Merge pull request 'features/identity-roles' (#14) from features/identity-roles into main

Reviewed-on: #14

Newsbot.Collector.Api/Controllers/CodeProjectController.cs

@@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+using Newsbot.Collector.Api.Domain;
 using Newsbot.Collector.Domain.Models.Config;
 using Newsbot.Collector.Services.Jobs;
 
@@ -24,6 +25,7 @@ public class CodeProjectController
     }
 
     [HttpPost("check")]
+    [Authorize(Roles = Authorization.AdministratorsRole)]
     public void PullNow()
     {
         BackgroundJob.Enqueue<CodeProjectWatcherJob>(x => x.InitAndExecute(new CodeProjectWatcherJobOptions

Newsbot.Collector.Api/Controllers/RssController.cs

@@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+using Newsbot.Collector.Api.Domain;
 using Newsbot.Collector.Domain.Models.Config;
 using Newsbot.Collector.Domain.Models.Config.Sources;
 using Newsbot.Collector.Services.Jobs;
@@ -27,6 +28,7 @@ public class RssController
     }
 
     [HttpPost("check")]
+    [Authorize(Roles = Authorization.AdministratorsRole)]
     public void CheckReddit()
     {
         BackgroundJob.Enqueue<RssWatcherJob>(x => x.InitAndExecute(new RssWatcherJobOptions

Newsbot.Collector.Api/Controllers/SourcesController.cs

@@ -2,6 +2,7 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+using Newsbot.Collector.Api.Domain;
 using Newsbot.Collector.Database.Repositories;
 using Newsbot.Collector.Domain.Consts;
 using Newsbot.Collector.Domain.Dto;
@@ -199,12 +200,14 @@ public class SourcesController : ControllerBase
         return SourceDto.Convert(item);
     }
 
+    [Authorize(Roles = Authorization.AdministratorsRole)]
     [HttpPost("{id}/disable")]
     public void Disable(Guid id)
     {
         _sources.Disable(id);
     }
 
+    [Authorize(Roles = Authorization.AdministratorsRole)]
     [HttpPost("{id}/enable")]
     public void Enable(Guid id)
     {
@@ -212,6 +215,7 @@ public class SourcesController : ControllerBase
     }
 
     [HttpDelete("{id}")]
+    [Authorize(Roles = Authorization.AdministratorsRole)]
     public void Delete(Guid id, bool purgeOrphanedRecords)
     {
         _sources.Delete(id);

Newsbot.Collector.Api/Controllers/YoutubeController.cs

@@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+using Newsbot.Collector.Api.Domain;
 using Newsbot.Collector.Domain.Models.Config;
 using Newsbot.Collector.Domain.Models.Config.Sources;
 using Newsbot.Collector.Services.Jobs;
@@ -27,6 +28,7 @@ public class YoutubeController
     }
     
     [HttpPost("check")]
+    [Authorize(Policy = Authorization.AdministratorsRole)]
     public void CheckYoutube()
     {
         BackgroundJob.Enqueue<YoutubeWatcherJob>(x => x.InitAndExecute(new YoutubeWatcherJobOptions

Newsbot.Collector.Api/Controllers/v1/IdentityController.cs

@@ -1,21 +1,20 @@
-using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
+using Newsbot.Collector.Api.Domain;
 using Newsbot.Collector.Api.Domain.Requests;
 using Newsbot.Collector.Api.Domain.Response;
 using Newsbot.Collector.Api.Domain.Results;
 using Newsbot.Collector.Api.Services;
-using Newsbot.Collector.Domain.Dto;
-using Newsbot.Collector.Domain.Entities;
 
-namespace Newsbot.Collector.Api.Controllers;
+namespace Newsbot.Collector.Api.Controllers.v1;
 
 [ApiController]
-[Route("/api/account")]
-public class AccountController : ControllerBase
+[Route("/api/v1/account")]
+public class IdentityController : ControllerBase
 {
     private IIdentityService _identityService;
 
-    public AccountController(IIdentityService identityService)
+    public IdentityController(IIdentityService identityService)
     {
         _identityService = identityService;
     }
@@ -71,6 +70,21 @@ public class AccountController : ControllerBase
         return CheckIfSuccessful(response);
     }
 
