Skip to content

Commit

Permalink
feat(templates): improve Boilerplate forwarded headers middleware con…
Browse files Browse the repository at this point in the history 
…figuration #9393 (#9394)
  • Loading branch information
@ysmoradi
ysmoradi authored Dec 5, 2024
1 parent a4863be commit 2c5ea07
Show file tree
Hide file tree
Showing 8 changed files with 40 additions and 50 deletions.
32 changes: 10 additions & 22 deletions .github/workflows/admin-sample.cd.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@
# Project templates come equipped with CI/CD for both Azure DevOps and GitHub, providing you with a hassle-free way to get started with your new project. It is important to note that you should not depend on the contents of this file. More info at https://bitplatform.dev/templates/dev-ops

env:
API_SERVER_ADDRESS: 'https://adminpanel-api.bitplatform.dev'
WEB_SERVER_ADDRESS: 'https://adminpanel.bitplatform.dev'
SERVER_ADDRESS: 'https://adminpanel.bitplatform.dev'
APP_SERVICE_NAME: 'bit-adminpanel'

on:
Expand Down Expand Up @@ -36,15 +35,15 @@ jobs:
cd src/Templates/Boilerplate && dotnet build -c Release
dotnet pack -c Release -o . -p:ReleaseVersion=0.0.0 -p:PackageVersion=0.0.0
dotnet new install Bit.Boilerplate.0.0.0.nupkg
cd ../../../ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --appInsights --sentry --serverUrl ${{ env.WEB_SERVER_ADDRESS }} --filesStorage AzureBlobStorage --api Standalone --notification --captcha reCaptcha --signalR --framework net9.0
cd ../../../ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --appInsights --sentry --serverUrl ${{ env.SERVER_ADDRESS }} --filesStorage AzureBlobStorage --notification --captcha reCaptcha --signalR --framework net9.0
- name: Update core appsettings.json
uses: devops-actions/[email protected]
with:
files: 'AdminPanel/src/Shared/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Core/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Web/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Web/appsettings.Production.json'
env:
WebAppRender.BlazorMode: BlazorWebAssembly
ServerAddress: ${{ env.API_SERVER_ADDRESS }}
ServerAddress: ${{ env.SERVER_ADDRESS }}
Logging.Sentry.Dsn: ${{ secrets.ADMINPANEL_SENTRY_DSN }}
GoogleRecaptchaSiteKey: ${{ secrets.GOOGLE_RECAPTCHA_SITE_KEY }}
AdsPushVapid.PublicKey: ${{ secrets.ADMINPANEL_PUBLIC_VAPIDKEY }}
Expand All @@ -61,24 +60,13 @@ jobs:
run: dotnet build AdminPanel/src/Client/AdminPanel.Client.Core/AdminPanel.Client.Core.csproj -t:BeforeBuildTasks -p:Version="${{ vars.APPLICATION_DISPLAY_VERSION}}" --no-restore -c Release

- name: Publish
run: dotnet publish AdminPanel/src/Server/AdminPanel.Server.Api/AdminPanel.Server.Api.csproj -c Release -p:PwaEnabled=true --self-contained -r linux-x64 -o ${{env.DOTNET_ROOT}}/server -p:Version="${{ vars.APPLICATION_DISPLAY_VERSION}}"
run: dotnet publish AdminPanel/src/Server/AdminPanel.Server.Web/AdminPanel.Server.Web.csproj -c Release -p:PwaEnabled=true --self-contained -r linux-x64 -o ${{env.DOTNET_ROOT}}/server -p:Version="${{ vars.APPLICATION_DISPLAY_VERSION}}"

- name: Upload server artifact
uses: actions/upload-artifact@v4
with:
name: server-bundle
path: ${{env.DOTNET_ROOT}}/server

- name: Publish adminpanel blazor wasm standalone
run: |
sed -i 's/adminpanel.bitplatform.dev/adminpanel-api.bitplatform.dev/g' AdminPanel/src/Client/AdminPanel.Client.Web/wwwroot/index.html
dotnet publish AdminPanel/src/Client/AdminPanel.Client.Web/AdminPanel.Client.Web.csproj -c Release -p:PwaEnabled=true -o ${{env.DOTNET_ROOT}}/static -p:Version="${{ vars.APPLICATION_DISPLAY_VERSION}}"
- name: Upload static artifact
uses: actions/upload-artifact@v4
with:
name: static-bundle
path: ${{env.DOTNET_ROOT}}/static
include-hidden-files: true # Required for wwwroot/.well-known folder

