// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
// Enable caching and register any caching services.
CacheAspect.Enabled = true;
BlobCacheAttribute.AddService("default", app.ApplicationServices.GetService <IBlobCacheService>());
// Enable cancellation aspects and register request timeout configuration.
CancellationTokenTimeoutAspect.Enabled = true;
CancellationTokenTimeoutAttribute.SetTimeoutConfiguration(Configuration.GetSection("RequestTimeouts"));
UpdateDatabase(app);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHttpsRedirection();
app.UseHsts(hsts => hsts.MaxAge(365).IncludeSubdomains());
}
if (Configuration.GetValue <bool>("enableSwagger"))
{
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Data API V1");
c.RoutePrefix = "docs";
});
var option = new RewriteOptions();
option.AddRedirect("^$", "docs");
app.UseRewriter(option);
}
// ReSharper disable once CommentTypo
// Adds Brotli and Gzip compressing
app.UseResponseCompression();
app.UseCors(options => options
.WithOrigins(
"http://localhost:3000",
"http://localhost:3001",
"https://localhost:3000",
"https://localhost:3001")
.AllowAnyMethod()
.AllowAnyHeader());
app.UseMvc();
app.UseHealthChecks("/api/health");
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app,
IWebHostEnvironment env,
ILogger <Startup> logger)
{
// Enable caching and register any caching services
CacheAspect.Enabled = true;
BlobCacheAttribute.AddService("default", app.ApplicationServices.GetService <IBlobCacheService>());
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
PublishAllContent(logger);
}
else
{
app.UseHttpsRedirection();
app.UseHsts(hsts => hsts.MaxAge(365).IncludeSubdomains());
}
if (Configuration.GetValue <bool>("enableSwagger"))
{
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Content API V1");
c.RoutePrefix = "docs";
});
var option = new RewriteOptions();
option.AddRedirect("^$", "docs");
app.UseRewriter(option);
}
app.UseCors(options => options
.WithOrigins(
"http://localhost:3000",
"http://localhost:3001",
"https://localhost:3000",
"https://localhost:3001")
.AllowAnyMethod()
.AllowAnyHeader());
app.UseMvc();
app.UseHealthChecks("/api/health");
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
// Enable caching and register any caching services.
CacheAspect.Enabled = true;
BlobCacheAttribute.AddService("default", app.ApplicationServices.GetService <IBlobCacheService>());
UpdateDatabase(app, env);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts(opts =>
{
opts.MaxAge(365);
opts.IncludeSubdomains();
opts.Preload();
});
}
if (Configuration.GetValue <bool>("enableSwagger"))
{
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Admin API V1");
c.RoutePrefix = "docs";
});
}
// Security Headers
app.UseXContentTypeOptions();
app.UseXXssProtection(opts => opts.EnabledWithBlockMode());
app.UseXfo(opts => opts.SameOrigin());
app.UseReferrerPolicy(opts => opts.NoReferrerWhenDowngrade());
app.UseCsp(opts => opts
.BlockAllMixedContent()
.StyleSources(s => s.Self())
.StyleSources(s => s
.CustomSources(" https://cdnjs.cloudflare.com")
.UnsafeInline())
.FontSources(s => s.Self())
.FormActions(s =>
{
var loginAuthorityUrl = Configuration.GetSection("OpenIdConnect").GetValue <string>("Authority");
var loginAuthorityUri = new Uri(loginAuthorityUrl);
s
.CustomSources(loginAuthorityUri.GetLeftPart(UriPartial.Authority))
.Self();
})
.FrameAncestors(s => s.Self())
.ImageSources(s => s.Self())
.ImageSources(s => s.CustomSources("data:"))
.ScriptSources(s => s.Self())
.ScriptSources(s => s.UnsafeInline())
);
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseIdentityServer();
app.UseAuthorization();
app.UseRouting();
app.UseHealthChecks("/api/health");
// deny access to all Identity routes other than /Identity/Account/Login and
// /Identity/Account/ExternalLogin
var options = new RewriteOptions()
.AddRewrite(@"^(?i)identity/(?!account/(?:external)*login$)", "/", skipRemainingRules: true);
app.UseRewriter(options);
app.UseMvc(routes =>
{
routes.MapRoute(
name: "Areas",
template: "{area:exists}/{controller=Home}/{action=Index}/{id?}");
routes.MapRoute(
name: "default",
template: "{controller}/{action=Index}/{id?}");
});
app.UseSpa(spa =>
{
if (env.IsDevelopment())
{
spa.Options.SourcePath = "../explore-education-statistics-admin";
spa.UseReactDevelopmentServer("start");
}
});
}
