diff --git a/Kyoo/Kyoo.csproj b/Kyoo/Kyoo.csproj index a34be433..09edfffa 100644 --- a/Kyoo/Kyoo.csproj +++ b/Kyoo/Kyoo.csproj @@ -19,6 +19,7 @@ + diff --git a/Kyoo/Startup.cs b/Kyoo/Startup.cs index 332d6f0c..2702c410 100644 --- a/Kyoo/Startup.cs +++ b/Kyoo/Startup.cs @@ -4,6 +4,7 @@ using Kyoo.Controllers; using Kyoo.Models; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Identity; @@ -83,11 +84,11 @@ namespace Kyoo services.AddAuthorization(options => { - options.AddPolicy("Read", policy => policy.RequireClaim("read")); - options.AddPolicy("Write", policy => policy.RequireClaim("write")); - options.AddPolicy("Play", policy => policy.RequireClaim("play")); - options.AddPolicy("Download", policy => policy.RequireClaim("download")); - options.AddPolicy("Admin", policy => policy.RequireClaim("admin")); + options.AddPolicy("Read", policy => policy.RequireScope("kyoo.read").RequireClaim("read")); + options.AddPolicy("Write", policy => policy.RequireScope("kyoo.write").RequireClaim("write")); + options.AddPolicy("Play", policy => policy.RequireScope("kyoo.play").RequireClaim("play")); + options.AddPolicy("Download", policy => policy.RequireScope("kyoo.download").RequireClaim("download")); + options.AddPolicy("Admin", policy => policy.RequireScope("kyoo.admin").RequireClaim("admin")); }); services.AddScoped();