New project file, added Aspire, moved security

This commit is contained in:
James Wampler
2026-06-03 18:44:48 -07:00
parent 4c6df1f037
commit d3b36956e4
78 changed files with 2786 additions and 21210 deletions

File diff suppressed because it is too large Load Diff

0
dev-build.sh Executable file → Normal file
View File

View File

@@ -0,0 +1,13 @@
var builder = DistributedApplication.CreateBuilder(args);
var postgres = builder.AddPostgres("postgres")
.WithDataVolume("miccheck-pgdata")
.WithPgAdmin();
var miccheckDb = postgres.AddDatabase("miccheck");
builder.AddProject<Projects.MicCheck_Api>("api")
.WithReference(miccheckDb)
.WaitFor(miccheckDb);
builder.Build().Run();

View File

@@ -0,0 +1,19 @@
<Project Sdk="Aspire.AppHost.Sdk/13.4.0">
<ItemGroup>
<ProjectReference Include="..\api\MicCheck.Api\MicCheck.Api.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Aspire.Hosting.PostgreSQL" Version="13.4.0" />
</ItemGroup>
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>net10.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<UserSecretsId>d10a4485-2ac0-4ba7-bda5-8eb63e417567</UserSecretsId>
</PropertyGroup>
</Project>

View File

@@ -0,0 +1,29 @@
{
"$schema": "https://json.schemastore.org/launchsettings.json",
"profiles": {
"https": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "https://localhost:17244;http://localhost:15050",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development",
"DOTNET_ENVIRONMENT": "Development",
"ASPIRE_DASHBOARD_OTLP_ENDPOINT_URL": "https://localhost:21229",
"ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "https://localhost:22051"
}
},
"http": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "http://localhost:15050",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development",
"DOTNET_ENVIRONMENT": "Development",
"ASPIRE_DASHBOARD_OTLP_ENDPOINT_URL": "http://localhost:19033",
"ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "http://localhost:20209"
}
}
}
}

View File

@@ -0,0 +1,8 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
}
}

View File

@@ -0,0 +1,9 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning",
"Aspire.Hosting.Dcp": "Warning"
}
}
}

View File

@@ -0,0 +1,5 @@
{
"appHost": {
"path": "MicCheck.AppHost.csproj"
}
}

View File

@@ -0,0 +1,127 @@
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Diagnostics.HealthChecks;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Diagnostics.HealthChecks;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.ServiceDiscovery;
using OpenTelemetry;
using OpenTelemetry.Metrics;
using OpenTelemetry.Trace;
namespace Microsoft.Extensions.Hosting;
// Adds common Aspire services: service discovery, resilience, health checks, and OpenTelemetry.
// This project should be referenced by each service project in your solution.
// To learn more about using this project, see https://aka.ms/aspire/service-defaults
public static class Extensions
{
private const string HealthEndpointPath = "/health";
private const string AlivenessEndpointPath = "/alive";
public static TBuilder AddServiceDefaults<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
builder.ConfigureOpenTelemetry();
builder.AddDefaultHealthChecks();
builder.Services.AddServiceDiscovery();
builder.Services.ConfigureHttpClientDefaults(http =>
{
// Turn on resilience by default
http.AddStandardResilienceHandler();
// Turn on service discovery by default
http.AddServiceDiscovery();
});
// Uncomment the following to restrict the allowed schemes for service discovery.
// builder.Services.Configure<ServiceDiscoveryOptions>(options =>
// {
// options.AllowedSchemes = ["https"];
// });
return builder;
}
public static TBuilder ConfigureOpenTelemetry<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
builder.Logging.AddOpenTelemetry(logging =>
{
logging.IncludeFormattedMessage = true;
logging.IncludeScopes = true;
});
builder.Services.AddOpenTelemetry()
.WithMetrics(metrics =>
{
metrics.AddAspNetCoreInstrumentation()
.AddHttpClientInstrumentation()
.AddRuntimeInstrumentation();
})
.WithTracing(tracing =>
{
tracing.AddSource(builder.Environment.ApplicationName)
.AddAspNetCoreInstrumentation(tracing =>
// Exclude health check requests from tracing
tracing.Filter = context =>
!context.Request.Path.StartsWithSegments(HealthEndpointPath)
&& !context.Request.Path.StartsWithSegments(AlivenessEndpointPath)
)
// Uncomment the following line to enable gRPC instrumentation (requires the OpenTelemetry.Instrumentation.GrpcNetClient package)
//.AddGrpcClientInstrumentation()
.AddHttpClientInstrumentation();
});
builder.AddOpenTelemetryExporters();
return builder;
}
private static TBuilder AddOpenTelemetryExporters<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
var useOtlpExporter = !string.IsNullOrWhiteSpace(builder.Configuration["OTEL_EXPORTER_OTLP_ENDPOINT"]);
if (useOtlpExporter)
{
builder.Services.AddOpenTelemetry().UseOtlpExporter();
}
// Uncomment the following lines to enable the Azure Monitor exporter (requires the Azure.Monitor.OpenTelemetry.AspNetCore package)
//if (!string.IsNullOrEmpty(builder.Configuration["APPLICATIONINSIGHTS_CONNECTION_STRING"]))
//{
// builder.Services.AddOpenTelemetry()
// .UseAzureMonitor();
//}
return builder;
}
public static TBuilder AddDefaultHealthChecks<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
builder.Services.AddHealthChecks()
// Add a default liveness check to ensure app is responsive
.AddCheck("self", () => HealthCheckResult.Healthy(), ["live"]);
return builder;
}
public static WebApplication MapDefaultEndpoints(this WebApplication app)
{
// Adding health checks endpoints to applications in non-development environments has security implications.
// See https://aka.ms/aspire/healthchecks for details before enabling these endpoints in non-development environments.
if (app.Environment.IsDevelopment())
{
// All health checks must pass for app to be considered ready to accept traffic after starting
app.MapHealthChecks(HealthEndpointPath);
// Only health checks tagged with the "live" tag must pass for app to be considered alive
app.MapHealthChecks(AlivenessEndpointPath, new HealthCheckOptions
{
Predicate = r => r.Tags.Contains("live")
});
}
return app;
}
}

View File

@@ -0,0 +1,22 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net10.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<IsAspireSharedProject>true</IsAspireSharedProject>
</PropertyGroup>
<ItemGroup>
<FrameworkReference Include="Microsoft.AspNetCore.App" />
<PackageReference Include="Microsoft.Extensions.Http.Resilience" Version="10.6.0" />
<PackageReference Include="Microsoft.Extensions.ServiceDiscovery" Version="10.6.0" />
<PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.3" />
<PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.3" />
<PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.2" />
<PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.1" />
<PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.15.1" />
</ItemGroup>
</Project>

11
src/admin/Admin.esproj Normal file
View File

@@ -0,0 +1,11 @@
<Project Sdk="Microsoft.VisualStudio.JavaScript.Sdk/1.0.2752196">
<PropertyGroup>
<StartupCommand>npm run serve</StartupCommand>
<JavaScriptTestRoot>.\</JavaScriptTestRoot>
<JavaScriptTestFramework>Jest</JavaScriptTestFramework>
<!-- Allows the build (or compile) script located on package.json to run on Build -->
<ShouldRunBuildScript>false</ShouldRunBuildScript>
<!-- Folder where production build objects will be placed -->
<BuildOutputFolder>$(MSBuildProjectDirectory)\dist</BuildOutputFolder>
</PropertyGroup>
</Project>

File diff suppressed because it is too large Load Diff

View File

@@ -31,6 +31,7 @@
"@vue/test-utils": "^2.4.6",
"@vue/vue3-jest": "^29.2.6",
"babel-jest": "^29.7.0",
"eslint": "^10.4.1",
"jest": "^29.7.0",
"jest-environment-jsdom": "^29.7.0",
"sass": "^1.77.2",

