// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure <RecaptchaOptions>(Configuration.GetSection("Recaptcha"));
services.Configure <LetsEncryptOptions>(Configuration.GetSection("LetsEncrypt"));
services.Configure <PasswordHasherOptions>(options => options.CompatibilityMode = PasswordHasherCompatibilityMode.IdentityV2);
services
.AddIdentity <JoinIdentityUser, string>(options => options.Password.ConfigureValidation())
.AddDefaultTokenProviders()
.AddUserStore <MyUserStore>()
.AddRoleStore <MyUserStore>();
services.ConfigureApplicationCookie(AuthenticationConfigurator.SetCookieOptions());
services.AddLogging();
services.AddHttpContextAccessor();
services.TryAddSingleton <IActionContextAccessor, ActionContextAccessor>();
services.AddRouting(options => options.LowercaseUrls = true);
var mvc = services
.AddMvc(options =>
{
if (!environment.IsEnvironment("IntegrationTest"))
{
options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
}
options.Filters.Add(new SetIsProductionFilterAttribute());
options.Filters.Add(new TypeFilterAttribute(typeof(SetUserDataFilterAttribute)));
})
.AddControllersAsServices()
.AddViewComponentsAsServices();
if (environment.IsDevelopment())
{
//That's make local debug more easy
mvc.AddRazorRuntimeCompilation();
}
services.AddAuthorization();
services.AddTransient <IAuthorizationPolicyProvider, AuthPolicyProvider>();
services
.AddAuthentication()
.ConfigureJoinExternalLogins(Configuration.GetSection("Authentication"));
services.AddSwaggerGen(Swagger.ConfigureSwagger);
services.AddApplicationInsightsTelemetry();
services.AddHealthChecks()
.AddSqlServer(Configuration["ConnectionStrings:DefaultConnection"]);
}
public void Configuration(IAppBuilder app)
{
AuthenticationConfigurator.ConfigureAuth(app);
var hubConfiguration = new HubConfiguration();
hubConfiguration.EnableDetailedErrors = true;
app.MapSignalR(hubConfiguration);
string hangfireDBName = AppSettingHelper.GetAppSetting <string>(Constants.AppSetting.HangfireDBName);
GlobalConfiguration.Configuration.UseMongoStorage("mongodb://localhost", hangfireDBName);
app.UseHangfireDashboard("/hangfire", new DashboardOptions
{
Authorization = new[] { new AuthorizationFilter() }
});
app.UseHangfireServer();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
_ = services.Configure <RecaptchaOptions>(Configuration.GetSection("Recaptcha"))
.Configure <LetsEncryptOptions>(Configuration.GetSection("LetsEncrypt"))
.Configure <BlobStorageOptions>(Configuration.GetSection("AzureBlobStorage"));
blobStorageOptions = Configuration.GetSection("AzureBlobStorage").Get <BlobStorageOptions>();
_ = services.Configure <PasswordHasherOptions>(options => options.CompatibilityMode = PasswordHasherCompatibilityMode.IdentityV2);
_ = services
.AddIdentity <JoinIdentityUser, string>(options => options.Password.ConfigureValidation())
.AddDefaultTokenProviders()
.AddUserStore <MyUserStore>()
.AddRoleStore <MyUserStore>();
_ = services.ConfigureApplicationCookie(AuthenticationConfigurator.SetCookieOptions());
_ = services.AddLogging();
_ = services.AddHttpContextAccessor();
services.TryAddSingleton <IActionContextAccessor, ActionContextAccessor>();
_ = services.AddHttpClient();
_ = services.AddRouting(options => options.LowercaseUrls = true);
var mvc = services
.AddMvc(options =>
{
if (!environment.IsEnvironment("IntegrationTest"))
{
options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
}
options.Filters.Add(new SetIsProductionFilterAttribute());
options.Filters.Add(new TypeFilterAttribute(typeof(SetUserDataFilterAttribute)));
//TODO need to fix this
options.SuppressImplicitRequiredAttributeForNonNullableReferenceTypes = true;
})
.AddControllersAsServices()
.AddViewComponentsAsServices();
_ = services.AddAntiforgery(options => options.HeaderName = "X-CSRF-TOKEN-HEADERNAME");
var dataProtection = services.AddDataProtection();
if (blobStorageOptions.BlobStorageConfigured)
{
dataProtection.PersistKeysToAzureBlobStorage(
blobStorageOptions.BlobStorageConnectionString,
"data-protection-keys", "joinrpg-portal-protection-keys");
}
if (environment.IsDevelopment())
{
//That's make local debug more easy
_ = mvc.AddRazorRuntimeCompilation();
}
_ = services.AddAuthorization();
_ = services.AddTransient <IAuthorizationPolicyProvider, AuthPolicyProvider>();
services
.AddAuthentication()
.ConfigureJoinExternalLogins(Configuration.GetSection("Authentication"));
_ = services.AddSwaggerGen(Swagger.ConfigureSwagger);
_ = services.AddApplicationInsightsTelemetry();
_ = services.AddHealthChecks()
.AddSqlServer(Configuration["ConnectionStrings:DefaultConnection"], tags: new[] { "ready" })
.AddCheck <HealthCheckLoadProjects>("Project load", tags: new[] { "ready" })
.AddCheck <HealthCheckBlobStorage>("Blob connect");
services.Configure <ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedFor;
options.KnownProxies.Clear();
options.KnownNetworks.Clear();
options.ForwardLimit = 1;
// Allow nearest proxy server to set X-Forwarded-?? header
// Do not white-list servers (It's hard to know them specifically proxy server in cloud)
// It will allow IP-spoofing, if Kestrel is directly exposed to end user
// But it should never happen anyway (we always should be under at least one proxy)
});
}
