// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IAntiforgery antiforgery)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
app.UseDatabaseErrorPage();
// Enable middleware to serve generated Swagger as a JSON endpoint.
app.UseSwagger();
// Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.), specifying the Swagger JSON endpoint.
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "ComplyTo Compliance Cloud Product API v1");
});
}
else
{
app.UseExceptionHandler("/LandingPages/Home/Error");
//redirect to https
//var options = new RewriteOptions().AddRedirectToHttps();
//app.UseRewriter(options);
}
// Http Error Handler
app.UseMyExceptionMiddleware();
// It is important to place UseAuthentication method before Use method.
app.UseAuthentication();
// It is important to place Use method after UseAuthentication method.
app.Use(async(context, next) =>
{
// Set antiforgery cookie for the response
context.Response.Cookies.Append("XSRF-TOKEN", antiforgery.GetAndStoreTokens(context).RequestToken, new CookieOptions {
HttpOnly = false, SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict
});
// Add recommended security headers for the responses
context.Response.Headers.Add("X-XSS-Protection", "1; mode=block");
context.Response.Headers.Add("X-Content-Type-Options", "nosniff");
context.Response.Headers.Add("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
context.Response.Headers.Add("Referrer-Policy", "no-referrer");
context.Request.EnableRewind();
await next();
if (context.Response.StatusCode == (int)HttpStatusCode.NotFound &&
!Path.HasExtension(context.Request.Path.Value) &&
!context.Request.Path.Value.StartsWith("/api") &&
!context.Request.Path.Value.StartsWith("/landingpages"))
{
context.Request.Path = context.Request.Path.Value.StartsWith("/sai") ? "/sai/index.html" : "/index.html";
await next();
}
});
app.UseDefaultFiles();
app.UseStaticFiles(new StaticFileOptions
{
OnPrepareResponse = (context) =>
{
const int durationInSeconds = 60 * 60 * 24 * 30;
if (context.File.Name.ToLower().Contains(".css") || context.File.Name.ToLower().Contains(".png") || context.File.Name.ToLower().Contains(".jpg") ||
context.File.Name.ToLower().Contains(".js") || context.File.Name.ToLower().Contains(".woff"))
{
context.Context.Response.Headers[HeaderNames.CacheControl] = "public, max-age=" + durationInSeconds;
}
}
});
app.UseStaticFiles(new StaticFileOptions
{
FileProvider = new PhysicalFileProvider(
Path.Combine(Directory.GetCurrentDirectory(), "StaticFiles")),
RequestPath = new PathString(String.Empty)
});
//Configure database encryption
//InitializeAzureKeyVaultProvider(Configuration["Azure:AppRegistrationId"], Configuration["Azure:AppRegistrationKey"]);
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{area:exists}/{controller=Home}/{action=Index}/{id?}");
});
DatabaseSeeder.EnsureSeeded(app.ApplicationServices.GetRequiredService <ApplicationDbContext>());
}