Skip to content

Todo application with ASP.NET Core Blazor WASM, Minimal APIs and Authentication

License

Notifications You must be signed in to change notification settings

davidfowl/TodoApi

Repository files navigation

Todo application with ASP.NET Core

CI

This is a Todo application that features:

  • Todo.Web - An ASP.NET Core hosted Blazor WASM front end application
  • TodoApi - An ASP.NET Core REST API backend using minimal APIs

image

It showcases:

  • Blazor WebAssembly
  • Minimal APIs
  • Using EntityFramework and SQLite for data access
  • OpenAPI
  • User management with ASP.NET Core Identity
  • Cookie authentication
  • JWT authentication
  • Proxying requests from the front end application server using YARP's IHttpForwarder
  • Rate Limiting
  • Writing integration tests for your REST API

Prerequisites

.NET

  1. Install .NET 7

Database

  1. Install the dotnet-ef tool: dotnet tool install dotnet-ef -g
  2. Navigate to the TodoApi folder.
    1. Run mkdir .db to create the local database folder.
    2. Run dotnet ef database update to create the database.
  3. Learn more about dotnet-ef

JWT

  1. To initialize the keys for JWT generation, run dotnet user-jwts in to TodoApi folder:

    dotnet user-jwts create
    

Running the application

To run the application, run both the Todo.Web/Server and TodoApi. Below are different ways to run both applications:

  • Visual Studio - Setup multiple startup projects by right clicking on the solution and selecting Properties. Select TodoApi and Todo.Web.Server as startup projects.

    image
  • Visual Studio Code - A compound launch definition is provided in the launch.json file, use the 'Run and Debug' view and select 'Web and API' and start that profile.

    image

  • Terminal/CLI - Open up 2 terminal windows, one in Todo.Web.Server and the other in TodoApi run:

    dotnet watch run -lp https
    

    This will run both applications with the https profile.

  • Tye - Install the global tool using the following command:

    dotnet tool install --global Microsoft.Tye --version 0.11.0-alpha.22111.1
    

    Run tye run in the repository root and navigate to the tye dashboard (usually http://localhost:8000) to see both applications running.

  • Docker Compose - Open your terminal, navigate to the root folder of this project and run the following commands:

    1. Build a docker image for the TodoApi directly from dotnet publish.

      dotnet publish ./TodoApi/TodoApi.csproj --os linux --arch x64 /t:PublishContainer -c Release
      
    2. Build a docker image for the Todo.Web.Server directly from dotnet publish.

      dotnet publish ./Todo.Web/Server/Todo.Web.Server.csproj --os linux --arch x64 /t:PublishContainer -c Release --self-contained true
      
    3. Generate certificate and configure local machine so we can start our apps with https support using docker compose.

      Windows using Linux containers

      set PASSWORD YourPasswordHere
      dotnet dev-certs https -ep ${HOME}/.aspnet/https/todoapps.pfx -p $PASSWORD --trust
      

      macOS or Linux

      export PASSWORD=YourPasswordHere
      dotnet dev-certs https -ep ~/.aspnet/https/todoapps.pfx -p $PASSWORD --trust
      
    4. Change these variables below in the docker-compose.yml file to match your https certificate and password.

      • ASPNETCORE_Kestrel__Certificates__Default__Password
      • ASPNETCORE_Kestrel__Certificates__Default__Path
    5. Run docker-compose up -d to spin up both apps todo-api and todo-web-server plus jaeger and prometheus.

    6. Navigate to the Todo Web app https://localhost:5003.

Optional

Using the API standalone

The Todo REST API can run standalone as well. You can run the TodoApi project and make requests to various endpoints using the Swagger UI (or a client of your choice):

image

Before executing any requests, you need to create a user and get an auth token.

  1. To create a new user, run the application and POST a JSON payload to /users endpoint:

    {
      "username": "myuser",
      "password": "<put a password here>"
    }
  2. To get a token for the above user run dotnet user-jwts to create a JWT token with the same user name specified above e.g:

    dotnet user-jwts create -n myuser
    
  3. You should be able to use this token to make authenticated requests to the todo endpoints.

  4. Learn more about user-jwts

Social authentication

In addition to username and password, social authentication providers can be configured to work with this todo application. By default it supports Github, Google, and Microsoft accounts.

Instructions for setting up each of these providers can be found at:

Once you obtain the client id and client secret, the configuration for these providers must be added with the following schema:

{
    "Authentication": {
        "Schemes": {
            "<scheme>": {
                "ClientId": "xxx",
                "ClientSecret": "xxxx"
            }
        }
    }
}

Or using environment variables:

Authentication__Schemes__<scheme>__ClientId=xxx
Authentication__Schemes__<scheme>__ClientSecret=xxx

Or using user secrets:

dotnet user-secrets set Authentication:Schemes:<scheme>:ClientId xxx
dotnet user-secrets set Authentication:Schemes:<scheme>:ClientSecret xxx

Other providers can be found here. These must be added to AuthenticationExtensions as well.

NOTE: Don't store client secrets in configuration!

Auth0

This sample has Auth0 configured as an OIDC server. It can be configured with the following schema:

{
  "Authentication": {
    "Schemes": {
      "Auth0": {
        "Audience": "<audience>",
        "Domain": "<domain>",
        "ClientId": "<client id>",
        "ClientSecret": "<client secret>"
      }
    }
  }
}

Learn more about the Auth0 .NET SDK here.

OpenTelemetry

TodoApi uses OpenTelemetry to collect logs, metrics and spans.

If you wish to view the collected telemetry, follow the steps below.

Metrics

  1. Run Prometheus with Docker:
docker run -d -p 9090:9090 --name prometheus -v $PWD/prometheus.yml:/etc/prometheus/prometheus.yml prom/prometheus
  1. Open Prometheus in your browser
  2. Query the collected metrics

Spans

  1. Configure environment variable OTEL_EXPORTER_OTLP_ENDPOINT with the right endpoint URL to enable .AddOtlpExporter below builder.Services.AddOpenTelemetryTracing, in the TodoApi/OpenTelemetryExtensions.cs file
  2. Run Jaeger with Docker:
docker run -d --name jaeger -e COLLECTOR_ZIPKIN_HOST_PORT=:9411 -e COLLECTOR_OTLP_ENABLED=true -p 6831:6831/udp -p 6832:6832/udp -p 5778:5778 -p 16686:16686 -p 4317:4317 -p 4318:4318 -p 14250:14250 -p 14268:14268 -p 14269:14269 -p 9411:9411 jaegertracing/all-in-one:latest
  1. Open Jaeger in your browser
  2. View the collected spans