using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.HttpOverrides; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore.Diagnostics; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.IdentityModel.Tokens; using System.Text; using Timeline.Configs; using Timeline.Formatters; using Timeline.Models; using Timeline.Services; namespace Timeline { public class Startup { private const string corsPolicyName = "MyPolicy"; public Startup(IConfiguration configuration, IHostingEnvironment environment) { Environment = environment; Configuration = configuration; } public IHostingEnvironment Environment { get; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc(options => { options.InputFormatters.Add(new StringInputFormatter()); }).SetCompatibilityVersion(CompatibilityVersion.Version_2_2); services.AddCors(options => { options.AddPolicy(corsPolicyName, builder => { if (Environment.IsProduction()) builder.WithOrigins("https://www.crupest.xyz", "https://crupest.xyz").AllowAnyMethod().AllowAnyHeader().AllowCredentials(); else builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials(); }); }); services.Configure(Configuration.GetSection(nameof(JwtConfig))); var jwtConfig = Configuration.GetSection(nameof(JwtConfig)).Get(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(o => { o.TokenValidationParameters.ValidateIssuer = true; o.TokenValidationParameters.ValidateAudience = true; o.TokenValidationParameters.ValidateIssuerSigningKey = true; o.TokenValidationParameters.ValidateLifetime = true; o.TokenValidationParameters.ValidIssuer = jwtConfig.Issuer; o.TokenValidationParameters.ValidAudience = jwtConfig.Audience; o.TokenValidationParameters.IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtConfig.SigningKey)); }); services.AddScoped(); services.AddScoped(); services.AddTransient(); var databaseConfig = Configuration.GetSection(nameof(DatabaseConfig)).Get(); services.AddDbContext(options => { options.UseMySql(databaseConfig.ConnectionString) .ConfigureWarnings(warnings => { if (Environment.IsProduction()) warnings.Log(RelationalEventId.QueryClientEvaluationWarning); else warnings.Throw(RelationalEventId.QueryClientEvaluationWarning); }); }); services.AddHttpClient(); services.Configure(Configuration.GetSection(nameof(QCloudCosConfig))); services.AddSingleton(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app) { app.UseCors(corsPolicyName); app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }); app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller}/{action=Index}/{id?}"); }); } } }