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Common;
using MicCheck.Api.Environments;
using MicCheck.Api.Projects;

View File

@@ -1,8 +0,0 @@
using MicCheck.Api.Users;
namespace MicCheck.Api.Authorization;
public interface ITokenService
{
TokenResponse GenerateToken(User user);
}

View File

@@ -1,3 +0,0 @@
namespace MicCheck.Api.Authorization;
public record LogoutRequest(string Token);

View File

@@ -1,3 +0,0 @@
namespace MicCheck.Api.Authorization;
public record RefreshRequest(string Token);

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public class ApiKey
{

View File

@@ -1,6 +1,6 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public static class ApiKeyEndpoints
{

View File

@@ -1,7 +1,7 @@
using System.Security.Cryptography;
using System.Text;
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public static class ApiKeyHasher
{

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public record ApiKeyResponse(
int Id,

View File

@@ -1,7 +1,7 @@
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public class ApiKeyService(MicCheckDbContext db)
{

View File

@@ -1,3 +1,3 @@
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public record CreateApiKeyRequest(string Name, DateTimeOffset? ExpiresAt);

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.ApiKeys;
namespace MicCheck.Api.Common.Security.ApiKeys;
public record CreateApiKeyResponse(
int Id,

View File

@@ -1,18 +1,14 @@
using System.Security.Claims;
using System.Text.Encodings.Web;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Data;
using Microsoft.AspNetCore.Authentication;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Options;
namespace MicCheck.Api.Authentication;
namespace MicCheck.Api.Common.Security.Authentication;
public class ApiKeyAuthenticationHandler(
IOptionsMonitor<AuthenticationSchemeOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
MicCheckDbContext db)
public class ApiKeyAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, MicCheckDbContext db)
: AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
{
public const string SchemeName = "ApiKey";

View File

@@ -5,13 +5,9 @@ using Microsoft.AspNetCore.Authentication;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Options;
namespace MicCheck.Api.Authentication;
namespace MicCheck.Api.Common.Security.Authentication;
public class EnvironmentKeyAuthenticationHandler(
IOptionsMonitor<AuthenticationSchemeOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
MicCheckDbContext db)
public class EnvironmentKeyAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, MicCheckDbContext db)
: AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
{
public const string SchemeName = "EnvironmentKey";

View File

@@ -1,6 +1,6 @@
using Microsoft.AspNetCore.Mvc;
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public static class AuthEndpoints
{
@@ -8,10 +8,7 @@ public static class AuthEndpoints
{
var group = app.MapGroup("/api/v1/auth").AllowAnonymous().WithTags("Auth");
group.MapPost("/login", async (
[FromBody] LoginRequest request,
AuthService authService,
CancellationToken ct) =>
group.MapPost("/login", async ([FromBody] LoginRequest request, AuthService authService, CancellationToken ct) =>
{
if (string.IsNullOrWhiteSpace(request.Email) || string.IsNullOrWhiteSpace(request.Password))
return Results.BadRequest("Email and password are required.");
@@ -20,12 +17,10 @@ public static class AuthEndpoints
return response is null
? Results.Unauthorized()
: Results.Ok(response);
}).WithName("Login");
group.MapPost("/register", async (
[FromBody] RegisterRequest request,
AuthService authService,
CancellationToken ct) =>
group.MapPost("/register", async ([FromBody] RegisterRequest request, AuthService authService, CancellationToken ct) =>
{
if (string.IsNullOrWhiteSpace(request.Email) || string.IsNullOrWhiteSpace(request.Password))
return Results.BadRequest("Email and password are required.");
@@ -38,12 +33,10 @@ public static class AuthEndpoints
return response is null
? Results.Conflict("An account with this email already exists.")
: Results.Ok(response);
}).WithName("Register");
group.MapPost("/refresh", async (
[FromBody] RefreshRequest request,
AuthService authService,
CancellationToken ct) =>
group.MapPost("/refresh", async ([FromBody] RefreshRequest request, AuthService authService, CancellationToken ct) =>
{
if (string.IsNullOrWhiteSpace(request.Token))
return Results.BadRequest("Refresh token is required.");
@@ -52,15 +45,14 @@ public static class AuthEndpoints
return response is null
? Results.Unauthorized()
: Results.Ok(response);
}).WithName("RefreshToken");
group.MapPost("/logout", async (
[FromBody] LogoutRequest request,
AuthService authService,
CancellationToken ct) =>
group.MapPost("/logout", async ([FromBody] LogoutRequest request, AuthService authService, CancellationToken ct) =>
{
await authService.LogoutAsync(request.Token, ct);
return Results.NoContent();
}).WithName("Logout");
}
}

