Authorize API

src/GameIdeas/Server/GameIdeas.WebAPI/Controllers/GameController.cs

@@ -1,5 +1,7 @@
-using GameIdeas.Shared.Dto;
+using GameIdeas.Shared.Constants;
+using GameIdeas.Shared.Dto;
 using GameIdeas.WebAPI.Services.Games;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GameIdeas.WebAPI.Controllers;
@@ -42,6 +44,7 @@ public class GameController(
         }
     }
 
+    [Authorize(Roles = GlobalConstants.ADMIN_MEMBER)]
     [HttpPost("Create")]
     public async Task<ActionResult<int>> CreateGame([FromBody] GameDetailDto game)
     {
@@ -57,6 +60,7 @@ public class GameController(
         }
     }
 
+    [Authorize(Roles = GlobalConstants.ADMIN_MEMBER)]
     [HttpPut("Update")]
     public async Task<ActionResult<int>> UpdateGame([FromBody] GameDetailDto game)
     {
@@ -72,6 +76,7 @@ public class GameController(
         }   
     }
 
+    [Authorize(Roles = GlobalConstants.ADMIN_MEMBER)]
     [HttpDelete("Delete/{id:int}")]
     public async Task<ActionResult<bool>> DeleteGame(int id)
     {

src/GameIdeas/Server/GameIdeas.WebAPI/Services/Users/UserService.cs

@@ -28,6 +28,7 @@ public class UserService(UserManager<User> userManager) : IUserService
         List<Claim> authClaims =
         [
             new Claim(ClaimTypes.Name, user.UserName ?? string.Empty),
+            new Claim(ClaimTypes.Sid, user.Id),
             new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
         ];