src/Utilities/ServicesCollectionExtensions.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

using System;
using System.Security.Claims;
using IOL.Fagprove.Data;
using IOL.Fagprove.Data.Enums;
using IOL.Fagprove.Services;
using IOL.Fagprove.Services.Interfaces;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using StackExchange.Redis;

namespace IOL.Fagprove.Utilities
{
    public static class ServicesCollectionExtensions
    {
        public static void AddServices(this IServiceCollection services)
        {
            services.AddScoped<IUserService, UserService>();
            services.AddScoped<IAppReservationService, AppReservationService>();
        }

        public static void AddAppDbContext(this IServiceCollection services, IConfiguration config)
        {
            services.AddDbContext<AppDbContext>(options =>
            {
                options.UseMySql(config.GetConnectionString(),
                                 builder => builder.EnableRetryOnFailure(5, TimeSpan.FromSeconds(60), null));
#if DEBUG
                options.EnableSensitiveDataLogging();
#endif
            });
        }

        public static void AddDataProtectionWithRedis(this IServiceCollection services, IConfiguration config)
        {
            var accessKey = config.GetValue<string>("REDIS_KEY");
            if (!accessKey.IsPresent()) return;
            var redis = ConnectionMultiplexer.Connect(
                $"aredis.cache.net:6380,password={accessKey},ssl=True,abortConnect=False");
            services.AddDataProtection().PersistKeysToStackExchangeRedis(redis, "IOL.Fagprove.DataProtectionKeys");
        }

        public static void AddInternalUserPolicies(this IServiceCollection services)
        {
            services.Configure<AuthorizationOptions>(options =>
            {
                options.AddPolicy(UserRole.Administrator.ToString(), policy =>
                {
                    policy.RequireAuthenticatedUser();
                    policy.RequireClaim(ClaimTypes.Role, UserRole.Administrator.ToString());
                });
                options.AddPolicy(UserRole.Basic.ToString(), policy =>
                {
                    policy.RequireAuthenticatedUser();
                    policy.RequireClaim(ClaimTypes.Role, new string[] {UserRole.Basic.ToString()});
                });
            });
        }
    }
}