+    [HttpPost("addRole")]
+    [Authorize(Roles = Authorization.AdministratorsRole)]
+    public ActionResult AddRole([FromBody] AddRoleRequest request)
+    {
+        try
+        {
+            _identityService.AddRole(request.RoleName ?? "", request.UserId ?? "");
+            return new OkResult();
+        }
+        catch (Exception ex)
+        {
+            return new BadRequestResult();
+        }
+    }
+
     private ActionResult CheckIfSuccessful(AuthenticationResult result)
     {
         if (!result.IsSuccessful)

Newsbot.Collector.Api/Controllers/v1/UserController.cs

@@ -1,16 +1,19 @@
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Newsbot.Collector.Api.Authentication;
 using Newsbot.Collector.Domain.Entities;
 using Newsbot.Collector.Domain.Interfaces;
 
-namespace Newsbot.Collector.Api.Controllers;
+namespace Newsbot.Collector.Api.Controllers.v1;
 
+[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
 [ApiController]
 [Route("api/v1/user")]
 public class UserController : Controller
 {
-    private ILogger<UserController> _logger;
-    private IUserSourceSubscription _subscription;
+    private readonly ILogger<UserController> _logger;
+    private readonly IUserSourceSubscription _subscription;
 
     public UserController(ILogger<UserController> logger, IUserSourceSubscription subscription)
     {

Newsbot.Collector.Api/Domain/Authorization.cs

@@ -0,0 +1,12 @@
+namespace Newsbot.Collector.Api.Domain;
+
+public static class Authorization
+{
+    public const string AdministratorPolicy = "Administrator";
+    public const string AdministratorClaim = "administrator";
+
+    public const string AdministratorsRole = AdministratorPolicy;
+
+    public const string UserPolicy = "User";
+    public const string UsersRole = UserPolicy;
+}

Newsbot.Collector.Api/Domain/Requests/NewRoleRequest.cs

@@ -0,0 +1,7 @@
+namespace Newsbot.Collector.Api.Domain.Requests;
+
+public class AddRoleRequest
+{
+    public string? RoleName { get; set; }
+    public string? UserId { get; set; }
+}

Newsbot.Collector.Api/Filters/ApiKeyAuthAttribute.cs

@@ -0,0 +1,32 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Newsbot.Collector.Domain.Consts;
+
+namespace Newsbot.Collector.Api.Filters;
+
+[AttributeUsage(AttributeTargets.Class| AttributeTargets.Method)]
+public class ApiKeyAuthAttribute : Attribute, IAsyncActionFilter
+{
+    private const string ApiKeyHeaderName = "X-API-KEY";
+    
+    public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
+    {
+        if (!context.HttpContext.Request.Headers.TryGetValue(ApiKeyHeaderName, out var foundKey))
+        {
+            context.Result = new BadRequestResult();
+            return;
+        }
+
+        var config = context.HttpContext.RequestServices.GetRequiredService<IConfiguration>();
+        var apiKeys = config.GetValue<string[]>(ConfigConst.ApiKeys);
+
+        foreach (var key in apiKeys ?? Array.Empty<string?>())
+        {
+            if (key != foundKey) continue;
+            await next();
+            return;
+        }
+
+        context.Result = new BadRequestResult();
+    }
+}

Newsbot.Collector.Api/Program.cs

@@ -1,26 +1,13 @@
-using System.Text;
 using Hangfire;
 using Hangfire.MemoryStorage;
 using HealthChecks.UI.Client;
-using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Diagnostics.HealthChecks;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.EntityFrameworkCore;
-using Microsoft.IdentityModel.Tokens;
-using Microsoft.OpenApi.Models;
-using Newsbot.Collector.Api;
-using Newsbot.Collector.Api.Authentication;
-using Newsbot.Collector.Api.Services;
-using Newsbot.Collector.Database;
-using Newsbot.Collector.Database.Repositories;
+using Newsbot.Collector.Api.Startup;
 using Newsbot.Collector.Domain.Consts;
-using Newsbot.Collector.Domain.Entities;
-using Newsbot.Collector.Domain.Interfaces;
 using Newsbot.Collector.Domain.Models;
 using Newsbot.Collector.Domain.Models.Config;
 using Newsbot.Collector.Domain.Models.Config.Sources;
 using Serilog;
-using Serilog.Events;
 using ILogger = Serilog.ILogger;
 
 var builder = WebApplication.CreateBuilder(args);
@@ -36,130 +23,38 @@ Log.Logger = GetLogger(config);
 Log.Information("Starting up");
 