deploy_api_blazor:
Expand Down Expand Up @@ -145,14 +133,14 @@ jobs:
cd src\Templates\Boilerplate && dotnet build -c Release
dotnet pack -c Release -o . -p:ReleaseVersion=0.0.0 -p:PackageVersion=0.0.0
dotnet new install Bit.Boilerplate.0.0.0.nupkg
cd ..\..\..\ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --windows --appInsights --sentry --serverUrl ${{ env.WEB_SERVER_ADDRESS }} --filesStorage AzureBlobStorage --captcha reCaptcha --signalR --offlineDb --framework net9.0
cd ..\..\..\ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --windows --appInsights --sentry --serverUrl ${{ env.SERVER_ADDRESS }} --filesStorage AzureBlobStorage --captcha reCaptcha --signalR --offlineDb --framework net9.0
- name: Update core appsettings.json
uses: devops-actions/[email protected]
with:
files: 'AdminPanel\src\Shared\appsettings.json, AdminPanel\src\Client\AdminPanel.Client.Core\appsettings.json, AdminPanel\src\Client\AdminPanel.Client.Windows\appsettings.json'
env:
ServerAddress: ${{ env.API_SERVER_ADDRESS }}
ServerAddress: ${{ env.SERVER_ADDRESS }}
Logging.Sentry.Dsn: ${{ secrets.ADMINPANEL_SENTRY_DSN }}
GoogleRecaptchaSiteKey: ${{ secrets.GOOGLE_RECAPTCHA_SITE_KEY }}
WindowsUpdate.FilesUrl: https://windows-adminpanel.bitplatform.dev
Expand Down Expand Up @@ -193,7 +181,7 @@ jobs:
cd src/Templates/Boilerplate && dotnet build -c Release
dotnet pack -c Release -o . -p:ReleaseVersion=0.0.0 -p:PackageVersion=0.0.0
dotnet new install Bit.Boilerplate.0.0.0.nupkg
cd ../../../ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --appInsights --sentry --serverUrl ${{ env.WEB_SERVER_ADDRESS }} --filesStorage AzureBlobStorage --notification --captcha reCaptcha --signalR --framework net9.0
cd ../../../ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --appInsights --sentry --serverUrl ${{ env.SERVER_ADDRESS }} --filesStorage AzureBlobStorage --notification --captcha reCaptcha --signalR --framework net9.0
- uses: actions/setup-node@v4
with:
Expand All @@ -218,7 +206,7 @@ jobs:
with:
files: 'AdminPanel/src/Shared/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Core/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Maui/appsettings.json'
env:
ServerAddress: ${{ env.API_SERVER_ADDRESS }}
ServerAddress: ${{ env.SERVER_ADDRESS }}
Logging.Sentry.Dsn: ${{ secrets.ADMINPANEL_SENTRY_DSN }}
GoogleRecaptchaSiteKey: ${{ secrets.GOOGLE_RECAPTCHA_SITE_KEY }}
ApplicationInsights.ConnectionString: ${{ secrets.APPLICATION_INSIGHTS_CONNECTION_STRING }}
Expand Down Expand Up @@ -270,14 +258,14 @@ jobs:
cd src/Templates/Boilerplate && dotnet build -c Release
dotnet pack -c Release -o . -p:ReleaseVersion=0.0.0 -p:PackageVersion=0.0.0
dotnet new install Bit.Boilerplate.0.0.0.nupkg
cd ../../../ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --appInsights --serverUrl ${{ env.WEB_SERVER_ADDRESS }} --filesStorage AzureBlobStorage --notification --captcha reCaptcha --signalR --framework net9.0
cd ../../../ && dotnet new bit-bp --name AdminPanel --database PostgreSQL --sample Admin --appInsights --serverUrl ${{ env.SERVER_ADDRESS }} --filesStorage AzureBlobStorage --notification --captcha reCaptcha --signalR --framework net9.0
- name: Update core appsettings.json
uses: devops-actions/[email protected]
with:
files: 'AdminPanel/src/Shared/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Core/appsettings.json, AdminPanel/src/Client/AdminPanel.Client.Maui/appsettings.json'
env:
ServerAddress: ${{ env.API_SERVER_ADDRESS }}
ServerAddress: ${{ env.SERVER_ADDRESS }}
Logging.Sentry.Dsn: ${{ secrets.ADMINPANEL_SENTRY_DSN }}
GoogleRecaptchaSiteKey: ${{ secrets.GOOGLE_RECAPTCHA_SITE_KEY }}
ApplicationInsights.ConnectionString: ${{ secrets.APPLICATION_INSIGHTS_CONNECTION_STRING }}
Expand Down
10 changes: 7 additions & 3 deletions ...ate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/ClientAppCoordinator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ private void NavigationManager_LocationChanged(object? sender, LocationChangedEv
navigatorLogger.LogInformation("Navigator's location changed to {Location}", e.Location);
}

