Added cookie/JWT auth config

2019-06-14 21:07:07 -05:00 · 2019-06-14 21:07:07 -05:00 · f30d484e9c
commit f30d484e9c
parent b379654879
1 changed files with 23 additions and 0 deletions
--- a/src/PrayerTracker/App.fs
+++ b/src/PrayerTracker/App.fs
@ -2,6 +2,8 @@ namespace PrayerTracker

 open Microsoft.AspNetCore.Builder
 open Microsoft.AspNetCore.Hosting
+open Microsoft.AspNetCore.Http
+open Microsoft.IdentityModel.Tokens

 /// Module to hold configuration for the web app
 [<RequireQualifiedAccess>]
@ -19,6 +21,7 @@ module Configure =
  open Microsoft.Extensions.Logging
  open Microsoft.Extensions.Options
  open NodaTime
+  open System
  open System.Globalization

  /// Set up the configuration for the app
@ -51,6 +54,25 @@ module Configure =
      .AddSingleton<IClock>(SystemClock.Instance)
    |> ignore
    let config = svc.BuildServiceProvider().GetRequiredService<IConfiguration>()
+    let authConfig = config.GetSection "Tokens"
+    svc.AddAuthentication()
+      .AddCookie(
+        fun opts ->
+          opts.Cookie.Name       <- "PrayerTrackerAuth"
+          opts.Cookie.HttpOnly   <- false
+          opts.Cookie.SameSite   <- SameSiteMode.Strict
+          opts.SlidingExpiration <- true
+          opts.ClaimsIssuer      <- authConfig.["Issuer"])
+      .AddJwtBearer(
+        fun opts ->
+          opts.SaveToken    <- true
+          opts.ClaimsIssuer <- "PrayerTracker"
+          opts.TokenValidationParameters                  <- TokenValidationParameters ()
+          opts.TokenValidationParameters.ValidIssuer      <- authConfig.["Issuer"]
+          opts.TokenValidationParameters.ValidAudience    <- authConfig.["Issuer"]
+          opts.TokenValidationParameters.IssuerSigningKey <- SymmetricSecurityKey (Convert.FromBase64String authConfig.["Key"]))
+    |> ignore
+    let config = svc.BuildServiceProvider().GetRequiredService<IConfiguration>()
    let crypto = config.GetSection "CookieCrypto"
    CookieCrypto (crypto.["Key"], crypto.["IV"]) |> setCrypto
    svc.AddDbContext<AppDbContext>(
@ -173,6 +195,7 @@ module Configure =
      .UseStaticFiles()
      .UseSession()
      .UseRequestLocalization(app.ApplicationServices.GetService<IOptions<RequestLocalizationOptions>>().Value)
+      .UseAuthentication()
      .UseGiraffe(webApp)
      |> ignore
    Views.I18N.setUpFactories <| app.ApplicationServices.GetRequiredService<IStringLocalizerFactory> ()