feat: implement authentication flow and dynamic API configuration #5
This commit is contained in:
Marek Lesko
@@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Authorization;
|
||||
namespace Api.Controllers
|
||||
{
|
||||
[ApiController]
|
||||
//[Authorize]
|
||||
[Authorize]
|
||||
[Route("api/product")]
|
||||
public class ProductController : ControllerBase
|
||||
{
|
||||
|
||||
@@ -8,6 +8,8 @@ namespace Api
|
||||
{
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Api.Models;
|
||||
using Microsoft.AspNetCore.Rewrite;
|
||||
|
||||
public static class Program
|
||||
{
|
||||
public static void Main(string[] args)
|
||||
@@ -22,12 +24,7 @@ namespace Api
|
||||
})
|
||||
.AddJwtBearer(options =>
|
||||
{
|
||||
// options.Events = new JwtBearerEvents
|
||||
// {
|
||||
// OnTokenValidated = context => Task.CompletedTask,
|
||||
// OnChallenge = context => Task.CompletedTask
|
||||
// };
|
||||
|
||||
|
||||
options.Authority = builder.Configuration["Authentication:PocketId:Authority"];
|
||||
options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
|
||||
{
|
||||
@@ -61,47 +58,43 @@ namespace Api
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
// Configure the HTTP request pipeline.
|
||||
app.UseSwagger();
|
||||
app.UseSwaggerUI();
|
||||
|
||||
// app.Use(async (context, next) =>
|
||||
// {
|
||||
// if (context.Request.Method == HttpMethods.Options)
|
||||
// {
|
||||
// context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
|
||||
// context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
|
||||
// context.Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type");
|
||||
// context.Response.StatusCode = StatusCodes.Status204NoContent;
|
||||
// return;
|
||||
// }
|
||||
|
||||
// await next();
|
||||
// });
|
||||
if (!app.Environment.IsDevelopment())
|
||||
{
|
||||
app.UseHttpsRedirection();
|
||||
}
|
||||
|
||||
if (!app.Environment.IsDevelopment())
|
||||
var routes = new[] { "api", "swagger" };
|
||||
var rewriteString = String.Join("|", routes);
|
||||
var rewriteOptions = new RewriteOptions()
|
||||
.AddRewrite(@$"^(?!.*?\b({rewriteString}))^(?!.*?\.\b(jpg|jpeg|png|svg|ttf|woff|woff2|html|js|json|css|ico))", "index.html", false);
|
||||
app.UseRewriter(rewriteOptions);
|
||||
|
||||
|
||||
if (app.Environment.IsDevelopment())
|
||||
{
|
||||
var currentDirectory = Directory.GetCurrentDirectory();
|
||||
var staticFilePath = Path.Combine(currentDirectory,"../Web/dist/Web/browser");
|
||||
app.UseDefaultFiles(new DefaultFilesOptions
|
||||
{
|
||||
FileProvider = new Microsoft.Extensions.FileProviders.PhysicalFileProvider(staticFilePath),
|
||||
DefaultFileNames = new List<string> { "index.html" }
|
||||
});
|
||||
app.UseStaticFiles(new StaticFileOptions
|
||||
{
|
||||
FileProvider = new Microsoft.Extensions.FileProviders.PhysicalFileProvider(staticFilePath),
|
||||
RequestPath = ""
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
app.UseDefaultFiles(); // Uses wwwroot by default
|
||||
app.UseStaticFiles();
|
||||
// Angular routing fallback for production
|
||||
app.Use(async (context, next) =>
|
||||
{
|
||||
await next();
|
||||
var path = context.Request.Path.Value ?? string.Empty;
|
||||
if (context.Response.StatusCode == 404 &&
|
||||
!System.IO.Path.HasExtension(path) &&
|
||||
!path.StartsWith("/api"))
|
||||
{
|
||||
context.Request.Path = "/index.html";
|
||||
await next();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
app.UseCors("AllowAll");
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
Reference in New Issue
Block a user