private Guid? lastPropagatedUserId = Guid.Empty;
/// <summary>
/// This code manages the association of a user with sensitive services, such as SignalR, push notifications, App Insights, and others,
/// ensuring the user is correctly set or cleared as needed.
Expand All @@ -91,11 +92,14 @@ public async Task PropagateUserId(bool firstRun, Task<AuthenticationState> task)
{
try
{
Abort(); // Cancels ongoing user id propagation, because the new authentication state is available.

var user = (await task).User;
var isAuthenticated = user.IsAuthenticated();
TelemetryContext.UserId = isAuthenticated ? user.GetUserId() : null;
var userId = isAuthenticated ? user.GetUserId() : (Guid?)null;
if (lastPropagatedUserId == userId)
return;
Abort(); // Cancels ongoing user id propagation, because the new authentication state is available.
lastPropagatedUserId = userId;
TelemetryContext.UserId = userId;
TelemetryContext.UserSessionId = isAuthenticated ? user.GetSessionId() : null;

// Typically, we use the logger directly without utilizing logger.BeginScope.
Expand Down
4 changes: 2 additions & 2 deletions ...Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Web/appsettings.Production.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
{
"WebAppRender": {
"BlazorMode": "BlazorAuto"
"BlazorMode": "BlazorWebAssembly"
},
"$schema": "https://json.schemastore.org/appsettings.json"
}
5 changes: 4 additions & 1 deletion ...oilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/appsettings.Development.json
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
{
{
"ForwardedHeaders": {
"AllowedHosts": [ "*" ]
},
"DetailedErrors": true,
"$schema": "https://json.schemastore.org/appsettings.json"
}
6 changes: 4 additions & 2 deletions src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/appsettings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,10 +114,12 @@
},
"AllowedHosts": "*",
"ForwardedHeaders": {
"ForwardedHeaders_Comment": "These values apply only if your backend is hosted behind a CDN (such as Cloudflare).",
"ForwardedHeaders": "All",
"ForwardedHeaders_Comment": "These values apply only if your backend is hosted behind a CDN (such as `Cloudflare`).",
"ForwardedHostHeaderName": "X-Forwarded-Host",
"ForwardedHostHeaderName_Comment": "For Cloudflare, use X-Host instead of X-Forwarded-Host.",
"ForwardedHeaders": "All"
"AllowedHosts": [ "" ],
"AllowedHosts_Comment": "If you're using a CDN like Cloudflare in front of your server, make sure to add your domain name to the `ForwardedHeaders:AllowedHosts` setting."
},
"$schema": "https://json.schemastore.org/appsettings.json"
}
5 changes: 4 additions & 1 deletion ...oilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Web/appsettings.Development.json
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
{
{
"ForwardedHeaders": {
"AllowedHosts": [ "*" ]
},
"DetailedErrors": true,
"$schema": "https://json.schemastore.org/appsettings.json"
}
26 changes: 8 additions & 18 deletions src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Web/appsettings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,19 +3,16 @@
"ConnectionStrings": {
"SqlServerConnectionString": "Data Source=(localdb)\\mssqllocaldb; Initial Catalog=BoilerplateDb;Integrated Security=true;Application Name=Boilerplate;TrustServerCertificate=True;",
"SqliteConnectionString": "Data Source=App_Data/BoilerplateDb.db;",
"SqliteConnectionString_Comment": "To debug inside docker, change ConnectionStrings__SqliteConnectionString's value in launchSettings.json",
"PostgreSQLConnectionString": "User ID=postgres;Password=postgres;Host=localhost;Database=BoilerplateDb;",
"MySqlSQLConnectionString": "Server=localhost;Port=3306;Database=BoilerplateDb;Uid=root;Pwd=123456;",
"AzureBlobStorageSasUrl": "emulator",
"AzureBlobStorageSasUrl_Comment": "More info about blob storage sas url at https://learn.microsoft.com/en-us/azure/ai-services/translator/document-translation/how-to-guides/create-sas-tokens?tabs=blobs#create-sas-tokens-in-the-azure-portal"
"AzureBlobStorageSasUrl": "emulator"

