// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //JWT Authentication JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); services.AddAuthentication(opt => { opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; opt.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer( config => { config.RequireHttpsMetadata = false; config.SaveToken = true; config.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = APIConstant.URL, ValidAudience = APIConstant.URL, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(APIConstant.SecretKey)), ClockSkew = TimeSpan.Zero }; config.Events = new JwtBearerEvents { //Letting the client know that token is expired //further validation needs for token on client side OnAuthenticationFailed = context => { if (context.Exception.GetType() == typeof(SecurityTokenExpiredException)) { context.Response.Headers.Add("Token-Expired", "true"); } return(Task.CompletedTask); } }; }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); ConfigureServiceExtension.AddConfiguration(services); services.AddTransient <IEmailSender, EmailSender>(i => new EmailSender( EmailConstants.host, EmailConstants.port, EmailConstants.enableSSL, EmailConstants.userName, EmailConstants.password )); services.AddTransient <ITokenService, TokenService>(); services.AddLogging(); services.AddCors(); services.AddSignalR(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { ConfigureServiceExtension.AddConfiguration(services); services.AddTransient <IEmailSender, EmailSender>(i => new EmailSender( EmailConstants.host, EmailConstants.port, EmailConstants.enableSSL, EmailConstants.userName, EmailConstants.password )); services.ConfigureApplicationCookie(options => { options.Cookie.HttpOnly = true; options.ExpireTimeSpan = TimeSpan.FromMinutes(120); options.LoginPath = "/Index"; options.AccessDeniedPath = "/Account/AccessDenied"; options.SlidingExpiration = true; }); //Register all Require Claims for auth services.AddAuthorization(opt => { opt.AddPolicy("MentorOnly", policy => policy.RequireClaim("Account", "Mentor")); opt.AddPolicy("UserOnly", policy => policy.RequireClaim("Account", "User")); opt.AddPolicy("AdminOnly", policy => policy.RequireClaim("Account", "Admin")); opt.AddPolicy("SuperUser", policy => policy.RequireClaim("Account", "Super")); }); //Session Enable for Guest User services.AddMvc() .SetCompatibilityVersion(CompatibilityVersion.Version_2_1) .AddSessionStateTempDataProvider(); services.AddSession(options => { options.IdleTimeout = TimeSpan.FromSeconds(240); options.Cookie.HttpOnly = true; }); //Required for accessing hhttpcontext services.AddHttpContextAccessor(); //For Web Api CORS services.AddCors(); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseDatabaseErrorPage(); app.UseStatusCodePages(async context => { context.HttpContext.Response.ContentType = "text/plain"; await context.HttpContext.Response.WriteAsync( "Status code page, status code: " + context.HttpContext.Response.StatusCode + " " + context.HttpContext.Response.ContentType); }); app.UseStatusCodePagesWithRedirects("/error/{0}"); } else { app.UseExceptionHandler("/Error"); app.UseHsts(); } app.UseSession(); app.UseStaticFiles(); app.UseCookiePolicy(); app.UseAuthentication(); //Required to proxy when deployed to apache or nginx app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }); app.UseCors(opt => opt.AllowAnyMethod() .AllowAnyHeader() .AllowAnyOrigin() .AllowCredentials()); app.UseMvc(); ConfigureServiceExtension.UseConfiguration(app); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseHsts(); } ConfigureServiceExtension.UseConfiguration(app); app.UseStatusCodePages(async context => { context.HttpContext.Response.ContentType = "application/json"; await context.HttpContext.Response.WriteAsync( "Status code page, status code: " + context.HttpContext.Response.StatusCode); }); app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }); app.UseAuthentication(); app.UseCors(opt => opt.AllowAnyMethod() .AllowAnyHeader() .AllowAnyOrigin() .AllowCredentials()); app.UseSignalR(route => { //route.MapHub<ChatHub> ("/chatHub"); route.MapHub <HopeLine.API.Hubs.v2.ChatHub>("/v2/chatHub"); }); app.UseMvc(); }