Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
AngularASPNETCore2WebApiAuth/src/Startup.cs
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
151 lines (126 sloc)
5.46 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Net; | |
| using System.Text; | |
| using AngularASPNETCore2WebApiAuth.Auth; | |
| using AngularASPNETCore2WebApiAuth.Data; | |
| using AngularASPNETCore2WebApiAuth.Extensions; | |
| using AngularASPNETCore2WebApiAuth.Helpers; | |
| using AngularASPNETCore2WebApiAuth.Models; | |
| using AngularASPNETCore2WebApiAuth.Models.Entities; | |
| using Microsoft.AspNetCore.Builder; | |
| using Microsoft.AspNetCore.Hosting; | |
| using Microsoft.EntityFrameworkCore; | |
| using Microsoft.Extensions.Configuration; | |
| using Microsoft.Extensions.DependencyInjection; | |
| using AutoMapper; | |
| using FluentValidation.AspNetCore; | |
| using Microsoft.AspNetCore.Authentication.JwtBearer; | |
| using Microsoft.AspNetCore.Diagnostics; | |
| using Microsoft.AspNetCore.Http; | |
| using Microsoft.AspNetCore.Identity; | |
| using Microsoft.Extensions.DependencyInjection.Extensions; | |
| using Microsoft.IdentityModel.Tokens; | |
| namespace AngularASPNETCore2WebApiAuth | |
| { | |
| public class Startup | |
| { | |
| private const string SecretKey = "iNivDmHLpUA223sqsfhqGbMRdRj1PVkH"; // todo: get this from somewhere secure | |
| private readonly SymmetricSecurityKey _signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(SecretKey)); | |
| public Startup(IConfiguration configuration) | |
| { | |
| Configuration = configuration; | |
| } | |
| public IConfiguration Configuration { get; } | |
| // This method gets called by the runtime. Use this method to add services to the container. | |
| public void ConfigureServices(IServiceCollection services) | |
| { | |
| // Add framework services. | |
| services.AddDbContext<ApplicationDbContext>(options => | |
| options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"), | |
| b => b.MigrationsAssembly("AngularASPNETCore2WebApiAuth"))); | |
| services.AddSingleton<IJwtFactory, JwtFactory>(); | |
| // Register the ConfigurationBuilder instance of FacebookAuthSettings | |
| services.Configure<FacebookAuthSettings>(Configuration.GetSection(nameof(FacebookAuthSettings))); | |
| services.TryAddTransient<IHttpContextAccessor, HttpContextAccessor>(); | |
| // jwt wire up | |
| // Get options from app settings | |
| var jwtAppSettingOptions = Configuration.GetSection(nameof(JwtIssuerOptions)); | |
| // Configure JwtIssuerOptions | |
| services.Configure<JwtIssuerOptions>(options => | |
| { | |
| options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)]; | |
| options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)]; | |
| options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256); | |
| }); | |
| var tokenValidationParameters = new TokenValidationParameters | |
| { | |
| ValidateIssuer = true, | |
| ValidIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)], | |
| ValidateAudience = true, | |
| ValidAudience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)], | |
| ValidateIssuerSigningKey = true, | |
| IssuerSigningKey = _signingKey, | |
| RequireExpirationTime = false, | |
| ValidateLifetime = true, | |
| ClockSkew = TimeSpan.Zero | |
| }; | |
| services.AddAuthentication(options => | |
| { | |
| options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; | |
| options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; | |
| }).AddJwtBearer(configureOptions => | |
| { | |
| configureOptions.ClaimsIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)]; | |
| configureOptions.TokenValidationParameters = tokenValidationParameters; | |
| configureOptions.SaveToken = true; | |
| }); | |
| // api user claim policy | |
| services.AddAuthorization(options => | |
| { | |
| options.AddPolicy("ApiUser", policy => policy.RequireClaim(Constants.Strings.JwtClaimIdentifiers.Rol, Constants.Strings.JwtClaims.ApiAccess)); | |
| }); | |
| // add identity | |
| var builder = services.AddIdentityCore<AppUser>(o => | |
| { | |
| // configure identity options | |
| o.Password.RequireDigit = false; | |
| o.Password.RequireLowercase = false; | |
| o.Password.RequireUppercase = false; | |
| o.Password.RequireNonAlphanumeric = false; | |
| o.Password.RequiredLength = 6; | |
| }); | |
| builder = new IdentityBuilder(builder.UserType, typeof(IdentityRole), builder.Services); | |
| builder.AddEntityFrameworkStores<ApplicationDbContext>().AddDefaultTokenProviders(); | |
| services.AddAutoMapper(); | |
| services.AddMvc().AddFluentValidation(fv => fv.RegisterValidatorsFromAssemblyContaining<Startup>()); | |
| } | |
| // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. | |
| public void Configure(IApplicationBuilder app, IHostingEnvironment env) | |
| { | |
| if (env.IsDevelopment()) | |
| { | |
| app.UseDeveloperExceptionPage(); | |
| } | |
| app.UseExceptionHandler( | |
| builder => | |
| { | |
| builder.Run( | |
| async context => | |
| { | |
| context.Response.StatusCode = (int)HttpStatusCode.InternalServerError; | |
| context.Response.Headers.Add("Access-Control-Allow-Origin", "*"); | |
| var error = context.Features.Get<IExceptionHandlerFeature>(); | |
| if (error != null) | |
| { | |
| context.Response.AddApplicationError(error.Error.Message); | |
| await context.Response.WriteAsync(error.Error.Message).ConfigureAwait(false); | |
| } | |
| }); | |
| }); | |
| app.UseAuthentication(); | |
| app.UseDefaultFiles(); | |
| app.UseStaticFiles(); | |
| app.UseMvc(); | |
| } | |
| } | |
| } |