// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{ //JWT Authentication
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(opt =>
{
opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(
config =>
{
config.RequireHttpsMetadata = false;
config.SaveToken = true;
config.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = APIConstant.URL,
ValidAudience = APIConstant.URL,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(APIConstant.SecretKey)),
ClockSkew = TimeSpan.Zero
};
config.Events = new JwtBearerEvents
{
//Letting the client know that token is expired
//further validation needs for token on client side
OnAuthenticationFailed = context =>
{
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return(Task.CompletedTask);
}
};
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
ConfigureServiceExtension.AddConfiguration(services);
services.AddTransient <IEmailSender, EmailSender>(i =>
new EmailSender(
EmailConstants.host,
EmailConstants.port,
EmailConstants.enableSSL,
EmailConstants.userName,
EmailConstants.password
));
services.AddTransient <ITokenService, TokenService>();
services.AddLogging();
services.AddCors();
services.AddSignalR();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
ConfigureServiceExtension.AddConfiguration(services);
services.AddTransient <IEmailSender, EmailSender>(i =>
new EmailSender(
EmailConstants.host,
EmailConstants.port,
EmailConstants.enableSSL,
EmailConstants.userName,
EmailConstants.password
));
services.ConfigureApplicationCookie(options =>
{
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(120);
options.LoginPath = "/Index";
options.AccessDeniedPath = "/Account/AccessDenied";
options.SlidingExpiration = true;
});
//Register all Require Claims for auth
services.AddAuthorization(opt =>
{
opt.AddPolicy("MentorOnly", policy => policy.RequireClaim("Account", "Mentor"));
opt.AddPolicy("UserOnly", policy => policy.RequireClaim("Account", "User"));
opt.AddPolicy("AdminOnly", policy => policy.RequireClaim("Account", "Admin"));
opt.AddPolicy("SuperUser", policy => policy.RequireClaim("Account", "Super"));
});
//Session Enable for Guest User
services.AddMvc()
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1)
.AddSessionStateTempDataProvider();
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromSeconds(240);
options.Cookie.HttpOnly = true;
});
//Required for accessing hhttpcontext
services.AddHttpContextAccessor();
//For Web Api CORS
services.AddCors();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseStatusCodePages(async context =>
{
context.HttpContext.Response.ContentType = "text/plain";
await context.HttpContext.Response.WriteAsync(
"Status code page, status code: " +
context.HttpContext.Response.StatusCode + " " + context.HttpContext.Response.ContentType);
});
app.UseStatusCodePagesWithRedirects("/error/{0}");
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseSession();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
//Required to proxy when deployed to apache or nginx
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
app.UseCors(opt => opt.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin()
.AllowCredentials());
app.UseMvc();
ConfigureServiceExtension.UseConfiguration(app);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}
ConfigureServiceExtension.UseConfiguration(app);
app.UseStatusCodePages(async context =>
{
context.HttpContext.Response.ContentType = "application/json";
await context.HttpContext.Response.WriteAsync(
"Status code page, status code: " +
context.HttpContext.Response.StatusCode);
});
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
app.UseAuthentication();
app.UseCors(opt => opt.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin()
.AllowCredentials());
app.UseSignalR(route =>
{
//route.MapHub<ChatHub> ("/chatHub");
route.MapHub <HopeLine.API.Hubs.v2.ChatHub>("/v2/chatHub");
});
app.UseMvc();
}
