features/identity-roles #14

Merged
jtom38 merged 11 commits from features/identity-roles into main 2023-07-23 16:24:22 -07:00
Showing only changes of commit 712ce4f4da - Show all commits

View File

@ -10,6 +10,7 @@ using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models; using Microsoft.OpenApi.Models;
using Newsbot.Collector.Api; using Newsbot.Collector.Api;
using Newsbot.Collector.Api.Authentication; using Newsbot.Collector.Api.Authentication;
using Newsbot.Collector.Api.Domain;
using Newsbot.Collector.Api.Services; using Newsbot.Collector.Api.Services;
using Newsbot.Collector.Database; using Newsbot.Collector.Database;
using Newsbot.Collector.Database.Repositories; using Newsbot.Collector.Database.Repositories;
@ -39,10 +40,12 @@ Log.Information("Starting up");
var dbconn = config.GetConnectionString("Database"); var dbconn = config.GetConnectionString("Database");
builder.Services.AddDbContext<DatabaseContext>(o => o.UseNpgsql(dbconn ?? "")); builder.Services.AddDbContext<DatabaseContext>(o => o.UseNpgsql(dbconn ?? ""));
// Configure how Identity will be managed
builder.Services.AddIdentity<IdentityUser, IdentityRole>() builder.Services.AddIdentity<IdentityUser, IdentityRole>()
.AddRoles<IdentityRole>() .AddRoles<IdentityRole>()
.AddEntityFrameworkStores<DatabaseContext>(); .AddEntityFrameworkStores<DatabaseContext>();
// Allow the controllers to access all the table repositories based on the interface
builder.Services.AddScoped<IArticlesRepository, ArticlesTable>(); builder.Services.AddScoped<IArticlesRepository, ArticlesTable>();
builder.Services.AddScoped<IDiscordQueueRepository, DiscordQueueTable>(); builder.Services.AddScoped<IDiscordQueueRepository, DiscordQueueTable>();
builder.Services.AddScoped<IDiscordWebHooksRepository, DiscordWebhooksTable>(); builder.Services.AddScoped<IDiscordWebHooksRepository, DiscordWebhooksTable>();
@ -60,7 +63,7 @@ builder.Services.AddHangfire(f => f.UseMemoryStorage());
builder.Services.AddHangfireServer(); builder.Services.AddHangfireServer();
GlobalConfiguration.Configuration.UseSerilogLogProvider(); GlobalConfiguration.Configuration.UseSerilogLogProvider();
// Add Health Checks // Build Health Checks
builder.Services.AddHealthChecks() builder.Services.AddHealthChecks()
.AddNpgSql(config.GetValue<string>(ConfigConnectionStringConst.Database) ?? ""); .AddNpgSql(config.GetValue<string>(ConfigConnectionStringConst.Database) ?? "");
@ -75,13 +78,13 @@ builder.Services.Configure<ConnectionStrings>(config.GetSection("ConnectionStrin
builder.Services.Configure<ConfigSectionConnectionStrings>(config.GetSection(ConfigSectionsConst.ConnectionStrings)); builder.Services.Configure<ConfigSectionConnectionStrings>(config.GetSection(ConfigSectionsConst.ConnectionStrings));
builder.Services.Configure<ConfigSectionRssModel>(config.GetSection(ConfigSectionsConst.Rss)); builder.Services.Configure<ConfigSectionRssModel>(config.GetSection(ConfigSectionsConst.Rss));
builder.Services.Configure<ConfigSectionYoutubeModel>(config.GetSection(ConfigSectionsConst.Youtube)); builder.Services.Configure<ConfigSectionYoutubeModel>(config.GetSection(ConfigSectionsConst.Youtube));
//builder.Services.Configure<
// Configure JWT for auth // Configure JWT for auth and load it into DI so we can use it in the controllers
var jwtSettings = new JwtSettings(); var jwtSettings = new JwtSettings();
config.Bind(nameof(jwtSettings), jwtSettings); config.Bind(nameof(jwtSettings), jwtSettings);
