admin/ShopSolution-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2770f48edc1a5c72babac409fe7e102fc2483e00
ShopSolution-backend/Webshop.Api/Program.cs
Tizian.Breuch 2770f48edc UseWebRoot
2025-08-08 16:14:34 +02:00

274 lines
12 KiB
C#
Raw Blame History

// --- Core Frameworks & Libraries ---
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Resend;
using System.Text;
using System.Text.Json.Serialization;
// --- Eigene Namespaces ---
using Webshop.Api.SwaggerFilters;
using Webshop.Application.Services.Admin;
using Webshop.Application.Services.Admin.Interfaces;
using Webshop.Application.Services.Auth;
using Webshop.Application.Services.Customers;
using Webshop.Application.Services.Customers.Interfaces;
using Webshop.Application.Services.Public;
using Webshop.Application.Services.Public.Interfaces;
using Webshop.Domain.Entities;
using Webshop.Domain.Identity;
using Webshop.Domain.Interfaces;
using Webshop.Infrastructure.Data;
using Webshop.Infrastructure.Repositories;
using Webshop.Infrastructure.Services;
var builder = WebApplication.CreateBuilder(args);
builder.WebHost.UseWebRoot("wwwroot");
// --- 1. Dependency Injection Konfiguration ---
// Datenbank-Kontext mit Split-Query-Verhalten für Performance-Optimierung
builder.Services.AddDbContext<ApplicationDbContext>(options =>
options.UseNpgsql(builder.Configuration.GetConnectionString("DefaultConnection"),
o => o.UseQuerySplittingBehavior(QuerySplittingBehavior.SplitQuery))
);
// ASP.NET Core Identity mit ApplicationUser
builder.Services.AddIdentity<ApplicationUser, IdentityRole>(options =>
{
// In Produktion auf 'true' setzen, für Entwicklung ist 'false' einfacher.
options.SignIn.RequireConfirmedEmail = false;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// Passwort-Anforderungen für die Entwicklung lockern
builder.Services.Configure<IdentityOptions>(options =>
{
options.Password.RequireDigit = false;
options.Password.RequiredLength = 6;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireUppercase = false;
options.Password.RequireLowercase = false;
});
// JWT-Authentifizierung
var jwtSettings = builder.Configuration.GetSection("JwtSettings");
var secretKey = jwtSettings["Secret"] ?? throw new InvalidOperationException("JWT Secret not found in configuration.");
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = jwtSettings["Issuer"],
ValidAudience = jwtSettings["Audience"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
};
});
builder.Services.AddAuthorization();
// Infrastruktur & Externe Dienste
builder.Services.AddHttpContextAccessor();
builder.Services.AddScoped<IFileStorageService, LocalFileStorageService>();
builder.Services.AddHttpClient<ResendClient>();
builder.Services.Configure<ResendClientOptions>(options =>
{
options.ApiToken = builder.Configuration["Resend:ApiToken"]!;
});
builder.Services.AddTransient<IResend, ResendClient>();
// Repositories
builder.Services.AddScoped<IProductRepository, ProductRepository>();
builder.Services.AddScoped<ISupplierRepository, SupplierRepository>();
builder.Services.AddScoped<ICustomerRepository, CustomerRepository>();
builder.Services.AddScoped<IPaymentMethodRepository, PaymentMethodRepository>();
builder.Services.AddScoped<ICategorieRepository, CategorieRepository>();
builder.Services.AddScoped<IOrderRepository, OrderRepository>();
builder.Services.AddScoped<IShippingMethodRepository, ShippingMethodRepository>();
builder.Services.AddScoped<IAddressRepository, AddressRepository>();
builder.Services.AddScoped<IDiscountRepository, DiscountRepository>();
builder.Services.AddScoped<IReviewRepository, ReviewRepository>();
builder.Services.AddScoped<ISettingRepository, SettingRepository>();
// Services
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddScoped<IProductService, ProductService>();
builder.Services.AddScoped<IPaymentMethodService, PaymentMethodService>();
builder.Services.AddScoped<ICategorieService, CategorieService>();
builder.Services.AddScoped<IAdminUserService, AdminUserService>();
builder.Services.AddScoped<IAdminProductService, AdminProductService>();
builder.Services.AddScoped<IAdminSupplierService, AdminSupplierService>();
builder.Services.AddScoped<IAdminPaymentMethodService, AdminPaymentMethodService>();
builder.Services.AddScoped<IAdminCategorieService, AdminCategorieService>();
builder.Services.AddScoped<IAdminOrderService, AdminOrderService>();
builder.Services.AddScoped<IAdminShippingMethodService, AdminShippingMethodService>();
builder.Services.AddScoped<IAdminDiscountService, AdminDiscountService>();
builder.Services.AddScoped<IAdminSettingService, AdminSettingService>();
builder.Services.AddScoped<ICustomerService, CustomerService>();
builder.Services.AddScoped<IOrderService, OrderService>();
builder.Services.AddScoped<IAddressService, AddressService>();
builder.Services.AddScoped<ICheckoutService, CheckoutService>();
builder.Services.AddScoped<IReviewService, ReviewService>();
// Controller und API-Infrastruktur
builder.Services.AddControllers()
.AddJsonOptions(options =>
{
options.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter());
});
builder.Services.AddEndpointsApiExplorer();
