore;
 using static DBConnectionController;
 
@@ -62,8 +64,18 @@ namespace administration
             app.UseRouting();
             app.UseCors("AllowFrontend");
             app.UseSession();
-            app.UseAuthorization();
 
+            builder.Services.AddAuthentication("BasicAuthentication")
+    .AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler>("BasicAuthentication", null);
+
+            app.UseAuthentication();
+
+            builder.Services.AddAuthorization(options =>
+            {
+                options.FallbackPolicy = new AuthorizationPolicyBuilder()
+                    .RequireAuthenticatedUser()
+                    .Build();
+            });
             // Route par défaut
             app.MapControllerRoute(
                 name: "default",
diff --git a/Services/BasicAuthenticationHandler.cs b/Services/BasicAuthenticationHandler.cs
new file mode 100644
index 0000000..df843ee
--- /dev/null
+++ b/Services/BasicAuthenticationHandler.cs
@@ -0,0 +1,52 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Options;
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Text;
+using System.Text.Encodings.Web;
+
+namespace administration.Services
+{
+    public class BasicAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
+    {
+        public BasicAuthenticationHandler(
+            IOptionsMonitor<AuthenticationSchemeOptions> options,
+            ILoggerFactory logger,
+            UrlEncoder encoder,
+            ISystemClock clock
+        ) : base(options, logger, encoder, clock) { }
+
+        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
+        {
+            if (!Request.Headers.ContainsKey("Authorization"))
+                return Task.FromResult(AuthenticateResult.Fail("Missing Authorization Header"));
+
+            try
+            {
+                var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
+                var credentialBytes = Convert.FromBase64String(authHeader.Parameter ?? "");
+                var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
+                var username = credentials[0];
+                var password = credentials[1];
+
+                // 🔐 Valide ici tes identifiants
+                if (username != "admin" || password != Environment.GetEnvironmentVariable("DB_PASSWORD"))
+                    return Task.FromResult(AuthenticateResult.Fail("Invalid Username or Password"));
+
+                var claims = new[] {
+                    new Claim(ClaimTypes.NameIdentifier, username),
+                    new Claim(ClaimTypes.Name, username),
+                };
+                var identity = new ClaimsIdentity(claims, Scheme.Name);
+                var principal = new ClaimsPrincipal(identity);
+                var ticket = new AuthenticationTicket(principal, Scheme.Name);
+
+                return Task.FromResult(AuthenticateResult.Success(ticket));
+            }
+            catch
+            {
+                return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header"));
+            }
+        }
+    }
+}