AppStd/WorkFlow
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
WorkFlow/WorkFlow.API/Program.cs
Developer 02 41151593fd feat: JWT-Service mit Unterstützung für UserReadDto-Ansprüche hinzufügen 
- ToClaimDictionary-Erweiterungsmethode hinzugefügt, um die Ansprüche von UserReadDto in ein Wörterbuch zu konvertieren.
- JWT-Service konfiguriert, um Tokens mit Ansprüchen aus UserReadDto zu generieren.
- JWT-Service in die Authentifizierungskonfiguration integriert.
2024-10-25 14:51:50 +02:00

65 lines
2.4 KiB
C#
Raw Blame History

using WorkFlow.Application;
using DigitalData.UserManager.Application;
using Microsoft.EntityFrameworkCore;
using WorkFlow.Infrastructure;
using Microsoft.AspNetCore.Authentication.Cookies;
using DigitalData.Core.API;
using DigitalData.Core.Application;
using DigitalData.UserManager.Application.DTOs.User;
using Microsoft.IdentityModel.Tokens;
using WorkFlow.API.Models;
using System.Security.Claims;
var builder = WebApplication.CreateBuilder(args);
var config = builder.Configuration;
// Add services to the container.
var cnn_str = config.GetConnectionString("Default") ?? throw new ("Default connection string not found.");
builder.Services.AddDbContext<WFDBContext>(options => options.UseSqlServer(cnn_str).EnableDetailedErrors());
builder.Services.AddWorkFlow().AddUserManager<WFDBContext>();
builder.Services.AddCookieBasedLocalizer();
builder.ConfigureBySection<DirectorySearchOptions>();
builder.Services.AddDirectorySearchService();
builder.Services.AddJWTService<UserReadDto>(user => new SecurityTokenDescriptor()
{
Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object)
});
builder.Services.AddControllers();
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.Cookie.HttpOnly = true; // Makes the cookie inaccessible to client-side scripts for security
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest; // Ensures cookies are sent over HTTPS only
options.Cookie.SameSite = SameSiteMode.Strict; // Protects against CSRF attacks by restricting how cookies are sent with requests from external sites
options.LoginPath = "/api/auth/login";
options.LogoutPath = "/api/auth/logout";
options.ExpireTimeSpan = TimeSpan.FromMinutes(60); // timeout.
options.SlidingExpiration = true; //refreshes the expiration time on each request.
options.Cookie.Name = "AuthSession";
});
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.IsDevOrDiP() && app.Configuration.GetValue<bool>("EnableSwagger"))
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.UseCookieBasedLocalizer("de-DE");
app.MapControllers();
app.Run();
Reference in New Issue View Git Blame Copy Permalink