// Swagger / OpenAPI Konfiguration
builder.Services.AddSwaggerGen(c =>
{
c.TagActionsBy(api =>
{
var controllerName = api.ActionDescriptor.RouteValues["controller"];
if (controllerName == null) return new[] { "Default" };
var tag = controllerName.Replace("Admin", "").Replace("Controller", "");
if (api.RelativePath.StartsWith("api/v1/auth")) return new[] { "Auth" };
if (api.RelativePath.StartsWith("api/v1/admin")) return new[] { $"Admin - {tag}" };
if (api.RelativePath.StartsWith("api/v1/customer")) return new[] { $"Customer - {tag}" };
if (api.RelativePath.StartsWith("api/v1/public")) return new[] { $"Public - {tag}" };
return new[] { tag };
});
c.OrderActionsBy(apiDesc =>
{
var relativePath = apiDesc.RelativePath ?? "";
if (relativePath.StartsWith("api/v1/auth")) return "1";
if (relativePath.StartsWith("api/v1/public")) return "2";
if (relativePath.StartsWith("api/v1/customer")) return "3";
if (relativePath.StartsWith("api/v1/admin")) return "4";
return "5";
});
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "JWT Authorization header. Example: \"Authorization: Bearer {token}\"",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.Http,
Scheme = "Bearer"
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{ new OpenApiSecurityScheme { Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" } }, new string[] {} }
});
c.SchemaFilter<AddExampleSchemaFilter>();
c.OperationFilter<AuthorizeOperationFilter>();
c.OperationFilter<LoginExampleOperationFilter>();
c.OperationFilter<PaymentMethodExampleOperationFilter>();
c.OperationFilter<SupplierExampleOperationFilter>();
c.OperationFilter<ShippingMethodExampleOperationFilter>();
c.OperationFilter<AdminProductExampleOperationFilter>();
c.OperationFilter<CustomerAddressExampleOperationFilter>();
c.OperationFilter<CustomerOrderExampleOperationFilter>();
});
var app = builder.Build();
// --- 2. HTTP Request Pipeline Konfiguration ---
// Führe Datenbank-Migrationen und Initialisierungslogik beim Start aus
using (var scope = app.Services.CreateScope())
{
var services = scope.ServiceProvider;
try
{
var context = services.GetRequiredService<ApplicationDbContext>();
context.Database.Migrate();
// HINWEIS: Dieser Block sollte in der Produktion entfernt oder deaktiviert werden.
var roleManager = services.GetRequiredService<RoleManager<IdentityRole>>();
var userManager = services.GetRequiredService<UserManager<ApplicationUser>>();
string[] roleNames = { "Admin", "Customer" };
foreach (var roleName in roleNames)
{
if (!await roleManager.RoleExistsAsync(roleName))
{
await roleManager.CreateAsync(new IdentityRole(roleName));
}
}
var adminUser = await userManager.FindByEmailAsync("admin@yourwebshop.com");
if (adminUser == null)
{
adminUser = new ApplicationUser { UserName = "admin@yourwebshop.com", Email = "admin@yourwebshop.com", EmailConfirmed = true, CreatedDate = DateTimeOffset.UtcNow, LastActive = DateTimeOffset.UtcNow };
var createAdminResult = await userManager.CreateAsync(adminUser, "SecureAdminPass123!");
if (createAdminResult.Succeeded)
{
await userManager.AddToRoleAsync(adminUser, "Admin");
Console.WriteLine("INFO: Admin user created successfully.");
}
else { Console.WriteLine($"ERROR: Could not create admin user. Errors: {string.Join(", ", createAdminResult.Errors.Select(e => e.Description))}"); }
}
var customerUser = await userManager.FindByEmailAsync("customer@yourwebshop.com");
if (customerUser == null)
{
customerUser = new ApplicationUser { UserName = "customer@yourwebshop.com", Email = "customer@yourwebshop.com", EmailConfirmed = true, CreatedDate = DateTimeOffset.UtcNow, LastActive = DateTimeOffset.UtcNow };
var createCustomerResult = await userManager.CreateAsync(customerUser, "SecureCustomerPass12-3!");
if (createCustomerResult.Succeeded)
{
await userManager.AddToRoleAsync(customerUser, "Customer");
Console.WriteLine("INFO: Customer user created successfully.");
if (!await context.Customers.AnyAsync(c => c.AspNetUserId == customerUser.Id))
{
var customerProfile = new Customer { AspNetUserId = customerUser.Id, FirstName = "Test", LastName = "Kunde" };
context.Customers.Add(customerProfile);
await context.SaveChangesAsync();
Console.WriteLine("INFO: Customer profile created for new customer user.");
}
}
else { Console.WriteLine($"ERROR: Could not create customer user. Errors: {string.Join(", ", createCustomerResult.Errors.Select(e => e.Description))}"); }
}
}
catch (Exception ex)
{
var logger = services.GetRequiredService<ILogger<Program>>();
logger.LogError(ex, "FATAL: An error occurred during database migration or user initialization.");
}
}
// Middleware für Reverse-Proxies
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
// Statische Dateien aus wwwroot bereitstellen (z.B. /uploads/xyz.jpg)
app.UseStaticFiles();
// Swagger/SwaggerUI für API-Dokumentation aktivieren
//'if (app.Environment.IsDevelopment())
//{
app.UseSwagger();
app.UseSwaggerUI();
//}
// app.UseHttpsRedirection(); // Auskommentiert für Docker HTTP-Entwicklung
// WICHTIG: Die Reihenfolge ist entscheidend!
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
Reference in New Issue View Git Blame Copy Permalink