90 lines
2.9 KiB
C#
90 lines
2.9 KiB
C#
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using OBSBoardsWWW;
|
|
using System.Text;
|
|
|
|
var builder = WebApplication.CreateBuilder(args);
|
|
|
|
// Dodanie us³ug do kontenera, w tym sesji i uwierzytelniania JWT
|
|
builder.Services.AddControllersWithViews();
|
|
builder.Services.AddSession(options =>
|
|
{
|
|
options.IdleTimeout = TimeSpan.FromMinutes(30); // Czas trwania sesji
|
|
options.Cookie.HttpOnly = true; // Zabezpieczenie cookie
|
|
options.Cookie.IsEssential = true; // Konieczne dla RODO
|
|
});
|
|
|
|
builder.Services.AddHttpClient();
|
|
|
|
builder.Services.AddAuthentication(options =>
|
|
{
|
|
// Ustawienie domyœlnych schematów dla uwierzytelniania i autoryzacji
|
|
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
})
|
|
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
|
|
{
|
|
// Konfiguracja uwierzytelniania za pomoc¹ ciasteczek
|
|
options.LoginPath = "/Auth/Login"; // Œcie¿ka do logowania
|
|
options.AccessDeniedPath = "/Auth/AccessDenied";
|
|
})
|
|
.AddJwtBearer(options =>
|
|
{
|
|
options.Events = new JwtBearerEvents
|
|
{
|
|
//OnChallenge = context =>
|
|
//{
|
|
// // Przerwanie domyœlnej obs³ugi odpowiedzi 401, aby móc przekierowaæ na stronê logowania
|
|
// context.HandleResponse();
|
|
// context.Response.Redirect("/Auth/Login");
|
|
// return Task.CompletedTask;
|
|
//}
|
|
};
|
|
options.TokenValidationParameters = new TokenValidationParameters
|
|
{
|
|
ValidateIssuer = true,
|
|
ValidateAudience = true,
|
|
ValidIssuer = "https://api-url", // Zmieñ na swój Issuer API
|
|
ValidAudience = "https://api-url", // Zmieñ na swój Audience API
|
|
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("TwojSekretnyKlucz")) // Klucz JWT z API
|
|
};
|
|
});
|
|
|
|
builder.Services.ConfigureApplicationCookie(options =>
|
|
{
|
|
options.LoginPath = "/Auth/Login"; // Œcie¿ka do logowania
|
|
options.AccessDeniedPath = "/Auth/AccessDenied";
|
|
});
|
|
|
|
builder.Services.AddSession(options =>
|
|
{
|
|
options.IdleTimeout = TimeSpan.FromMinutes(30); // Czas trwania sesji
|
|
options.Cookie.HttpOnly = true;
|
|
options.Cookie.IsEssential = true; // RODO/GDPR
|
|
});
|
|
|
|
var app = builder.Build();
|
|
|
|
app.UseHttpsRedirection();
|
|
app.UseStaticFiles();
|
|
|
|
app.UseRouting();
|
|
app.UseSession(); // W³¹czenie obs³ugi sesji
|
|
app.UseMiddleware<JwtTokenMiddleware>();
|
|
app.UseAuthentication();
|
|
app.UseAuthorization();
|
|
|
|
app.MapControllerRoute(
|
|
name: "default",
|
|
pattern: "{controller=Home}/{action=Index}/{id?}");
|
|
|
|
//app.Use(async (context, next) =>
|
|
//{
|
|
//// await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
|
// await next();
|
|
//});
|
|
app.Run();
|