soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8b86f17645a8081a1e05e55509986a535281807d
flatrender/services/identity/FlatRender.IdentitySvc/Program.cs
T
soroush.asadi 90ac0b81d1 feat: V2 microservices stack — backend services, gateway, JWT auth 
Add full V2 architecture: identity, content, studio (.NET 10) and file,
render, notification, gateway (Go) services with vendored deps, plus DB
migrations, event/API contracts, and an init-db script.

Wire the Next.js frontend to the gateway: server-side JWT auth routes
(login/register/refresh/logout/me), gateway fetch helper, and session/
cookie/jwt helpers under src/lib.

Containerize the stack via docker-compose.v2.yml and per-service
Dockerfiles. Base images resolve through a Nexus mirror (Docker Hub) and
MCR directly; npm/NuGet pull from Nexus groups. Self-host fonts via
next/font/local to avoid Google Fonts (geo-blocked).

Add CI workflow and ignore .env.v2, *.stackdump, and .NET bin/obj.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-29 23:29:31 +03:30

175 lines
7.5 KiB
C#
Raw Blame History

using System.Text;
using FlatRender.IdentitySvc.Application.Services;
using FlatRender.IdentitySvc.Application.Services.Interfaces;
using FlatRender.IdentitySvc.Domain.Enums;
using FlatRender.IdentitySvc.Infrastructure.Data;
using FlatRender.IdentitySvc.Middleware;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Npgsql;
var builder = WebApplication.CreateBuilder(args);
// ── Database ──────────────────────────────────────────────────────────────
var connectionString = builder.Configuration.GetConnectionString("DefaultConnection")
?? throw new InvalidOperationException("ConnectionStrings:DefaultConnection is required");
// Native PostgreSQL enums are mapped on the EF provider so Npgsql can read/write them
// at runtime (HasPostgresEnum in the model alone is not enough on Npgsql 8+). EF builds
// the data source with these mappings. PG labels are PascalCase and match the C# enum
// member names, so a preserve-case name translator is used for the values.
var enumTr = PreserveCaseNameTranslator.Instance;
builder.Services.AddDbContext<IdentityDbContext>(options =>
options.UseNpgsql(
connectionString,
npgsql =>
{
npgsql.MigrationsHistoryTable("__ef_migrations", "identity");
npgsql.MapEnum<TenantStatus>("tenant_status", "identity", enumTr);
npgsql.MapEnum<TenantKind>("tenant_kind", "identity", enumTr);
npgsql.MapEnum<RegisterMode>("register_mode", "identity", enumTr);
npgsql.MapEnum<GenderKind>("gender_kind", "identity", enumTr);
npgsql.MapEnum<TokenPurpose>("token_purpose", "identity", enumTr);
npgsql.MapEnum<MfaFactorType>("mfa_factor_type", "identity", enumTr);
npgsql.MapEnum<PlanScope>("plan_scope", "identity", enumTr);
npgsql.MapEnum<BillingPeriod>("billing_period", "identity", enumTr);
npgsql.MapEnum<PaymentGateway>("payment_gateway", "identity", enumTr);
npgsql.MapEnum<PaymentStatus>("payment_status", "identity", enumTr);
npgsql.MapEnum<PaymentAction>("payment_action", "identity", enumTr);
npgsql.MapEnum<DiscountKind>("discount_kind", "identity", enumTr);
npgsql.MapEnum<QuestType>("quest_type", "identity", enumTr);
npgsql.MapEnum<PrizeType>("prize_type", "identity", enumTr);
npgsql.MapEnum<GiftType>("gift_type", "identity", enumTr);
}
)
.UseSnakeCaseNamingConvention()
);
// ── JWT Auth ──────────────────────────────────────────────────────────────
var jwtSecret = builder.Configuration["Jwt:Secret"]
?? throw new InvalidOperationException("Jwt:Secret is required");
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSecret)),
ValidateIssuer = true,
ValidIssuer = builder.Configuration["Jwt:Issuer"] ?? "flatrender-identity",
ValidateAudience = true,
ValidAudience = builder.Configuration["Jwt:Audience"] ?? "flatrender",
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero,
};
});
builder.Services.AddAuthorization();
// ── Services ──────────────────────────────────────────────────────────────
builder.Services.AddScoped<ITokenService, TokenService>();
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddScoped<IUserService, UserService>();
builder.Services.AddScoped<ITenantService, TenantService>();
builder.Services.AddScoped<IPlanService, PlanService>();
builder.Services.AddScoped<IDiscountService, DiscountService>();
builder.Services.AddScoped<IGamificationService, GamificationService>();
builder.Services.AddScoped<IPaymentService, PaymentService>();
// ── HTTP clients ───────────────────────────────────────────────────────────
builder.Services.AddHttpClient("zarinpal", client =>
{
client.DefaultRequestHeaders.Accept.Add(
new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
client.Timeout = TimeSpan.FromSeconds(10);
});
builder.Services.AddHttpClient("snappay", client =>
{
client.DefaultRequestHeaders.Accept.Add(
new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
client.Timeout = TimeSpan.FromSeconds(15); // SnapPay token exchange can be slow
});
builder.Services.AddHttpClient("tara", client =>
{
client.DefaultRequestHeaders.Accept.Add(
new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
client.Timeout = TimeSpan.FromSeconds(10);
});
// ── Routing ───────────────────────────────────────────────────────────────
builder.Services.AddRouting(opts =>
{
opts.LowercaseUrls = true;
opts.AppendTrailingSlash = false;
});
// ── Controllers + Swagger ─────────────────────────────────────────────────
builder.Services.AddControllers()
.AddJsonOptions(o => o.JsonSerializerOptions.PropertyNamingPolicy =
System.Text.Json.JsonNamingPolicy.SnakeCaseLower);
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "FlatRender Identity Service", Version = "v1" });
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "JWT Bearer token. Format: Bearer {token}",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey,
Scheme = "Bearer",
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
},
Array.Empty<string>()
}
});
});
builder.Services.AddCors(options =>
options.AddDefaultPolicy(policy =>
policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()));
builder.Services.AddHealthChecks()
.AddCheck("db", () =>
{
// actual DB ping happens at startup migration; just return healthy here
return Microsoft.Extensions.Diagnostics.HealthChecks.HealthCheckResult.Healthy();
});
var app = builder.Build();
app.UseMiddleware<ExceptionMiddleware>();
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseCors();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.MapHealthChecks("/health");
if (app.Environment.IsDevelopment())
{
using var scope = app.Services.CreateScope();
var db = scope.ServiceProvider.GetRequiredService<IdentityDbContext>();
db.Database.Migrate();
}
app.Run();
Reference in New Issue View Git Blame Copy Permalink