 // configure Entity Framework
-var dbconn = config.GetConnectionString("Database");
-builder.Services.AddDbContext<DatabaseContext>(o => o.UseNpgsql(dbconn ?? ""));
-
-builder.Services.AddIdentity<IdentityUser, IdentityRole>()
-    .AddRoles<IdentityRole>()
-    .AddEntityFrameworkStores<DatabaseContext>();
-
-builder.Services.AddScoped<IArticlesRepository, ArticlesTable>();
-builder.Services.AddScoped<IDiscordQueueRepository, DiscordQueueTable>();
-builder.Services.AddScoped<IDiscordWebHooksRepository, DiscordWebhooksTable>();
-builder.Services.AddScoped<IIconsRepository, IconsTable>();
-builder.Services.AddScoped<ISourcesRepository, SourcesTable>();
-builder.Services.AddScoped<IDiscordNotificationRepository, DiscordNotificationTable>();
-builder.Services.AddScoped<IUserSourceSubscription, UserSourceSubscriptionTable>();
-builder.Services.AddScoped<IRefreshTokenRepository, RefreshTokenTable>();
-
-// Configure Identity
-builder.Services.AddScoped<IIdentityService, IdentityService>();
+// Allow the controllers to access all the table repositories based on the interface
+DatabaseStartup.BuildDatabase(builder.Services, config);
+DatabaseStartup.InjectTableClasses(builder.Services);
+DatabaseStartup.InjectIdentityService(builder.Services);
 
 // Configure Hangfire
 builder.Services.AddHangfire(f => f.UseMemoryStorage());
 builder.Services.AddHangfireServer();
 GlobalConfiguration.Configuration.UseSerilogLogProvider();
 
-// Add Health Checks
+// Build Health Checks
 builder.Services.AddHealthChecks()
     .AddNpgSql(config.GetValue<string>(ConfigConnectionStringConst.Database) ?? "");
 
 
 builder.Services.AddControllers();
 
-// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
-builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
+SwaggerStartup.ConfigureSwagger(builder.Services);
 
 builder.Services.Configure<ConnectionStrings>(config.GetSection("ConnectionStrings"));
 builder.Services.Configure<ConfigSectionConnectionStrings>(config.GetSection(ConfigSectionsConst.ConnectionStrings));
 builder.Services.Configure<ConfigSectionRssModel>(config.GetSection(ConfigSectionsConst.Rss));
 builder.Services.Configure<ConfigSectionYoutubeModel>(config.GetSection(ConfigSectionsConst.Youtube));
-//builder.Services.Configure<
-
-// Configure JWT for auth
-var jwtSettings = new JwtSettings();
-config.Bind(nameof(jwtSettings), jwtSettings);
-builder.Services.AddSingleton(jwtSettings);
-
-var tokenValidationParameters = new TokenValidationParameters
-{
-    ValidateIssuerSigningKey = true,
-    IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtSettings.Secret ?? "")),
-    ValidateIssuer = false,
-    ValidateAudience = false,
-    RequireExpirationTime = false,
-    ValidateLifetime = true
-};
-builder.Services.AddSingleton(tokenValidationParameters);    
-
-builder.Services.AddAuthentication(x =>
-{
-    x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
-    x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-    x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
-}).AddJwtBearer(x =>
-{
-    x.SaveToken = true;
-    x.TokenValidationParameters = tokenValidationParameters;
-});
-
-builder.Services.AddSwaggerGen(cfg =>
-{
-    
-    cfg.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme
-    {
-        Description = "The API key to access the API",
-        Type = SecuritySchemeType.ApiKey,
-        Name = "x-api-key",
-        In = ParameterLocation.Header,
-        Scheme = "ApiKeyScheme"
-    });
-
-    cfg.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
-    {
-        Description = "JWT Authorization Header using the bearer scheme",
-        Name = "Authorization",
-        In = ParameterLocation.Header,
-        Type = SecuritySchemeType.ApiKey
-    });
-    
-    cfg.AddSecurityRequirement(new OpenApiSecurityRequirement
-    {
-        //{
-        //    new OpenApiSecurityScheme
-        //    {
-        //        Reference = new OpenApiReference
-        //        {
-        //            Type = ReferenceType.SecurityScheme,
-        //            Id = "ApiKey"
-        //        },
-        //        In = ParameterLocation.Header
-        //    },
-        //    new List<string>()
-        //},
-        { 
-            new OpenApiSecurityScheme
-            {
-                Reference = new OpenApiReference
-                {
-                    Type = ReferenceType.SecurityScheme,
-                    Id = "Bearer"
-                },
-                Scheme = "oauth2",
-                Name = "Bearer",
-                In = ParameterLocation.Header
-            }, 
-            new List<string>()
-        }
-    });
-});
 