View File

@@ -5,7 +5,7 @@ using MicCheck.Api.Users;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public class AuthService(
MicCheckDbContext db,

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public static class AuthorizationPolicies
{

View File

@@ -1,3 +1,3 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public record LoginRequest(string Email, string Password);

View File

@@ -1,3 +1,3 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public record LoginResponse(string AccessToken, string RefreshToken, DateTime ExpiresAt);

View File

@@ -0,0 +1,3 @@
namespace MicCheck.Api.Common.Security.Authorization;
public record LogoutRequest(string Token);

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public enum ProjectPermission
{

View File

@@ -1,6 +1,6 @@
using Microsoft.AspNetCore.Authorization;
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public class ProjectPermissionRequirement : IAuthorizationRequirement
{

View File

@@ -4,7 +4,7 @@ using MicCheck.Api.Organizations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public class ProjectPermissionRequirementHandler(
MicCheckDbContext db,

View File

@@ -0,0 +1,3 @@
namespace MicCheck.Api.Common.Security.Authorization;
public record RefreshRequest(string Token);

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public record RegisterRequest(
string Email,

View File

@@ -1,3 +1,3 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public record TokenResponse(string Token, DateTime ExpiresAt);

View File

@@ -4,7 +4,7 @@ using System.Text;
using MicCheck.Api.Users;
using Microsoft.IdentityModel.Tokens;
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public class TokenService(IConfiguration configuration) : ITokenService
{
@@ -28,9 +28,7 @@ public class TokenService(IConfiguration configuration) : ITokenService
new(JwtRegisteredClaimNames.Email, user.Email),
new(JwtRegisteredClaimNames.GivenName, user.FirstName),
new(JwtRegisteredClaimNames.FamilyName, user.LastName),
new(JwtRegisteredClaimNames.Iat,
DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(),
ClaimValueTypes.Integer64),
new(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
new(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
};
@@ -50,3 +48,8 @@ public class TokenService(IConfiguration configuration) : ITokenService
return new TokenResponse(new JwtSecurityTokenHandler().WriteToken(token), expiresAt);
}
}
public interface ITokenService
{
TokenResponse GenerateToken(User user);
}

View File

@@ -1,4 +1,4 @@
namespace MicCheck.Api.Authorization;
namespace MicCheck.Api.Common.Security.Authorization;
public class UserProjectPermission
{

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Metadata.Builders;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Metadata.Builders;

View File

@@ -0,0 +1,24 @@
using Microsoft.EntityFrameworkCore;
namespace MicCheck.Api.Data;
public static class DatabaseStartupExtensions
{
public static async Task ApplyMigrationsAsync(this WebApplication app, CancellationToken ct = default)
{
using var scope = app.Services.CreateScope();
var db = scope.ServiceProvider.GetRequiredService<MicCheckDbContext>();
if (db.Database.ProviderName is null or "Microsoft.EntityFrameworkCore.InMemory")
return;
await db.Database.MigrateAsync(ct);
}
public static async Task SeedDevelopmentDataAsync(this WebApplication app, CancellationToken ct = default)
{
using var scope = app.Services.CreateScope();
var seeder = scope.ServiceProvider.GetRequiredService<DatabaseSeeder>();
await seeder.SeedAsync(ct);
}
}

