## Solution Overview `Events-WebApi` currently contains these projects: - `Events.ClientApp` - Vue 3 + Vite single-page application - `Events.WebAPI` - main ASP.NET Core REST API for CRUD and lookup operations - `Events.FilesAPI` - ASP.NET Core API for certificate and Excel export downloads - `Events.Auth` - shared authentication project for JWT and policy configuration - `Events.WebAPI.Contract` - DTO, command, query, and message contracts - `Events.WebAPI.Handlers.EF` - EF Core models, `DbContext`, and handlers The typical runtime setup is: - `Events.ClientApp` calls `Events.WebAPI` - `Events.ClientApp` downloads files from `Events.FilesAPI` - `Events.WebAPI` publishes registration events to RabbitMQ - `Events.FilesAPI` consumes those events and synchronizes generated files - both APIs use PostgreSQL and the same Auth0 authority/audience ## Default Local URLs According to the current `launchSettings.json` files: - `Events.WebAPI` -> `https://localhost:7295` - `Events.FilesAPI` -> `https://localhost:7296` - Swagger for `Events.WebAPI` -> `https://localhost:7295/docs` - the Vite dev server for `Events.ClientApp` is typically `http://localhost:5173` Ports may differ if you change the launch profile or run the projects with a different profile. ## Prerequisites - .NET SDK 10.0 - Node.js 20+ - PostgreSQL - RabbitMQ - An Auth0 tenant if you want real login and bearer-token flows ## Authentication Setup Options To use the solution as-is, you need working Auth0 configuration for both: - an API application using the configured audience - a SPA application used by `Events.ClientApp` In practice, that means you either: 1. create and configure the required applications in Auth0, then keep the current `Authorize` attributes and SPA login flow 2. simplify the solution for local/demo usage by removing `Authorize` attributes from the APIs and removing Auth0-based authorization from the SPA If you choose the second option, remember that: - `Events.WebAPI` and `Events.FilesAPI` currently expect bearer tokens on protected endpoints - `Events.ClientApp` is wired to request Auth0 access tokens before calling protected APIs - removing authorization from only one layer usually is not enough; the APIs and SPA should be adjusted together ## Configuration ### WebAPI and FilesAPI Both APIs use: - `RabbitMq:Host` - `RabbitMq:Username` - `RabbitMq:Password` - `Auth:Authority` - `Auth:Audience` `Events.FilesAPI` additionally uses: - `Paths:OutputPath` Authentication settings are now applied through the shared `Events.Auth` project, but each API still reads its own values from configuration and passes them into the shared setup. ### Connection String Note The current `Program.cs` files for both APIs read the connection string from: - `ConnectionStrings:EventsPostgres` Examples: ```powershell dotnet user-secrets set "ConnectionStrings:EventsPostgres" "Host=localhost;Port=5432;Database=events;Username=sport;Password=your-password;Persist Security Info=True;" --project Events.WebAPI\Events.WebAPI.csproj dotnet user-secrets set "ConnectionStrings:EventsPostgres" "Host=localhost;Port=5432;Database=events;Username=sport;Password=your-password;Persist Security Info=True;" --project Events.FilesAPI\Events.FilesAPI.csproj ``` If needed, you can also override the Auth values with user secrets: ```powershell dotnet user-secrets set "Auth:Authority" "https://fer-web2.eu.auth0.com/" --project Events.WebAPI\Events.WebAPI.csproj dotnet user-secrets set "Auth:Audience" "https://erasmus-sta-2026/events-api" --project Events.WebAPI\Events.WebAPI.csproj dotnet user-secrets set "Auth:Authority" "https://fer-web2.eu.auth0.com/" --project Events.FilesAPI\Events.FilesAPI.csproj dotnet user-secrets set "Auth:Audience" "https://erasmus-sta-2026/events-api" --project Events.FilesAPI\Events.FilesAPI.csproj ``` ### ClientApp For the SPA client, copy `Events.ClientApp/.env.example` to `.env.local`: ```powershell Copy-Item Events.ClientApp\.env.example Events.ClientApp\.env.local ``` The current example includes: - `VITE_AUTH0_DOMAIN=fer-web2.eu.auth0.com` - `VITE_AUTH0_CLIENT_ID=whed5Hdb8l1b1fGyyAz7Qrdsb2oKcSh3` - `VITE_AUTH0_AUDIENCE=https://erasmus-sta-2026/events-api` - `VITE_AUTH0_SCOPE=openid profile email events:read events:write` - `VITE_API_BASE_URL=https://localhost:7295` - `VITE_FILES_API_BASE_URL=https://localhost:7296` ## Running Required Infrastructure Start PostgreSQL using the repository Docker definitions: ```powershell docker compose -f ..\docker-definitions\postgres-eventsdb\docker-compose.yml up -d ``` Start RabbitMQ: ```powershell docker run -d --name rabbitmq-for-events -p 5672:5672 -p 15672:15672 rabbitmq:4-management ``` The RabbitMQ management UI is typically available at: ```text http://localhost:15672 ``` ## Running The APIs Restore and build the full solution: ```powershell dotnet restore Events-WebApi.slnx dotnet build Events-WebApi.slnx ``` Run `Events.WebAPI`: ```powershell dotnet run --project Events.WebAPI\Events.WebAPI.csproj ``` Run `Events.FilesAPI`: ```powershell dotnet run --project Events.FilesAPI\Events.FilesAPI.csproj ``` Once the APIs are running: - open Swagger for `Events.WebAPI` at `/docs` - most `WebAPI` endpoints require a bearer token - `FilesAPI` download endpoints are also protected and require the `events:read` scope ## Running Everything Without VS Code From the `Events-WebApi` directory, you can start all three processes together with: ```bash ./start-all.sh ``` This starts: - `Events.WebAPI` on `https://localhost:7295` - `Events.FilesAPI` on `https://localhost:7296` - `Events.ClientApp` on `http://localhost:5173` The script keeps all processes attached to the terminal and stops them together when you press `Ctrl+C`. If you want to stop the stack from another terminal, use: ```bash ./stop-all.sh ``` Before the first run, make sure the client dependencies are installed: ```bash cd Events.ClientApp npm install ``` ## Running The Client App See [Events.ClientApp/README.md](/C:/GitRepos/FPMOZ-PI/predavanja/Events-WebApi/Events.ClientApp/README.md:1) for more details. Typical local flow: ```powershell cd Events.ClientApp npm install npm run dev ``` ## Generated Files `Events.FilesAPI` stores generated files in the directory configured by: - `Paths:OutputPath` According to the current `appsettings.json`, the default is: ```text ./GeneratedFiles ``` ## Troubleshooting - If an API cannot connect to the database, first verify `ConnectionStrings:EventsPostgres` - If Swagger opens but secured requests return 401 or 403, verify `Auth:Authority`, `Auth:Audience`, and scope claims - If `ClientApp` cannot download files, verify `VITE_FILES_API_BASE_URL` - If PDF or XLSX files are not generated, verify `Paths:OutputPath` and filesystem permissions - If `dotnet build` reports locked DLLs, one of the API processes is probably still running in the background