// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//register custom config sections
//use your inherited class here if applicable
services.Configure <WebSettingsBase>(options => Configuration.GetSection("WebSettings").Bind(options));
WebSettingsBase settings = Configuration.GetSection("WebSettings").Get <WebSettingsBase>();
if (settings == null)
{
throw new Utilities.ProgramException("Null settings object in Startup");
}
//services.Configure<ApplicationRoles>(options => Configuration.GetSection("Roles").Bind(options));
//configures global antiforgery and date JSON Serializer Settings
services.AddMvc(settings);
// enable session and specify timeout and max length settings
services.AddDistributedMemoryCache();
services.AddSession(settings);
//add CSRF checking
services.AddAntiforgery(settings);
////configure API versions
//services.AddSwaggerGen(c =>
//{
// Swashbuckle.Swagger.Model.Info[] APIs = {
// new Swashbuckle.Swagger.Model.Info()
// {
// Title = "Data fix handler"
// , Version = "v1"
// //, Contact = new Swashbuckle.Swagger.Model.Contact() { Name = "Sam Nesbitt", Email = "*****@*****.**" }
// }/*,
// new Swashbuckle.Swagger.Model.Info()
// {
// Title = "Data fix handler",
// Version = "v2"
// }*/
// };
// c.MultipleApiVersions(APIs, WebHelper.SwaggerHelper.VersionResolver);
//});
////set the active directory access group
//services.AddAuthorization(options =>
//{
// ApplicationRoles roles = Configuration.GetSection("Roles").Get<ApplicationRoles>();
// foreach (var role in roles.GetApplicationRoles())
// {
// options.AddPolicy(role.RoleName, policy =>
// {
// policy.RequireAuthenticatedUser();
// policy.RequireRole(role.ADGroups);
// });
// }
//});
services.AddTransient <Utilities.ITemplateService, Web.Services.TemplateService>();
}
/// <summary>
/// Adds the default DateFormatString to the Newtonsoft.Json.JsonSerializerSettings
/// </summary>
/// <param name="mvc">Current MVC settings builder</param>
/// <param name="settings">An SSS.Web.Configuration.WebSettingsBase to configure the SerializerSettings</param>
/// <returns>The Microsoft.Extensions.DependencyInjection.IMvcBuilder so that additional calls can be chained.</returns>
public static IMvcBuilder AddSerializerSettings(this IMvcBuilder mvc, WebSettingsBase settings)
{
mvc.AddJsonOptions(opts =>
{
// configure global date serialization format
opts.SerializerSettings.DateFormatString = settings.DateFormat;
});
return(mvc);
}
/// <summary>
/// Configures the session timeout and expiration values
/// </summary>
/// <param name="services">The Microsoft.Extensions.DependencyInjection.IServiceCollection to add services to.</param>
/// <param name="settings">An SSS.Web.Configuration.WebSettingsBase to configure the provided Microsoft.AspNetCore.Antiforgery.AntiforgeryOptions.</param>
/// <returns>The Microsoft.Extensions.DependencyInjection.IServiceCollection so that additional calls can be chained.</returns>
public static IServiceCollection AddSession(this IServiceCollection services, WebSettingsBase settings)
{
return(services.AddSession(c =>
{
c.Cookie.Expiration = settings.GetSessionExpirationTimeSpan();
c.IdleTimeout = TimeSpan.FromMinutes(settings.IdleTimeout);
}));
}
/// <summary>
/// Configures MVC service based on the configuration from WebSettingsBase
/// </summary>
/// <param name="services">The Microsoft.Extensions.DependencyInjection.IServiceCollection to add services to.</param>
/// <param name="settings">An SSS.Web.Configuration.WebSettingsBase to configure the provided Microsoft.AspNetCore.Antiforgery.AntiforgeryOptions.</param>
/// <returns>Returns a IMvcBuilder for additional MVC configuration options</returns>
public static IMvcBuilder AddMvc(this IServiceCollection services, WebSettingsBase settings)
{
return(services.AddMvc(options =>
options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute())
).AddSerializerSettings(settings));
}
/// <summary>
/// Conditionally adds and configures Antiforgery service as per configuration
/// </summary>
/// <param name="services">The Microsoft.Extensions.DependencyInjection.IServiceCollection to add services to.</param>
/// <param name="settings">An SSS.Web.Configuration.WebSettingsBase to configure the provided Microsoft.AspNetCore.Antiforgery.AntiforgeryOptions.</param>
/// <returns>The Microsoft.Extensions.DependencyInjection.IServiceCollection so that additional calls can be chained.</returns>
public static IServiceCollection AddAntiforgery(this IServiceCollection services, WebSettingsBase settings)
{
if (settings.EnableCSRFChecking)
{
services.AddAntiforgery(opts =>
{
opts.HeaderName = "X-XSRF-TOKEN";
opts.FormFieldName = "XSRF-TOKEN";
opts.Cookie.Name = "XSRF-TOKEN";
//use same expiration timespan as session
opts.Cookie.Expiration = settings.GetSessionExpirationTimeSpan();
});
}
return(services);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddFile(Configuration.GetSection("Logging")["PathFormat"]);
WebSettingsBase settings = Configuration.GetSection("WebSettings").Get <WebSettingsBase>();
if (settings == null)
{
throw new Utilities.ProgramException("Null WebSettingsBase configuration object in Startup");
}
//use dev page if we are returning detailed errors
if (settings.ErrorHandlerSettings.ShowErrors)
{
app.UseDeveloperExceptionPage();
}
if (settings.IsDevelopment())
{
//app.UseBrowserLink(); // several studies have shown this to cause cancer
//loggerFactory.AddConsole(Configuration.GetSection("Logging"));
app.UseStaticFiles();
}
else
{
//use browser caching
//this level of caching will require you to use cache busting techniques
app.UseStaticFiles(new StaticFileOptions()
{
OnPrepareResponse = (context) =>
{
context.Context.Response.Headers["Cache-Control"] =
"private, max-age=2592000";
//context.Context.Response.Headers["Expires"] =
// DateTime.UtcNow.AddHours(12).ToString("R");
}
});
}
app.UseSession(new SessionOptions()
{
IdleTimeout = TimeSpan.FromMinutes(settings.IdleTimeout)
});
//converts 204 to 404 on get requests
app.UseHttpNoContentOutputMiddleware();
//custom error handler
app.UseErrorHandlerMiddleware(new ErrorHandlerOptions()
{
LogErrorCallback = Common.LogErrorCallback,
MaxErrorCountCallback = Common.MaxErrorCountCallback,
WebSettings = settings.ErrorHandlerSettings
});
////setup swagger
//app.UseSwagger();
//app.UseSwaggerUi();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