+IdentityStartup.DefineJwtRequirements(builder.Services, config);
 
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
-if (config.GetValue<bool>("EnableSwagger"))
+
+// Enable Swagger if requested based on config
+if (config.GetValue<bool>(ConfigConst.EnableSwagger))
 {
     app.UseSwagger();
     app.UseSwaggerUI();
@@ -167,14 +62,17 @@ if (config.GetValue<bool>("EnableSwagger"))
 
 app.UseHttpsRedirection();
 
+// Enable Hangfire background jobs
 app.UseHangfireDashboard();
 BackgroundJobs.SetupRecurringJobs(config);
 
-//app.UseAuthorization();
+app.UseAuthorization();
 app.UseAuthentication();
 
+// Add middleware
 //app.UseMiddleware<ApiKeyAuthAuthentication>();
 
+// Add HealthChecks
 app.MapHealthChecks("/health", new HealthCheckOptions
 {
     Predicate = _ => true,
@@ -182,6 +80,21 @@ app.MapHealthChecks("/health", new HealthCheckOptions
 });
 app.MapControllers();
 
+// Run Database Migrations if requested
+using var serviceScope = app.Services.CreateScope();
+if (config.GetValue<bool>(ConfigConst.RunDatabaseMigrationsOnStartup))
+{
+    await DatabaseStartup.RunDatabaseMigrationsAsync(serviceScope);
+}
+else
+{
+    Log.Warning("Database Migrations have been skipped.  Make sure you run them on your own");
+}
+
+// Inject the roles
+await DatabaseStartup.InjectIdentityRolesAsync(serviceScope);
+
+// Start the application
 app.Run();
 
 
@@ -215,4 +128,4 @@ static ILogger GetLogger(IConfiguration configuration)
                 { "service.name", "newsbot-collector-api" }
             })
         .CreateLogger();
-}
+}

Newsbot.Collector.Api/Services/IdentityService.cs

@@ -16,6 +16,7 @@ public interface IIdentityService
     AuthenticationResult Register(string email, string password);
     AuthenticationResult Login(string email, string password);
     AuthenticationResult RefreshToken(string token, string refreshToken);
+    void AddRole(string roleName, string userId);
 }
 
 public class IdentityService : IIdentityService
@@ -178,6 +179,19 @@ public class IdentityService : IIdentityService
         return GenerateJwtToken(user.Result);
     }
 
+    public void AddRole(string roleName, string userId)
+    {
+        var user = _userManager.FindByIdAsync(userId);
+        user.Wait();
+
+        if (user.Result is null)
+        {
+            throw new Exception("User was not found");
+        }
+
+        _userManager.AddToRoleAsync(user.Result, roleName);
+    }
+    
     private ClaimsPrincipal? CheckTokenSigner(string token)
     {
         var tokenHandler = new JwtSecurityTokenHandler();

Newsbot.Collector.Api/Startup/BackgroundJobs.cs

@@ -3,7 +3,7 @@ using Newsbot.Collector.Domain.Consts;
 using Newsbot.Collector.Domain.Models.Config;
 using Newsbot.Collector.Services.Jobs;
 
