scaffold auth api infrastructure (doesn't work)
Some checks failed
Build and Deploy API / build-and-deploy (push) Failing after 14s
Some checks failed
Build and Deploy API / build-and-deploy (push) Failing after 14s
This commit is contained in:
@@ -1,16 +1,41 @@
|
||||
|
||||
using Microsoft.AspNetCore.HttpOverrides;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.Text;
|
||||
|
||||
using agologumApi.Services;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
var key = builder.Configuration["Jwt:Key"];
|
||||
if(key == null) return;
|
||||
|
||||
builder.Services.AddDbContext<AppDbContext>(options =>
|
||||
options.UseNpgsql(builder.Configuration.GetConnectionString("DefaultConnection")));
|
||||
|
||||
builder.Services.AddControllers();
|
||||
|
||||
// services
|
||||
builder.Services.AddScoped<UserService>();
|
||||
builder.Services.AddScoped<JwtService>();
|
||||
|
||||
// configuration for jwt authentication
|
||||
builder.Services.AddAuthentication(options => {
|
||||
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
}).AddJwtBearer(options => {
|
||||
options.TokenValidationParameters = new TokenValidationParameters {
|
||||
ValidateIssuer = false,
|
||||
ValidateAudience = false,
|
||||
ValidateLifetime = true,
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key))
|
||||
};
|
||||
});
|
||||
|
||||
builder.Services.AddAuthorization();
|
||||
|
||||
// configuration for behind my nginx proxy
|
||||
builder.Services.Configure<ForwardedHeadersOptions>(options =>
|
||||
@@ -41,10 +66,17 @@ builder.Services.AddCors(options =>
|
||||
builder.Services.AddEndpointsApiExplorer();
|
||||
builder.Services.AddSwaggerGen();
|
||||
|
||||
// https://www.reddit.com/r/dotnet/comments/1h7vzbs/how_do_you_guys_handle_authorization_on_a_web_api/
|
||||
// add authorization here
|
||||
// controllers will have endpoints based on authorization
|
||||
// frontend is a different story
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
app.UseForwardedHeaders();
|
||||
app.UseCors("dev");
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
// Configure the HTTP request pipeline.
|
||||
if (app.Environment.IsEnvironment("Development")) {
|
||||
|
||||
Reference in New Issue
Block a user