126 lines
6.0 KiB
C#
126 lines
6.0 KiB
C#
using DevExpress.ExpressApp.Security;
|
|
using DevExpress.Persistent.Base;
|
|
using DevExpress.ExpressApp.Xpo;
|
|
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
|
|
using System.Text;
|
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using Microsoft.OpenApi.Models;
|
|
using DurnyklyYol.WebApi.JWT;
|
|
using DevExpress.ExpressApp.Security.Authentication.ClientServer;
|
|
using DevExpress.ExpressApp;
|
|
using DevExpress.ExpressApp.ApplicationBuilder;
|
|
|
|
namespace DurnyklyYol.WebApi;
|
|
|
|
public class Startup {
|
|
public Startup(IConfiguration configuration) {
|
|
Configuration = configuration;
|
|
}
|
|
|
|
public IConfiguration Configuration { get; }
|
|
|
|
// This method gets called by the runtime. Use this method to add services to the container.
|
|
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
|
|
public void ConfigureServices(IServiceCollection services) {
|
|
services.AddScoped<IAuthenticationTokenProvider, JwtTokenProviderService>();
|
|
|
|
services.AddXafMiddleTier(Configuration, builder => {
|
|
builder.ConfigureDataServer(options => {
|
|
options.UseConnectionString(Configuration.GetConnectionString("ConnectionString"));
|
|
options.UseDataStorePool(true);
|
|
});
|
|
|
|
builder.Modules
|
|
.AddReports(options => {
|
|
options.ReportDataType = typeof(DevExpress.Persistent.BaseImpl.ReportDataV2);
|
|
})
|
|
.Add<DurnyklyYol.Module.DurnyklyYolModule>();
|
|
|
|
|
|
builder.Security
|
|
.UseIntegratedMode(options => {
|
|
options.Lockout.Enabled = true;
|
|
|
|
options.RoleType = typeof(PermissionPolicyRole);
|
|
// ApplicationUser descends from PermissionPolicyUser and supports the OAuth authentication. For more information, refer to the following topic: https://docs.devexpress.com/eXpressAppFramework/402197
|
|
// If your application uses PermissionPolicyUser or a custom user type, set the UserType property as follows:
|
|
options.UserType = typeof(DurnyklyYol.Module.BusinessObjects.ApplicationUser);
|
|
// ApplicationUserLoginInfo is only necessary for applications that use the ApplicationUser user type.
|
|
// If you use PermissionPolicyUser or a custom user type, comment out the following line:
|
|
options.UserLoginInfoType = typeof(DurnyklyYol.Module.BusinessObjects.ApplicationUserLoginInfo);
|
|
options.UseXpoPermissionsCaching();
|
|
options.Events.OnSecurityStrategyCreated += securityStrategy => {
|
|
//((SecurityStrategy)securityStrategy).AnonymousAllowedTypes.Add(typeof(DevExpress.Persistent.BaseImpl.ModelDifference));
|
|
//((SecurityStrategy)securityStrategy).AnonymousAllowedTypes.Add(typeof(DevExpress.Persistent.BaseImpl.ModelDifferenceAspect));
|
|
((SecurityStrategy)securityStrategy).PermissionsReloadMode = PermissionsReloadMode.CacheOnFirstAccess;
|
|
};
|
|
})
|
|
.AddPasswordAuthentication(options => {
|
|
options.IsSupportChangePassword = true;
|
|
});
|
|
|
|
builder.AddBuildStep(application => {
|
|
application.ApplicationName = "SetupApplication.DurnyklyYol";
|
|
application.CheckCompatibilityType = DevExpress.ExpressApp.CheckCompatibilityType.DatabaseSchema;
|
|
//application.CreateCustomModelDifferenceStore += += (s, e) => {
|
|
// e.Store = new ModelDifferenceDbStore((XafApplication)sender!, typeof(ModelDifference), true, "Win");
|
|
// e.Handled = true;
|
|
//};
|
|
#if !RELEASE
|
|
if(application.CheckCompatibilityType == CheckCompatibilityType.DatabaseSchema) {
|
|
application.DatabaseUpdateMode = DatabaseUpdateMode.UpdateDatabaseAlways;
|
|
application.DatabaseVersionMismatch += (s, e) => {
|
|
e.Updater.Update();
|
|
e.Handled = true;
|
|
};
|
|
}
|
|
#endif
|
|
});
|
|
});
|
|
|
|
services.AddAuthentication()
|
|
.AddJwtBearer(options => {
|
|
options.TokenValidationParameters = new TokenValidationParameters() {
|
|
ValidateIssuerSigningKey = true,
|
|
//ValidIssuer = Configuration["Authentication:Jwt:Issuer"],
|
|
//ValidAudience = Configuration["Authentication:Jwt:Audience"],
|
|
ValidateIssuer = false,
|
|
ValidateAudience = false,
|
|
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Authentication:Jwt:IssuerSigningKey"]))
|
|
};
|
|
});
|
|
|
|
services.AddAuthorization(options => {
|
|
options.DefaultPolicy = new AuthorizationPolicyBuilder(
|
|
JwtBearerDefaults.AuthenticationScheme)
|
|
.RequireAuthenticatedUser()
|
|
.RequireXafAuthentication()
|
|
.Build();
|
|
});
|
|
}
|
|
|
|
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
|
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IHostApplicationLifetime hostApplicationLifetime) {
|
|
if(env.IsDevelopment()) {
|
|
app.UseDeveloperExceptionPage();
|
|
}
|
|
else {
|
|
app.UseExceptionHandler("/Error");
|
|
// The default HSTS value is 30 days. To change this for production scenarios, see: https://aka.ms/aspnetcore-hsts.
|
|
app.UseHsts();
|
|
}
|
|
app.UseHttpsRedirection();
|
|
app.UseRequestLocalization();
|
|
app.UseStaticFiles();
|
|
app.UseRouting();
|
|
app.UseAuthentication();
|
|
app.UseAuthorization();
|
|
app.UseXafMiddleTier();
|
|
app.UseEndpoints(endpoints => {
|
|
endpoints.MapControllers();
|
|
});
|
|
}
|
|
}
|