builder.Services.AddSingleton(jwtSettings); builder.Services.AddSingleton(jwtSettings);
// Configure how the Token Validation will be handled
var tokenValidationParameters = new TokenValidationParameters var tokenValidationParameters = new TokenValidationParameters
{ {
ValidateIssuerSigningKey = true, ValidateIssuerSigningKey = true,
@ -93,6 +96,7 @@ var tokenValidationParameters = new TokenValidationParameters
}; };
builder.Services.AddSingleton(tokenValidationParameters); builder.Services.AddSingleton(tokenValidationParameters);
// Build the Authentication that will be used
builder.Services.AddAuthentication(x => builder.Services.AddAuthentication(x =>
{ {
x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
@ -104,9 +108,13 @@ builder.Services.AddAuthentication(x =>
x.TokenValidationParameters = tokenValidationParameters; x.TokenValidationParameters = tokenValidationParameters;
}); });
// Build the Authorization Policy that the users will conform to.
builder.Services.AddAuthorization(options =>
options.AddPolicy(Authorization.AdministratorPolicy, b => b.RequireClaim( Authorization.AdministratorClaim, "true") ));
// Configure swagger authentication
builder.Services.AddSwaggerGen(cfg => builder.Services.AddSwaggerGen(cfg =>
{ {
cfg.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme cfg.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme
{ {
Description = "The API key to access the API", Description = "The API key to access the API",
@ -159,7 +167,9 @@ builder.Services.AddSwaggerGen(cfg =>
var app = builder.Build(); var app = builder.Build();
// Configure the HTTP request pipeline. // Configure the HTTP request pipeline.
if (config.GetValue<bool>("EnableSwagger"))
// Enable Swagger if requested based on config
if (config.GetValue<bool>(ConfigConst.EnableSwagger))
{ {
app.UseSwagger(); app.UseSwagger();
app.UseSwaggerUI(); app.UseSwaggerUI();
@ -167,14 +177,17 @@ if (config.GetValue<bool>("EnableSwagger"))
app.UseHttpsRedirection(); app.UseHttpsRedirection();
// Enable Hangfire background jobs
app.UseHangfireDashboard(); app.UseHangfireDashboard();
BackgroundJobs.SetupRecurringJobs(config); BackgroundJobs.SetupRecurringJobs(config);
//app.UseAuthorization(); app.UseAuthorization();
app.UseAuthentication(); app.UseAuthentication();
// Add middleware
//app.UseMiddleware<ApiKeyAuthAuthentication>(); //app.UseMiddleware<ApiKeyAuthAuthentication>();
// Add HealthChecks
app.MapHealthChecks("/health", new HealthCheckOptions app.MapHealthChecks("/health", new HealthCheckOptions
{ {
Predicate = _ => true, Predicate = _ => true,
@ -182,6 +195,34 @@ app.MapHealthChecks("/health", new HealthCheckOptions
}); });
app.MapControllers(); app.MapControllers();
// Run Database Migrations if requested
using var serviceScope = app.Services.CreateScope();
if (config.GetValue<bool>(ConfigConst.RunDatabaseMigrationsOnStartup))
{
var dbContext = serviceScope.ServiceProvider.GetRequiredService<DatabaseContext>();
dbContext.Database.Migrate();
}
else
{
Log.Warning("Database Migrations have been skipped. Make sure you run them on your own");
}
// Inject the roles
var roleManager = serviceScope.ServiceProvider.GetRequiredService<RoleManager<IdentityRole>>();
if (!await roleManager.RoleExistsAsync("Administrators"))
{
var adminRole = new IdentityRole("Administrators");
await roleManager.CreateAsync(adminRole);
}
if (!await roleManager.RoleExistsAsync("Users"))
{
var userRole = new IdentityRole("Users");
await roleManager.CreateAsync(userRole);
}
// Start the application
app.Run(); app.Run();