-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathProgram.cs
More file actions
124 lines (106 loc) · 3.36 KB
/
Program.cs
File metadata and controls
124 lines (106 loc) · 3.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using OnlineStoreRestfulApi.Datas;
using OnlineStoreRestfulApi.Helpers;
using OnlineStoreRestfulApi.Services;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
// get sercet key
var jwtKey = builder.Configuration["JwtSettings:Key"]!;
var key = Encoding.UTF8.GetBytes(jwtKey);
builder.Services.AddControllers();
builder.Services.AddScoped<StoreService>();
builder.Services.AddScoped<AuthService>();
// Get connect to db
builder.Services.AddDbContext<AppDbContext>(options =>
options.UseMySql(
builder.Configuration.GetConnectionString("DefaultConnection"),
new MySqlServerVersion(new Version(8, 0, 32))));
// Swagger with authorisation part
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Title = "OnlineStoreRestfulApi",
Version = "v1"
});
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Name = "Authorization",
Type = SecuritySchemeType.Http,
Scheme = "bearer",
BearerFormat = "JWT",
In = ParameterLocation.Header,
Description = "Enter your JWT token below.\n\n(WITHOUT Bearer)"
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "Bearer"
},
Scheme = "bearer",
Name = "Bearer",
In = ParameterLocation.Header
},
new List<string>()
}
});
});
builder.Services.AddSingleton<JwtHelper>();
//// Add jwt authentication
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.RequireHttpsMetadata = true;
o.SaveToken = true;
o.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key)
};
});
builder.Services.AddAuthorization();
var app = builder.Build();
app.UseSwagger();
app.UseSwaggerUI();
//Test see same or not
app.Use(async (context, next) =>
{
var authHeader = context.Request.Headers["Authorization"].ToString();
if (!string.IsNullOrEmpty(authHeader))
{
Console.WriteLine("[DEBUG] Incoming Authorization Header:");
Console.WriteLine(authHeader);
if (authHeader.StartsWith("Bearer "))
{
var token = authHeader.Substring("Bearer ".Length);
Console.WriteLine("[DEBUG] Extracted JWT Token:");
Console.WriteLine(token);
}
}
else
{
Console.WriteLine("[DEBUG] No Authorization Header received.");
}
await next.Invoke();
});
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();