View File

@@ -1,6 +1,6 @@
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Audit;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Features;
using MicCheck.Api.Identities;
using MicCheck.Api.Organizations;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Audit;
using MicCheck.Api.Data;
using MicCheck.Api.Features;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Common;
using MicCheck.Api.Webhooks;
using Microsoft.AspNetCore.Authorization;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Common;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -31,8 +31,7 @@ public class FeaturesController(FeatureService featureService) : ControllerBase
{
try
{
var feature = await featureService.CreateAsync(
projectId, request.Name, request.Type, request.InitialValue, request.Description, ct);
var feature = await featureService.CreateAsync(projectId, request.Name, request.Type, request.InitialValue, request.Description, ct);
return CreatedAtAction(nameof(GetById), new { projectId, id = feature.Id }, FeatureResponse.From(feature));
}

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.RateLimiting;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Features;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

View File

@@ -23,4 +23,8 @@
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.16.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\MicCheck.ServiceDefaults\MicCheck.ServiceDefaults.csproj" />
</ItemGroup>
</Project>

View File

@@ -1,4 +1,4 @@
// <auto-generated />
// <auto-generated />
using System;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
@@ -25,7 +25,7 @@ namespace MicCheck.Api.Migrations
NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@@ -118,7 +118,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("AuditLogs");
});
modelBuilder.Entity("MicCheck.Api.Authorization.UserProjectPermission", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.Authorization.UserProjectPermission", b =>
{
b.Property<int>("UserId")
.HasColumnType("integer");
@@ -694,7 +694,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("WebhookDeliveryLogs");
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.HasOne("MicCheck.Api.Organizations.Organization", null)
.WithMany("ApiKeys")

View File

@@ -1,4 +1,4 @@
// <auto-generated />
// <auto-generated />
using System;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
@@ -25,7 +25,7 @@ namespace MicCheck.Api.Migrations
NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@@ -118,7 +118,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("AuditLogs");
});
modelBuilder.Entity("MicCheck.Api.Authorization.UserProjectPermission", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.Authorization.UserProjectPermission", b =>
{
b.Property<int>("UserId")
.HasColumnType("integer");
@@ -697,7 +697,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("WebhookDeliveryLogs");
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.HasOne("MicCheck.Api.Organizations.Organization", null)
.WithMany("ApiKeys")

View File

@@ -1,4 +1,4 @@
// <auto-generated />
// <auto-generated />
using System;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
@@ -40,7 +40,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("FeatureTags");
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@@ -133,7 +133,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("AuditLogs");
});
modelBuilder.Entity("MicCheck.Api.Authorization.UserProjectPermission", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.Authorization.UserProjectPermission", b =>
{
b.Property<int>("UserId")
.HasColumnType("integer");
@@ -727,7 +727,7 @@ namespace MicCheck.Api.Migrations
.IsRequired();
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.HasOne("MicCheck.Api.Organizations.Organization", null)
.WithMany("ApiKeys")

View File

@@ -1,4 +1,4 @@
// <auto-generated />
// <auto-generated />
using System;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
@@ -40,7 +40,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("FeatureTags");
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@@ -133,7 +133,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("AuditLogs");
});
modelBuilder.Entity("MicCheck.Api.Authorization.UserProjectPermission", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.Authorization.UserProjectPermission", b =>
{
b.Property<int>("UserId")
.HasColumnType("integer");
@@ -727,7 +727,7 @@ namespace MicCheck.Api.Migrations
.IsRequired();
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.HasOne("MicCheck.Api.Organizations.Organization", null)
.WithMany("ApiKeys")

View File

@@ -1,4 +1,4 @@
// <auto-generated />
// <auto-generated />
using System;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
@@ -40,7 +40,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("FeatureTags");
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@@ -133,7 +133,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("AuditLogs");
});
modelBuilder.Entity("MicCheck.Api.Authorization.UserProjectPermission", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.Authorization.UserProjectPermission", b =>
{
b.Property<int>("UserId")
.HasColumnType("integer");
@@ -735,7 +735,7 @@ namespace MicCheck.Api.Migrations
.IsRequired();
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.HasOne("MicCheck.Api.Organizations.Organization", null)
.WithMany("ApiKeys")