},
"DataProtectionCertificatePassword": "P@ssw0rdP@ssw0rd",
"DataProtectionCertificatePassword_Comment": "It can also be configured using: dotnet user-secrets set 'DataProtectionCertificatePassword' 'P@ssw0rdP@ssw0rd'",
"Identity": {
"Issuer": "Boilerplate",
"Audience": "Boilerplate",
"BearerTokenExpiration": "0.00:05:00",
"BearerTokenExpiration_Comment": "BearerTokenExpiration used as JWT's expiration claim, access token's expires in and cookie's max age. Format: D.HH:mm:ss",
"RefreshTokenExpiration": "14.00:00:00",
"EmailTokenLifetime": "0.00:02:00",
"PhoneNumberTokenLifetime": "0.00:02:00",
Expand All @@ -36,7 +33,6 @@
},
"Email": {
"Host": "LocalFolder",
"Host_Comment": "Local folder means storing emails as .eml file in App_Data/sent-emails folder (Recommended for testing purposes only) instead of sending them using smtp server.",
"Port": "587",
"DefaultFromEmail": "[email protected]",
"UserName": null,
Expand All @@ -49,26 +45,18 @@
},
"UserProfileImagesDir": "attachments/profiles/",
"GoogleRecaptchaSecretKey": "6LdMKr4pAAAAANvngWNam_nlHzEDJ2t6SfV6L_DS",
"AdsPushVapid_Comment": "https://github.com/adessoTurkey-dotNET/AdsPush",
"AdsPushVapid": {
"AdsPushVapid_Comment": "Web push's vapid. More info at https://tools.reactpwa.com/vapid/",
"Subject": "mailto:[email protected]",
"PrivateKey": "dMIR1ICj-lDWYZ-ZYCwXKyC2ShYayYYkEL-oOPnpq9c",
"PublicKey_Comment": "Set public key in Client.Core's appsettings.json"
"PrivateKey": "dMIR1ICj-lDWYZ-ZYCwXKyC2ShYayYYkEL-oOPnpq9c"
},
"AdsPushAPNS": {
"P8PrivateKey": null,
"P8PrivateKey_Comment": "p8 certificate string without spaces and start/end tags.",
"P8PrivateKeyId": null,
"P8PrivateKeyId_Comment": "10-digit p8 certificate id; often part of a downloadable certificate filename",
"TeamId": null,
"TeamId_Comment": "10-digit Apple team id shown on the Apple Developer Membership Page",
"AppBundleIdentifier": null,
"EnvironmentType": "Development",
"EnvironmentType_Comment": "Apns Env one of Development or Production"
"EnvironmentType": "Development"
},
"AdsPushFirebase": {
"AdsPushFirebase_Comment": "Filed names in service_account.json => project_id,private_key_id,private_key,client_email,client_id,client_x509_cert_url",
"Type": "service_account",
"AuthUri": "https://accounts.google.com/o/oauth2/auth",
"TokenUri": "https://oauth2.googleapis.com/token",
Expand Down Expand Up @@ -104,10 +92,12 @@
//#endif
"AllowedHosts": "*",
"ForwardedHeaders": {
"ForwardedHeaders_Comment": "These values apply only if your backend is hosted behind a CDN (such as Cloudflare).",
"ForwardedHeaders": "All",
"ForwardedHeaders_Comment": "These values apply only if your backend is hosted behind a CDN (such as `Cloudflare`).",
"ForwardedHostHeaderName": "X-Forwarded-Host",
"ForwardedHostHeaderName_Comment": "For Cloudflare, use X-Host instead of X-Forwarded-Host.",
"ForwardedHeaders": "All"
"AllowedHosts": [ "" ],
"AllowedHosts_Comment": "If you're using a CDN like Cloudflare in front of your server, make sure to add your domain name to the `ForwardedHeaders:AllowedHosts` setting."
},
"$schema": "https://json.schemastore.org/appsettings.json"
}
2 changes: 1 addition & 1 deletion src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/SharedSettings.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ namespace Boilerplate.Shared;
public partial class SharedSettings : IValidatableObject
{
/// <summary>
/// If you are hosting the API and web client on different URLs (e.g., adminpanel-api.bitplatform.dev and adminpanel.bitplatform.dev), you must set `WebClientUrl` to your web client's address.
/// If you are hosting the API and web client on different URLs (e.g., api.test.com and test.com), you must set `WebClientUrl` to your web client's address.
/// This ensures that the API server redirects to the correct URL after social sign-ins and other similar actions.
/// </summary>
public string? WebClientUrl { get; set; }
Expand Down

0 comments on commit 2c5ea07

Please sign in to comment.