Compare commits

5 Commits
main ... dev

Author SHA1 Message Date
724b1d4dae Add JWT authentication.
Add: JWT authentication in Web API. Related configuration and services are added.
2025-07-10 20:08:48 +08:00
7cce413f79 Add configuration type binding and implement database connection, disable NativeAOT.
Add: binding setting file items to `AppSettings` class so to provide DI access as `IOptions<OptixServeSettings>`.

Add: EF Core and DbContext to access database in services. This results in disabling NativeAOT due to poor supports for *pre-compiled query*, however many design are optimized for AOT for later re-adoption.

Add: `DesignTimeDbContextFactory` to support EF Core migrations in NativeAOT. (Kept for re-enabling AOT.)

Add: `DbInitializer` for ensuring database connecting in startup.

Add: `ConfigurationHelper.CreateDefaultBuilder()` to read configuration files in default locations. Note this method is currently ONLY used by `DesignTimeDbContextFactory`. Refactor is expected.

Add: `CommonErrorDto` for simple error message.

Add: `VersionEndpoint` ONLY for debugging and testing purpose. Verylikely to be removed in the future.

Other: many utilities and fixes easy to understand.

Note: EF Core migrations are excluded in the early development. Not expected to be added in version control before v1.0 beta.
2025-07-09 12:17:25 +08:00
6fd6c9f20d Enable API versioning with route group.
Fix: the API routing is now versioned with prefix `api/v1`, aligned to OpenAPI specifications.
2025-07-07 16:16:58 +08:00
dd5d556963 Implement endpoints in more flexible way.
Fix: re-implement `UserEndpoint` as static style which works best with minimal API, simplify the DI framework.

Fix: remove no needed service register in main program.
2025-07-07 16:01:39 +08:00
39b28386ae Implement endpoints with Services Dependency Injection.
**Note: This implementation is not in minimalAPI way and not optimized, expected to be changed soon.**

Add: `UserService` and its interface `IUserService`.

Fix: `UserEndpoint` is now in instance class style with DI to work.

Fix: change main program to work with above design.
2025-07-07 15:54:44 +08:00
17 changed files with 452 additions and 42 deletions

View File

@ -0,0 +1,34 @@
namespace OptixServe.Api.Configuration;
public record OptixServeSettings
{
public ApiSettings? Api { get; set; } = new();
public DatabaseSettings? Database { get; set; } = new();
public JwtSettings? Jwt { get; set; } = new();
}
public record ApiSettings
{
public string? Listen { get; set; } = "127.0.0.1";
public int? Port { get; set; } = 10086;
}
public record JwtSettings
{
public string Secret { get; set; } = string.Empty;
public string Issuer { get; set; } = "OptixServe";
public string Audience { get; set; } = "OptixServeUsers";
public int TokenExpirationMinutes { get; set; } = 60;
}
public enum DatabaseType
{
Sqlite,
MySQL
}
public record DatabaseSettings
{
public DatabaseType Type { get; set; } = DatabaseType.Sqlite;
public string? Host { get; set; }
}

View File

@ -0,0 +1,27 @@
using System;
namespace OptixServe.Api.Configuration;
public static class ConfigurationHelper
{
public static IConfigurationBuilder CreateDefaultBuilder()
{
var aspEnv = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
var netEnv = Environment.GetEnvironmentVariable("DOTNET_ENVIRONMENT");
// Console.WriteLine($"ASPNETCORE_ENVIRONMENT: {aspEnv}, DOTNET_ENVIRONMENT: {netEnv}");
var env = aspEnv ?? netEnv ?? null;
var builder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: true)
.AddJsonFile("config.json", optional: true);
if (env != null)
{
builder.AddJsonFile($"appsettings.{env}.json", optional: true)
.AddJsonFile($"config.{env}.json", optional: true);
}
return builder;
}
}

View File

@ -0,0 +1,12 @@
namespace OptixServe.Api.Dtos;
public record LoginRequestDto
{
public string? UserName { get; set; }
public string? Password { get; set; }
}
public record LoginResponseDto
{
public string? Token { get; set; }
}

View File

@ -0,0 +1,6 @@
namespace OptixServe.Api.Dtos;
public record CommonErrorDto
{
public string? Message { get; set; }
}

View File

@ -1,32 +1,61 @@
using System.Text.Json.Serialization;
using OptixServe.Core.Services;
using OptixServe.Api.Dtos;
using OptixServe.Api.Services;
using Microsoft.AspNetCore.Authorization;
namespace OptixServe.Api.Endpoints;
[JsonSerializable(typeof(UserDto))]
[JsonSerializable(typeof(IEnumerable<UserDto>))]
[JsonSerializable(typeof(LoginRequestDto))]
[JsonSerializable(typeof(LoginResponseDto))] // For returning the token string
public partial class UserJsonContext : JsonSerializerContext { }
public static class UserEndpoint
{
public static IEnumerable<UserDto> GetUsers()
public static void Register(RouteGroupBuilder parentGroup)
{
return [
new() {Id="1234", UserName = "xxx"},
new() {Id="5678", UserName = "yyy"},
];
var group = parentGroup.MapGroup("/users");
group.MapPost("/login", LoginUser);
group.MapGet("/", GetAllUsers).RequireAuthorization();
group.MapGet("/{id}", GetUserById).RequireAuthorization();
}
public static void Register(WebApplication app)
public static IResult LoginUser(LoginRequestDto loginRequest, IUserService userService, ITokenService tokenService)
{
var group = app.MapGroup("/users");
if (string.IsNullOrEmpty(loginRequest.UserName) || string.IsNullOrEmpty(loginRequest.Password))
{
return Results.BadRequest("Username and password are required.");
}
group.MapGet("/", GetAllUsers);
// Password hashing and salting will be implemented later.
var user = userService.GetUserByUsername(loginRequest.UserName);
if (user == null || user.Password != loginRequest.Password)
{
return Results.Unauthorized();
}
var token = tokenService.GenerateToken(user);
return Results.Ok(new LoginResponseDto { Token = token });
}
public static IResult GetAllUsers()
public static IResult GetAllUsers(IUserService userService)
{
return Results.Ok(GetUsers());
var users = userService.GetUsers()
.Select(u => new UserDto { Id = u.Id, UserName = u.UserName });
return Results.Ok(users);
}
}
public static IResult GetUserById(string id, IUserService userService)
{
var user = userService.GetUserById(id);
if (user == null)
return Results.NotFound();
return Results.Ok(new UserDto { Id = user.Id, UserName = user.UserName });
}
}

View File

@ -0,0 +1,35 @@
using System.Text.Json.Serialization;
using Microsoft.Extensions.Options;
using OptixServe.Api.Configuration;
using OptixServe.Api.Dtos;
namespace OptixServe.Api.Endpoints;
[JsonSerializable(typeof(string))]
[JsonSerializable(typeof(CommonErrorDto))]
public partial class VersionJsonContext : JsonSerializerContext { }
/// <summary>
/// This is a endpoint ONLY FOR TEST!
/// Should not expect ANY stable behavior on it!
/// </summary>
public static class VersionEndpoint
{
public static void Register(RouteGroupBuilder parentGroup)
{
var group = parentGroup.MapGroup("/version");
group.MapGet("/", () => "v1");
group.MapGet("/test/dbconfig", (IOptions<OptixServeSettings> appSettings) =>
{
var dbType = appSettings.Value.Database?.Type;
var dbHost = appSettings.Value.Database?.Host;
return Results.Ok(new CommonErrorDto
{
Message = $"Set up {dbType} database on {dbHost}"
});
});
}
}

View File

@ -1,11 +1,17 @@
<Project Sdk="Microsoft.NET.Sdk.Web">
<ItemGroup>
<ProjectReference Include="..\OptixServe.Core\OptixServe.Core.csproj" />
<ItemGroup>
<ProjectReference Include="..\OptixServe.Core\OptixServe.Core.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="System.CommandLine" Version="2.0.0-beta5.25306.1" />
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.6" />
<PackageReference Include="System.CommandLine" Version="2.0.0-beta5.25306.1" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.6">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</PackageReference>
<PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="9.0.6" />
</ItemGroup>
<PropertyGroup>
@ -13,7 +19,7 @@
<Nullable>enable</Nullable>
<ImplicitUsings>enable</ImplicitUsings>
<InvariantGlobalization>true</InvariantGlobalization>
<PublishAot>true</PublishAot>
<PublishAot>false</PublishAot>
</PropertyGroup>
</Project>

View File

@ -1,5 +1,13 @@
using System.CommandLine;
using System.Text;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using OptixServe.Api.Configuration;
using OptixServe.Api.Endpoints;
using OptixServe.Api.Services;
using OptixServe.Core.Data;
using OptixServe.Core.Services;
using OptixServe.Api.Utilites;
class Program
{
@ -41,10 +49,22 @@ class Program
var configFile = parseResult.GetValue(configOption);
builder.AddConfigurationWithCommand(configFile);
builder.RegisterServices();
builder.RegiserJsonContext();
var app = builder.Build();
app.RegisterEndpoints();
app.UseAuthentication();
app.UseAuthorization();
using (var scope = app.Services.CreateScope())
{
var initializer = scope.ServiceProvider.GetRequiredService<DbInitializer>();
initializer.Initialize();
}
var apiGroup = app.MapGroup("api/v1");
StartupHelper.RegisterEndpoints(apiGroup);
app.Run();
});
@ -59,29 +79,8 @@ class Program
/// <summary>
/// Contains extension methods for WebApplicationBuilder and WebApplication
/// </summary>
static class ExtensionMethods
static class StartupHelper
{
/// <summary>
/// Registers all API endpoints
/// </summary>
/// <param name="app">WebApplication instance</param>
public static void RegisterEndpoints(this WebApplication app)
{
UserEndpoint.Register(app);
}
/// <summary>
/// Configures JSON serialization options with custom context
/// </summary>
/// <param name="builder">WebApplicationBuilder instance</param>
public static void RegiserJsonContext(this WebApplicationBuilder builder)
{
builder.Services.ConfigureHttpJsonOptions(options =>
{
options.SerializerOptions.TypeInfoResolverChain.Add(UserJsonContext.Default);
});
}
/// <summary>
/// Adds configuration sources to the application builder
/// </summary>
@ -105,4 +104,78 @@ static class ExtensionMethods
builder.Configuration.AddConfiguration(configurationBuilder.Build());
}
/// <summary>
/// Configures DbContext services
/// </summary>
/// <param name="services"></param>
/// <param name="configuration"></param>
/// <returns></returns>
public static IServiceCollection AddAppDatabase(this IServiceCollection services, DatabaseSettings dbSettings)
{
services.AddDbContext<AppDbContext>(options => DatabaseHelper.ConfigureDbContext(options, dbSettings));
return services;
}
/// <summary>
/// Configures services for DI
/// </summary>
/// <param name="builder">WebApplicationBuilder instance</param>
public static void RegisterServices(this WebApplicationBuilder builder)
{
// Add configuration class
var optixSettigns = builder.Configuration.GetSection("OptixServe");
var onConfigSettings = optixSettigns.Get<OptixServeSettings>();
builder.Services.Configure<OptixServeSettings>(optixSettigns);
// Add DBContext class
builder.Services.AddAppDatabase(onConfigSettings?.Database!);
builder.Services.AddScoped<DbInitializer>();
// Application services
builder.Services.AddScoped<IUserService, UserService>();
builder.Services.AddScoped<ITokenService, TokenService>();
// Add Authentication and Authorization
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
var jwtSettings = onConfigSettings?.Jwt ?? throw new ArgumentNullException(nameof(builder), "JWT settings are not configured.");
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = jwtSettings.Issuer,
ValidAudience = jwtSettings.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.Secret))
};
});
builder.Services.AddAuthorization();
}
/// <summary>
/// Configures JSON serialization options with custom context
/// </summary>
/// <param name="builder">WebApplicationBuilder instance</param>
public static void RegiserJsonContext(this WebApplicationBuilder builder)
{
builder.Services.ConfigureHttpJsonOptions(options =>
{
options.SerializerOptions.TypeInfoResolverChain.Add(UserJsonContext.Default);
options.SerializerOptions.TypeInfoResolverChain.Add(VersionJsonContext.Default);
});
}
/// <summary>
/// Registers all API endpoints
/// </summary>
/// <param name="rootGroup">Root RouteGroupBuilder instance</param>
public static void RegisterEndpoints(RouteGroupBuilder rootGroup)
{
UserEndpoint.Register(rootGroup);
VersionEndpoint.Register(rootGroup);
}
}

View File

@ -0,0 +1,44 @@
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using OptixServe.Api.Configuration;
using OptixServe.Core.Models;
namespace OptixServe.Api.Services;
public interface ITokenService
{
public string GenerateToken(User user);
}
public class TokenService(IOptions<OptixServeSettings> optixServeSettings) : ITokenService
{
private readonly JwtSettings _jwtSettings = optixServeSettings.Value.Jwt ?? throw new ArgumentNullException(nameof(optixServeSettings), "JWT settings are not configured.");
public string GenerateToken(User user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_jwtSettings.Secret);
var claims = new List<Claim>
{
new (ClaimTypes.NameIdentifier, user.Id.ToString()),
new (ClaimTypes.Name, user.UserName)
// Add roles if applicable: new Claim(ClaimTypes.Role, user.Role)
};
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.UtcNow.AddMinutes(_jwtSettings.TokenExpirationMinutes),
Issuer = _jwtSettings.Issuer,
Audience = _jwtSettings.Audience,
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
}

View File

@ -0,0 +1,34 @@
using Microsoft.EntityFrameworkCore;
using OptixServe.Api.Configuration;
using OptixServe.Core.Data;
namespace OptixServe.Api.Utilites;
public static class DatabaseHelper
{
public static string BuildConnectionString(DatabaseSettings dbSettings)
{
return dbSettings.Type switch
{
DatabaseType.Sqlite => $"Data Source={dbSettings.Host ?? "optixserve.db"}",
DatabaseType.MySQL => throw new NotSupportedException("MySQL connection is not yet implemented"),
_ => throw new NotSupportedException($"Database type {dbSettings.Type} is not supported")
};
}
public static void ConfigureDbContext(DbContextOptionsBuilder options, DatabaseSettings dbSettings)
{
if (dbSettings?.Type == DatabaseType.Sqlite)
{
var dbPath = dbSettings.Host ?? "optixserve.db";
var connectionString = $"Data Source={dbPath}";
options.UseSqlite(connectionString, b => b.MigrationsAssembly("OptixServe.Api"));
}
else
{
throw new NotImplementedException("Only SQLite database is currently supported");
}
}
}

View File

@ -0,0 +1,20 @@
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Design;
using OptixServe.Api.Configuration;
using OptixServe.Core.Data;
namespace OptixServe.Api.Utilites;
public class DesignTimeDbContextFactory : IDesignTimeDbContextFactory<AppDbContext>
{
public AppDbContext CreateDbContext(string[] args)
{
var configuration = ConfigurationHelper.CreateDefaultBuilder().Build();
var dbSettings = configuration.GetSection("OptixServe:Database").Get<DatabaseSettings>()!;
var optionsBuilder = new DbContextOptionsBuilder<AppDbContext>();
DatabaseHelper.ConfigureDbContext(optionsBuilder, dbSettings);
return new AppDbContext(optionsBuilder.Options);
}
}

View File

@ -5,5 +5,21 @@
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*"
}
"AllowedHosts": "*",
"OptixServe": {
"Api": {
"Listen": "0.0.0.0",
"Port": "54321"
},
"Database": {
"Type": "Sqlite",
"Host": "optixserve.db"
},
"Jwt": {
"Secret": "YOUR_SECRET_KEY_HERE_DO_NOT_SHARE_THIS_AND_MAKE_IT_LONG_ENOUGH",
"Issuer": "OptixServe",
"Audience": "OptixServeUsers",
"TokenExpirationMinutes": 60
}
}
}

View File

@ -0,0 +1,21 @@
using Microsoft.EntityFrameworkCore;
using OptixServe.Core.Models;
namespace OptixServe.Core.Data;
public class AppDbContext(DbContextOptions options) : DbContext(options)
{
public DbSet<User> Users { get; set; } = null!;
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
modelBuilder.Entity<User>(user =>
{
user.HasKey(u => u.Id);
});
modelBuilder.Entity<User>().HasData([
new() {Id = "1", UserName = "admin", Password = "admin12345"}
]);
}
}

View File

@ -0,0 +1,11 @@
namespace OptixServe.Core.Data;
public class DbInitializer(AppDbContext dbContext)
{
private readonly AppDbContext _context = dbContext;
public void Initialize()
{
_context.Database.EnsureCreated();
}
}

View File

@ -1,8 +1,15 @@
namespace OptixServe.Core.Models;
public enum PrivilegeGroup
{
Admin,
User,
}
public record User
{
public required string Id { get; set; }
public required string UserName { get; set; }
public required string Password { get; set; }
public string? Password { get; set; }
public PrivilegeGroup PrivilegeGroup { get; set; } = PrivilegeGroup.User;
}

View File

@ -6,4 +6,8 @@
<Nullable>enable</Nullable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.6" />
</ItemGroup>
</Project>

View File

@ -0,0 +1,31 @@
using OptixServe.Core.Data;
using OptixServe.Core.Models;
namespace OptixServe.Core.Services;
public interface IUserService
{
IEnumerable<User> GetUsers();
User? GetUserById(string id);
User? GetUserByUsername(string username);
}
public class UserService(AppDbContext dbContext) : IUserService
{
private readonly AppDbContext _dbContext = dbContext;
public User? GetUserById(string id)
{
return _dbContext.Users.FirstOrDefault(u => u.Id == id);
}
public User? GetUserByUsername(string username)
{
return _dbContext.Users.FirstOrDefault(u => u.UserName == username);
}
public IEnumerable<User> GetUsers()
{
return _dbContext.Users.AsEnumerable();
}
}