View File

@@ -1,4 +1,4 @@
// <auto-generated />
// <auto-generated />
using System;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;
@@ -37,7 +37,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("FeatureTags");
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@@ -130,7 +130,7 @@ namespace MicCheck.Api.Migrations
b.ToTable("AuditLogs");
});
modelBuilder.Entity("MicCheck.Api.Authorization.UserProjectPermission", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.Authorization.UserProjectPermission", b =>
{
b.Property<int>("UserId")
.HasColumnType("integer");
@@ -732,7 +732,7 @@ namespace MicCheck.Api.Migrations
.IsRequired();
});
modelBuilder.Entity("MicCheck.Api.ApiKeys.ApiKey", b =>
modelBuilder.Entity("MicCheck.Api.Common.Security.ApiKeys.ApiKey", b =>
{
b.HasOne("MicCheck.Api.Organizations.Organization", null)
.WithMany("ApiKeys")

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Projects;
namespace MicCheck.Api.Organizations;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Common;
using MicCheck.Api.Webhooks;
using Microsoft.AspNetCore.Authorization;

View File

@@ -2,10 +2,10 @@ using System.Text;
using System.Threading.RateLimiting;
using FluentValidation;
using FluentValidation.AspNetCore;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Audit;
using MicCheck.Api.Authentication;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authentication;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Data;
using MicCheck.Api.Environments;
using MicCheck.Api.Features;
@@ -34,6 +34,8 @@ try
{
var builder = WebApplication.CreateBuilder(args);
builder.AddServiceDefaults();
builder.Host.UseSerilog((context, services, config) =>
config.ReadFrom.Configuration(context.Configuration)
.ReadFrom.Services(services)
@@ -139,21 +141,17 @@ try
builder.Services.AddHttpClient("Webhooks", client =>
client.DefaultRequestHeaders.Add("User-Agent", "MicCheck-Webhook/1.0"));
var connectionString = System.Environment.GetEnvironmentVariable("DATABASE_URL") is { } databaseUrl
? DatabaseUrlParser.ToNpgsqlConnectionString(databaseUrl)
: builder.Configuration.GetConnectionString("DefaultConnection")!;
var connectionString = builder.Configuration.GetConnectionString("miccheck")
?? (System.Environment.GetEnvironmentVariable("DATABASE_URL") is { } databaseUrl
? DatabaseUrlParser.ToNpgsqlConnectionString(databaseUrl)
: builder.Configuration.GetConnectionString("DefaultConnection")!);
builder.Services.AddDbContext<MicCheckDbContext>(options =>
options.UseNpgsql(connectionString));
var app = builder.Build();
// Apply any pending EF Core migrations on startup (safe to run on every boot)
using (var migrationScope = app.Services.CreateScope())
{
var db = migrationScope.ServiceProvider.GetRequiredService<MicCheckDbContext>();
await db.Database.MigrateAsync();
}
await app.ApplyMigrationsAsync();
if (app.Environment.IsDevelopment())
{
@@ -161,9 +159,7 @@ try
app.MapScalarApiReference();
app.MapGet("/", () => Results.Redirect("/scalar/v1")).ExcludeFromDescription();
using var scope = app.Services.CreateScope();
var seeder = scope.ServiceProvider.GetRequiredService<DatabaseSeeder>();
await seeder.SeedAsync();
await app.SeedDevelopmentDataAsync();
}
app.UseSerilogRequestLogging();
@@ -171,6 +167,7 @@ try
app.UseAuthentication();
app.UseAuthorization();
app.MapDefaultEndpoints();
app.MapControllers();
app.MapAuthEndpoints();
app.MapApiKeyEndpoints();

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
namespace MicCheck.Api.Projects;