-namespace Newsbot.Collector.Api;
+namespace Newsbot.Collector.Api.Startup;
 
 public static class BackgroundJobs
 {

Newsbot.Collector.Api/Startup/DatabaseStartup.cs

@@ -0,0 +1,61 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.EntityFrameworkCore;
+using Newsbot.Collector.Api.Domain;
+using Newsbot.Collector.Api.Services;
+using Newsbot.Collector.Database;
+using Newsbot.Collector.Database.Repositories;
+using Newsbot.Collector.Domain.Interfaces;
+
+namespace Newsbot.Collector.Api.Startup;
+
+public class DatabaseStartup
+{
+    public static void BuildDatabase(IServiceCollection services, IConfiguration config)
+    {
+        var dbconn = config.GetConnectionString("Database");
+        services.AddDbContext<DatabaseContext>(o => o.UseNpgsql(dbconn ?? ""));
+        
+        // Add identity to our ef connection
+        services.AddIdentity<IdentityUser, IdentityRole>()
+            .AddRoles<IdentityRole>()
+            .AddEntityFrameworkStores<DatabaseContext>();
+    }
+
+    public static void InjectTableClasses(IServiceCollection services)
+    {
+        services.AddScoped<IArticlesRepository, ArticlesTable>();
+        services.AddScoped<IDiscordQueueRepository, DiscordQueueTable>();
+        services.AddScoped<IDiscordWebHooksRepository, DiscordWebhooksTable>();
+        services.AddScoped<IIconsRepository, IconsTable>();
+        services.AddScoped<ISourcesRepository, SourcesTable>();
+        services.AddScoped<IDiscordNotificationRepository, DiscordNotificationTable>();
+        services.AddScoped<IUserSourceSubscription, UserSourceSubscriptionTable>();
+        services.AddScoped<IRefreshTokenRepository, RefreshTokenTable>();
+    }
+
+    public static void InjectIdentityService(IServiceCollection services)
+    {
+        // Configure Identity
+        services.AddScoped<IIdentityService, IdentityService>();
+    }
+
+    public static async Task RunDatabaseMigrationsAsync(IServiceScope serviceScope)
+    {
+        var dbContext = serviceScope.ServiceProvider.GetRequiredService<DatabaseContext>();
+        await dbContext.Database.MigrateAsync();
+    }
+
+    public static async Task InjectIdentityRolesAsync(IServiceScope serviceScope)
+    {
+        var roleManager = serviceScope.ServiceProvider.GetRequiredService<RoleManager<IdentityRole>>();
+        if (!await roleManager.RoleExistsAsync(Authorization.AdministratorsRole))
+        {
+            await roleManager.CreateAsync(new IdentityRole(Authorization.AdministratorsRole));
+        }
+
+        if (!await roleManager.RoleExistsAsync(Authorization.UsersRole))
+        {
+            await roleManager.CreateAsync(new IdentityRole(Authorization.UsersRole));
+        }
+    }
+}

Newsbot.Collector.Api/Startup/IdentityStartup.cs

@@ -0,0 +1,50 @@
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
+using Newsbot.Collector.Api.Domain;
+using Newsbot.Collector.Domain.Models.Config;
+
+namespace Newsbot.Collector.Api.Startup;
+
+public static class IdentityStartup
+{
+    public static void DefineJwtRequirements(IServiceCollection services, IConfiguration config)
+    {
+        // Configure JWT for auth and load it into DI so we can use it in the controllers
+
+        var jwtSettings = new JwtSettings();
+        config.Bind(nameof(jwtSettings), jwtSettings);
+        services.AddSingleton(jwtSettings);
+        
+        // Configure how the Token Validation will be handled
+        var tokenValidationParameters = new TokenValidationParameters
+        {
+            ValidateIssuerSigningKey = true,
+            IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtSettings.Secret ?? "")),
+            ValidateIssuer = false,
+            ValidateAudience = false,
+            RequireExpirationTime = false,
+            ValidateLifetime = true
+        };
+        services.AddSingleton(tokenValidationParameters);
+        
+        // Build the Authentication that will be used
+        services.AddAuthentication(x =>
+        {
+            x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
+            x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+            x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+        }).AddJwtBearer(x =>
+        {
+            x.SaveToken = true;
+            x.TokenValidationParameters = tokenValidationParameters;
+        });
+        
+        // Build the Authorization Policy that the users will conform to.
+        services.AddAuthorization(options =>
+        {
+            options.AddPolicy(Authorization.AdministratorPolicy,
+                b => b.RequireClaim(Authorization.AdministratorClaim, "true"));
+        });
+    }
+}

