Commit e8959c8b authored by hasan khaddour's avatar hasan khaddour

add cors via option pattern

parent 24de3ed6
using Microsoft.AspNetCore.Builder;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace PSManagement.Api.Configurations
{
public static class BuilderConfigurations
{
#region Use Cors Configure
public static IApplicationBuilder UseMyCors(this IApplicationBuilder app)
{
app.UseCors("AllowHiast");
return app;
}
#endregion Use Cors Configure
}
}
......@@ -6,17 +6,18 @@ using System.Reflection;
using Microsoft.OpenApi.Models;
using System;
using AutoMapper;
using PSManagement.Api.Settings;
namespace PSManagement.Api.DI
{
public static class DependencyInjection
{
public static IServiceCollection AddAPI(this IServiceCollection services)
public static IServiceCollection AddAPI(this IServiceCollection services, IConfiguration configuration)
{
services
.AddApiSwagger()
.AddApiCors()
.AddApiCors(configuration)
.AddMyMiddlewares()
;
......@@ -61,25 +62,23 @@ namespace PSManagement.Api.DI
#endregion Api Docs Swagger
#region Cors
private static IServiceCollection AddApiCors(this IServiceCollection services)
private static IServiceCollection AddApiCors(this IServiceCollection services,IConfiguration configuration)
{
services.Configure<CorsSettings>(configuration.GetSection(CorsSettings.SectionName));
services.AddCors(options =>
{
CorsSettings corsSettings = configuration.GetSection(CorsSettings.SectionName).Get<CorsSettings>();
foreach (Policy policy in corsSettings.Policies) {
options.AddPolicy(policy.PolicyName,
builder => builder
.WithOrigins(policy.AllowedOrigins) // Add your frontend URL here
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials());
options.AddPolicy("AllowFrontend",
builder => builder
.WithOrigins("http://localhost:4200") // Add your frontend URL here
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials());
options.AddPolicy("AllowHiast",
builder => builder
.WithOrigins("**.hiast.edu.sy/") // Add your frontend URL here
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials());
}
});
......
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace PSManagement.Api.Settings
{
public class CorsSettings
{
public const string SectionName ="CorsSettings";
public Policy[] Policies { get; set; } = null!;
}
public class Policy
{
public string PolicyName { get; set; }
public string AllowedOrigins { get; set; }
}
}
......@@ -16,6 +16,8 @@ using PSManagement.Infrastructure.Persistence.DI;
using PSManagement.Api.DI;
using PSManagement.Presentation.DependencyInjection;
using PSManagement.Api.Middleware.ExceptionHandler;
using PSManagement.Api.Settings;
using PSManagement.Api.Configurations;
namespace PSManagement.Api
{
......@@ -34,7 +36,7 @@ namespace PSManagement.Api
{
// adding dependency injection
services
.AddAPI()
.AddAPI(Configuration)
.AddPresentation()
.AddApplication()
.AddPersistence(Configuration)
......@@ -59,7 +61,9 @@ namespace PSManagement.Api
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseCors("AllowFrontend");
app.UseMyCors();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
......@@ -67,5 +71,7 @@ namespace PSManagement.Api
endpoints.MapControllers();
});
}
}
}
......@@ -42,5 +42,20 @@
},
"FileServiceSettings": {
"AvailableExtension": [ ".png", ".pdf" ]
},
"CorsSettings": {
"Policies": [
{
"PolicyName": "AllowHiast",
"AllowedOrigins": "http://*.hiast.edu.sy/"
},
{
"PolicyName": "AllowFrontend",
"AllowedOrigins": "http://localhost:4200"
}
]
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment