public static void ConfigureMvc(this IServiceCollection services, Config.AntiForgeryConfig xsrfConfig) { services.AddMvc(options => { options.ModelBinderProviders.Insert(0, new DateTimeModelBinderProvider()); options.Filters.Add(typeof(Filters.GlobalExceptionFilter)); options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); }); services.TryAddEnumerable(ServiceDescriptor.Transient <IConfigureOptions <MvcOptions>, DateTimeInputFormatterOptions>()); services.TryAddEnumerable(ServiceDescriptor.Transient <IConfigureOptions <MvcOptions>, DateTimeOutputFormatterOptions>()); services.TryAddEnumerable(ServiceDescriptor.Transient <IConfigureOptions <LocalizationOptions>, LocalizationResolverOptions>()); services.AddAntiforgery(options => { options.Cookie.Name = xsrfConfig.CookieName; options.HeaderName = xsrfConfig.HeaderName; options.Cookie.SecurePolicy = CookieSecurePolicy.None; }); services.AddAuthorization(options => { options.AddPolicy(Policies.ManagerUserAccounts, p => p.RequireRole(Toucan.Data.RoleTypes.Admin)); options.AddPolicy(Policies.ManageSiteSettings, p => p.RequireRole(Toucan.Data.RoleTypes.Admin)); }); }
public static void ConfigureMvc(this IServiceCollection services, Config.AntiForgeryConfig xsrfConfig) { services.AddMvc(options => { options.ModelBinderProviders.Insert(0, new DateTimeModelBinderProvider()); options.Filters.Add(typeof(Filters.GlobalExceptionFilter)); options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); }); services.TryAddEnumerable(ServiceDescriptor.Transient <IConfigureOptions <MvcOptions>, DateTimeInputFormatterOptions>()); services.TryAddEnumerable(ServiceDescriptor.Transient <IConfigureOptions <MvcOptions>, DateTimeOutputFormatterOptions>()); services.TryAddEnumerable(ServiceDescriptor.Transient <IConfigureOptions <LocalizationOptions>, LocalizationResolverOptions>()); services.AddAntiforgery(options => { options.Cookie.Name = xsrfConfig.CookieName; options.HeaderName = xsrfConfig.HeaderName; options.Cookie.SecurePolicy = CookieSecurePolicy.None; }); services.AddAuthorization(options => { options.AddPolicy(Security.AuthorizeClaimAttribute.PolicyName, o => { o.RequireAssertion(Security.AuthorizeClaimAttribute.PolicyHandler); }); }); }
public static void ConfigureMvc(this IServiceCollection services, Config.AntiForgeryConfig xsrfConfig) { services.AddMvc(options => { options.Filters.Add(typeof(Filters.GlobalExceptionFilter)); options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); }); services.AddAntiforgery(options => { options.CookieName = xsrfConfig.CookieName; options.HeaderName = xsrfConfig.HeaderName; options.RequireSsl = true; }); services.AddAuthorization(options => { options.AddPolicy(Policies.ManagerUserAccounts, p => p.RequireRole(Toucan.Data.RoleTypes.Admin)); options.AddPolicy(Policies.ManageSiteSettings, p => p.RequireRole(Toucan.Data.RoleTypes.Admin)); }); }