Newsbot.Collector.Api/Startup/SwaggerStartup.cs

@@ -0,0 +1,67 @@
+using Microsoft.OpenApi.Models;
+
+namespace Newsbot.Collector.Api.Startup;
+
+public static class SwaggerStartup
+{
+    public static void ConfigureSwagger(IServiceCollection services)
+    {
+        // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
+        services.AddEndpointsApiExplorer();
+        services.AddSwaggerGen();
+
+        services.AddEndpointsApiExplorer();
+        services.AddSwaggerGen();
+
+        // Configure swagger authentication 
+        services.AddSwaggerGen(cfg =>
+        {
+            cfg.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme
+            {
+                Description = "The API key to access the API",
+                Type = SecuritySchemeType.ApiKey,
+                Name = "x-api-key",
+                In = ParameterLocation.Header,
+                Scheme = "ApiKeyScheme"
+            });
+
+            cfg.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+            {
+                Description = "JWT Authorization Header using the bearer scheme",
+                Name = "Authorization",
+                In = ParameterLocation.Header,
+                Type = SecuritySchemeType.ApiKey
+            });
+
+            cfg.AddSecurityRequirement(new OpenApiSecurityRequirement
+            {
+                //{
+                //    new OpenApiSecurityScheme
+                //    {
+                //        Reference = new OpenApiReference
+                //        {
+                //            Type = ReferenceType.SecurityScheme,
+                //            Id = "ApiKey"
+                //        },
+                //        In = ParameterLocation.Header
+                //    },
+                //    new List<string>()
+                //},
+                {
+                    new OpenApiSecurityScheme
+                    {
+                        Reference = new OpenApiReference
+                        {
+                            Type = ReferenceType.SecurityScheme,
+                            Id = "Bearer"
+                        },
+                        Scheme = "oauth2",
+                        Name = "Bearer",
+                        In = ParameterLocation.Header
+                    },
+                    new List<string>()
+                }
+            });
+        });
+    }
+}

Newsbot.Collector.Domain/Consts/ConfigConst.cs

@@ -2,6 +2,9 @@ namespace Newsbot.Collector.Domain.Consts;
 
 public class ConfigConst
 {
+    public const string RunDatabaseMigrationsOnStartup = "RunDatabaseMigrationsOnStartup";
+    public const string ApiKeys = "ApiKeys";
+    
     public const string LoggingDefault = "Logging:LogLevel:Default";
 
     public const string SectionConnectionStrings = "ConnectionStrings";

docker-compose.example.yaml

@@ -28,12 +28,14 @@ services:
   api:
     image: newsbot.collector:latest
     environment:
-      # Used for database migrations
-      GOOSE_DRIVER: "postgres"
-      GOOSE_DBSTRING: "host=localhost user=${PostgresUser} password=${PostgresPassword} dbname=${PostgresDatabaseName} sslmode=disable"
-
-      SERVER_ADDRESS: "localhost"
-
+      # This will run the migrations for you on API Startup.
+      "RunDatabaseMigrationsOnStartup": true
+      
+      # If this is false then /swagger/index.html will not be active on the API
+      EnableSwagger: true
+      
+      JwtSettings__Secret: "ThisNeedsToBeSecretAnd32CharactersLong"
+      
       Logging__LogLevel__Default: "Information"
       Logging__LogLevel__Microsoft.AspNetCore: "Warning"
       Logging__LogLevel__Hangfire: "Information"
@@ -56,6 +58,8 @@ services:
 
       # If you want to collect news on Final Fantasy XIV, set this to true
       FFXIV__IsEnabled: false
+      
+      CodeProjects__IsEnabled: true
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:5000/health"]
       interval: "1m"

global.json

@@ -0,0 +1,5 @@
+{
+  "sdk": {
+    "version": "7.0.100"
+  }
+}