diff --git a/Server/DevBiskilogclientsContext.cs b/Server/BiskilogClientsContext.cs similarity index 91% rename from Server/DevBiskilogclientsContext.cs rename to Server/BiskilogClientsContext.cs index 87824c9..d009d98 100644 --- a/Server/DevBiskilogclientsContext.cs +++ b/Server/BiskilogClientsContext.cs @@ -5,13 +5,13 @@ using Microsoft.EntityFrameworkCore; namespace Biskilog_Accounting.Server; -public partial class DevBiskilogclientsContext : DbContext +public partial class BiskilogClientsContext : DbContext { - public DevBiskilogclientsContext() + public BiskilogClientsContext() { } - public DevBiskilogclientsContext(DbContextOptions options) + public BiskilogClientsContext(DbContextOptions options) : base(options) { } @@ -30,10 +30,6 @@ public partial class DevBiskilogclientsContext : DbContext public virtual DbSet Userauths { get; set; } - protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder) -#warning To protect potentially sensitive information in your connection string, you should move it out of source code. You can avoid scaffolding the connection string by using the Name= syntax to read it from configuration - see https://go.microsoft.com/fwlink/?linkid=2131148. For more guidance on storing connection strings, see http://go.microsoft.com/fwlink/?LinkId=723263. - => optionsBuilder.UseMySql("server=54.37.19.162;database=dev_biskilogclients;user=biskilog;password=mefbuk-6niFsu-fytrew", ServerVersion.Parse("10.3.38-mariadb")); - protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder diff --git a/Server/Program.cs b/Server/Program.cs index 3af2c77..8a53ee1 100644 --- a/Server/Program.cs +++ b/Server/Program.cs @@ -1,7 +1,74 @@ +using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.ResponseCompression; +using Microsoft.EntityFrameworkCore; +using Microsoft.IdentityModel.Tokens; +using Microsoft.OpenApi.Models; +using System.Text.Json.Serialization; +using System.Text; +using Biskilog_Accounting.Server; var builder = WebApplication.CreateBuilder(args); +// Add services to the container. +builder.Services.AddControllers().AddJsonOptions(x => x.JsonSerializerOptions.ReferenceHandler = ReferenceHandler.IgnoreCycles); +builder.Services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies()); +builder.Logging.ClearProviders(); +builder.Logging.AddConsole(); +builder.Services.AddEntityFrameworkMySql().AddDbContext(options => +{ + options.UseMySql(builder.Configuration.GetConnectionString("Connection"), new MariaDbServerVersion(new Version())); +}); +//builder.Services.AddScoped(); + +builder.Services.AddCors(options => +{ + options.AddPolicy("CorsPolicy", + builder => builder.AllowAnyOrigin() + .AllowAnyMethod() + .AllowAnyHeader() + ); +}); +builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => +{ + options.RequireHttpsMetadata = false; + options.SaveToken = true; + options.TokenValidationParameters = new TokenValidationParameters() + { + ValidateIssuer = true, + ValidateAudience = true, + ValidAudience = builder.Configuration["Jwt:Audience"], + ValidIssuer = builder.Configuration["Jwt:Issuer"], + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"])) + }; +}); +builder.Services.AddEndpointsApiExplorer(); +builder.Services.AddSwaggerGen(c => +{ + c.SwaggerDoc("v1", new OpenApiInfo { Title = "MyBlazor", Version = "v1" }); + c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme + { + In = ParameterLocation.Header, + Description = "Please enter a valid token", + Name = "Authorization", + Type = SecuritySchemeType.Http, + BearerFormat = "JWT", + Scheme = "Bearer" + }); + c.AddSecurityRequirement(new OpenApiSecurityRequirement + { + { + new OpenApiSecurityScheme + { + Reference = new OpenApiReference + { + Type=ReferenceType.SecurityScheme, + Id="Bearer" + } + }, + new string[]{} + } + }); +}); builder.Services.AddControllersWithViews(); builder.Services.AddRazorPages(); @@ -10,19 +77,31 @@ var app = builder.Build(); // Configure the HTTP request pipeline. if (app.Environment.IsDevelopment()) { + app.UseWebAssemblyDebugging(); + app.UseSwagger(); + app.UseSwaggerUI(c => + { + c.SwaggerEndpoint("/swagger/v1/swagger.json", "MyBlazor v1"); + c.RoutePrefix = "api/docs"; + }); } else { + app.UseExceptionHandler("/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } - app.UseHttpsRedirection(); + app.UseBlazorFrameworkFiles(); app.UseStaticFiles(); app.UseRouting(); +app.UseCors("CorsPolicy"); + +app.UseAuthentication(); +app.UseAuthorization(); app.MapRazorPages(); app.MapControllers(); diff --git a/Server/appsettings.json b/Server/appsettings.json index 10f68b8..7860b5e 100644 --- a/Server/appsettings.json +++ b/Server/appsettings.json @@ -5,5 +5,13 @@ "Microsoft.AspNetCore": "Warning" } }, - "AllowedHosts": "*" -} + "ConnectionStrings": { + "Connection": "server=54.37.19.162;database=dev_biskilogclients;user=biskilog;password=mefbuk-6niFsu-fytrew" + }, + "AllowedHosts": "*", + "JWT": { + "Key": "@@BISKILOG2023DEV??//##$", + "Issuer": "AUTH SERVER", + "Audience": "BISKILOG" + } +} \ No newline at end of file diff --git a/Shared/Biskilog Accounting.Shared.csproj b/Shared/Biskilog Accounting.Shared.csproj index 34ee232..a747b67 100644 --- a/Shared/Biskilog Accounting.Shared.csproj +++ b/Shared/Biskilog Accounting.Shared.csproj @@ -15,7 +15,6 @@ - diff --git a/Shared/Interfaces/IAuthService.cs b/Shared/Interfaces/IAuthService.cs new file mode 100644 index 0000000..9d5b81f --- /dev/null +++ b/Shared/Interfaces/IAuthService.cs @@ -0,0 +1,25 @@ +using Biskilog_Accounting.Shared.ClientContractModels; + +namespace Biskilog_Accounting.Shared.Interfaces +{ + public interface IAuthService + { + /// + /// Prepares and returns the connection string for a client using the specified database id + /// + /// Specified database id to use + /// + string GetClientConnectionString(int a_databaseId); + /// + /// Authenticates user or client + /// + /// + /// + /// A tokenized string with relevant information on the authenticated user + Task AuthenticateClient(string a_username, string a_password); + Contract GetContract(int a_clientId, int a_businessId); + Databasemap GetClientDB(int a_clientId); + Siteaccesspermission GetSiteaccesspermission(int a_clientId); + Clientbusiness GetClientbusiness(int a_clientId); + } +} diff --git a/Shared/Interfaces/ITokenService.cs b/Shared/Interfaces/ITokenService.cs new file mode 100644 index 0000000..b4c03f2 --- /dev/null +++ b/Shared/Interfaces/ITokenService.cs @@ -0,0 +1,15 @@ +using Biskilog_Accounting.Shared.ClientContractModels; + + +namespace Biskilog_Accounting.Shared.Interfaces +{ + public interface ITokenService + { + bool ValidateToken(string a_token); + string GenerateToken(Userauth a_user, Contract a_clientContract, Databasemap a_database, Siteaccesspermission a_accessPermission); + int? GetRoleFromToken(string a_token); + int? GetUserIdFromToken(string a_token); + string? GetUserNameFromToken(string a_token); + + } +}