Jwt rough setup

2026-03-20 18:54:27 +00:00
parent 5271343a25
commit 2374574220
7 changed files with 81 additions and 36 deletions
--- a/Seasoned.Backend/Program.cs
+++ b/Seasoned.Backend/Program.cs
@@ -1,15 +1,42 @@
 using Seasoned.Backend.Services;
 using Microsoft.AspNetCore.HttpOverrides;
 using System.Text.Json;
+using System.Text;
 using Microsoft.EntityFrameworkCore;
 using Seasoned.Backend.Data;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
 using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
 using DotNetEnv;

 Env.Load("../.env");

 var builder = WebApplication.CreateBuilder(args);
+builder.Configuration.AddEnvironmentVariables();
+
+var jwtKey = builder.Configuration["Jwt:Key"] 
+             ?? throw new InvalidOperationException("JWT Key is missing from configuration!");
+
+var jwtIssuer = builder.Configuration["Jwt:Issuer"] ?? "SeasonedAPI";
+var jwtAudience = builder.Configuration["Jwt:Audience"] ?? "SeasonedFrontend";
+
+builder.Services.AddAuthentication(options => {
+    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+})
+
+.AddJwtBearer(options => {
+    options.TokenValidationParameters = new TokenValidationParameters {
+        ValidateIssuer = true,
+        ValidateAudience = true,
+        ValidateLifetime = true,
+        ValidateIssuerSigningKey = true,
+        ValidIssuer = jwtIssuer,
+        ValidAudience = jwtAudience,
+        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtKey))
+    };
+});

 builder.Services.AddScoped<IRecipeService, RecipeService>();

@@ -21,22 +48,8 @@ builder.Services.AddIdentityApiEndpoints<IdentityUser>( options => {
    options.Password.RequireLowercase = false;
    options.User.RequireUniqueEmail = true;
 })
-    .AddEntityFrameworkStores<ApplicationDbContext>();
-
-builder.Services.ConfigureApplicationCookie(options =>
-{
-    options.Cookie.Name = "Seasoned.Session";
-    options.Cookie.HttpOnly = true;
-    options.Cookie.SameSite = SameSiteMode.None;
-    options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
-    options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
-    options.SlidingExpiration = true; 
-    options.Events.OnRedirectToLogin = context =>
-    {
-        context.Response.StatusCode = StatusCodes.Status401Unauthorized;
-        return Task.CompletedTask;
-    };
-});    
+.AddEntityFrameworkStores<ApplicationDbContext>()
+.AddDefaultTokenProviders();

 builder.Services.AddAuthorization();

@@ -93,6 +106,11 @@ using (var scope = app.Services.CreateScope())
    }
 }

+app.UseForwardedHeaders(new ForwardedHeadersOptions
+{
+    ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
+});
+
 app.UseDefaultFiles();
 app.UseStaticFiles();
 app.UseCors("SeasonedOriginPolicy");