View File

@@ -1,5 +1,5 @@
using MicCheck.Api.Audit;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Data;
using Microsoft.EntityFrameworkCore;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Common;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -79,7 +79,7 @@ public class ProjectsController(ProjectService projectService) : ControllerBase
if (project is null) return NotFound();
var permissions = request.Permissions
.Select(p => Enum.Parse<Authorization.ProjectPermission>(p, ignoreCase: true))
.Select(p => Enum.Parse<ProjectPermission>(p, ignoreCase: true))
.ToList();
var perm = await projectService.SetUserPermissionsAsync(id, request.UserId, request.IsAdmin, permissions, ct);
@@ -94,7 +94,7 @@ public class ProjectsController(ProjectService projectService) : ControllerBase
if (project is null) return NotFound();
var permissions = request.Permissions
.Select(p => Enum.Parse<Authorization.ProjectPermission>(p, ignoreCase: true))
.Select(p => Enum.Parse<ProjectPermission>(p, ignoreCase: true))
.ToList();
var perm = await projectService.SetUserPermissionsAsync(id, userId, request.IsAdmin, permissions, ct);

View File

@@ -1,5 +1,5 @@
using FluentValidation;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
namespace MicCheck.Api.Projects;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Common;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

View File

@@ -1,4 +1,4 @@
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.RateLimiting;

View File

@@ -1,6 +1,6 @@
using System.Net;
using System.Net.Http.Json;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Data;
using MicCheck.Api.Features;
using MicCheck.Api.Organizations;

View File

@@ -1,7 +1,7 @@
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Unit.ApiKeys;
namespace MicCheck.Api.Tests.Unit.Common.Security.ApiKeys;
[TestFixture]
public class ApiKeyHasherTests

View File

@@ -1,7 +1,7 @@
using NUnit.Framework;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
namespace MicCheck.Api.Tests.Unit.ApiKeys;
namespace MicCheck.Api.Tests.Unit.Common.Security.ApiKeys;
[TestFixture]
public class ApiKeyTests

View File

@@ -1,11 +1,11 @@
using System.Net;
using System.Net.Http.Headers;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Data;
using Microsoft.Extensions.DependencyInjection;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Unit.Authentication;
namespace MicCheck.Api.Tests.Unit.Common.Security.Authentication;
[TestFixture]
public class ApiKeyAuthenticationHandlerTests

View File

@@ -1,9 +1,9 @@
using System.Net;
using System.Net.Http.Json;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Unit.Authorization;
namespace MicCheck.Api.Tests.Unit.Common.Security.Authorization;
[TestFixture]
public class AuthEndpointsTests

View File

@@ -1,6 +1,6 @@
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Data;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
@@ -8,7 +8,7 @@ using Microsoft.EntityFrameworkCore;
using Moq;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Unit.Authorization;
namespace MicCheck.Api.Tests.Unit.Common.Security.Authorization;
[TestFixture]
public class ProjectPermissionRequirementHandlerTests

View File

@@ -1,11 +1,11 @@
using System.IdentityModel.Tokens.Jwt;
using MicCheck.Api.Authorization;
using MicCheck.Api.Common.Security.Authorization;
using MicCheck.Api.Organizations;
using MicCheck.Api.Users;
using Microsoft.Extensions.Configuration;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Unit.Authorization;
namespace MicCheck.Api.Tests.Unit.Common.Security.Authorization;
[TestFixture]
public class TokenServiceTests

View File

@@ -7,7 +7,7 @@ using MicCheck.Api.Segments;
using MicCheck.Api.Identities;
using MicCheck.Api.Audit;
using MicCheck.Api.Webhooks;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Users;
using Microsoft.EntityFrameworkCore;
using AppEnvironment = MicCheck.Api.Environments.Environment;

View File

@@ -1,5 +1,5 @@
using NUnit.Framework;
using MicCheck.Api.ApiKeys;
using MicCheck.Api.Common.Security.ApiKeys;
using MicCheck.Api.Organizations;
using MicCheck.Api.Projects;