PI/predavanja
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b66d05c298bc5fc6b4ce8cbec954bcfaf8cda4c7
predavanja/Events-WebApi/README.md
Boris Milašinović b66d05c298 Fix and cleanup for Events.WebApi
2026-05-12 02:20:00 +02:00

193 lines
6.2 KiB
Markdown
Raw Blame History

## Solution Overview
`Events-WebApi` currently contains these projects:
- `Events.ClientApp` - Vue 3 + Vite single-page application
- `Events.WebAPI` - main ASP.NET Core REST API for CRUD and lookup operations
- `Events.FilesAPI` - ASP.NET Core API for certificate and Excel export downloads
- `Events.Auth` - shared authentication project for JWT and policy configuration
- `Events.WebAPI.Contract` - DTO, command, query, and message contracts
- `Events.WebAPI.Handlers.EF` - EF Core models, `DbContext`, and handlers
The typical runtime setup is:
- `Events.ClientApp` calls `Events.WebAPI`
- `Events.ClientApp` downloads files from `Events.FilesAPI`
- `Events.WebAPI` publishes registration events to RabbitMQ
- `Events.FilesAPI` consumes those events and synchronizes generated files
- both APIs use PostgreSQL and the same Auth0 authority/audience
## Default Local URLs
According to the current `launchSettings.json` files:
- `Events.WebAPI` -> `https://localhost:7295`
- `Events.FilesAPI` -> `https://localhost:7296`
- Swagger for `Events.WebAPI` -> `https://localhost:7295/docs`
- the Vite dev server for `Events.ClientApp` is typically `http://localhost:5173`
Ports may differ if you change the launch profile or run the projects with a different profile.
## Prerequisites
- .NET SDK 10.0
- Node.js 20+
- PostgreSQL
- RabbitMQ
- An Auth0 tenant if you want real login and bearer-token flows
## Authentication Setup Options
To use the solution as-is, you need working Auth0 configuration for both:
- an API application using the configured audience
- a SPA application used by `Events.ClientApp`
In practice, that means you either:
1. create and configure the required applications in Auth0, then keep the current `Authorize` attributes and SPA login flow
2. simplify the solution for local/demo usage by removing `Authorize` attributes from the APIs and removing Auth0-based authorization from the SPA
If you choose the second option, remember that:
- `Events.WebAPI` and `Events.FilesAPI` currently expect bearer tokens on protected endpoints
- `Events.ClientApp` is wired to request Auth0 access tokens before calling protected APIs
- removing authorization from only one layer usually is not enough; the APIs and SPA should be adjusted together
## Configuration
### WebAPI and FilesAPI
Both APIs use:
- `RabbitMq:Host`
- `RabbitMq:Username`
- `RabbitMq:Password`
- `Auth:Authority`
- `Auth:Audience`
`Events.FilesAPI` additionally uses:
- `Paths:OutputPath`
Authentication settings are now applied through the shared `Events.Auth` project, but each API still reads its own values from configuration and passes them into the shared setup.
### Connection String Note
The current `Program.cs` files for both APIs read the connection string from:
- `ConnectionStrings:EventsPostgres`
Examples:
```powershell
dotnet user-secrets set "ConnectionStrings:EventsPostgres" "Host=localhost;Port=5432;Database=events;Username=sport;Password=your-password;Persist Security Info=True;" --project Events.WebAPI\Events.WebAPI.csproj
dotnet user-secrets set "ConnectionStrings:EventsPostgres" "Host=localhost;Port=5432;Database=events;Username=sport;Password=your-password;Persist Security Info=True;" --project Events.FilesAPI\Events.FilesAPI.csproj
```
If needed, you can also override the Auth values with user secrets:
```powershell
dotnet user-secrets set "Auth:Authority" "https://fer-web2.eu.auth0.com/" --project Events.WebAPI\Events.WebAPI.csproj
dotnet user-secrets set "Auth:Audience" "https://erasmus-sta-2026/events-api" --project Events.WebAPI\Events.WebAPI.csproj
dotnet user-secrets set "Auth:Authority" "https://fer-web2.eu.auth0.com/" --project Events.FilesAPI\Events.FilesAPI.csproj
dotnet user-secrets set "Auth:Audience" "https://erasmus-sta-2026/events-api" --project Events.FilesAPI\Events.FilesAPI.csproj
```
### ClientApp
For the SPA client, copy `Events.ClientApp/.env.example` to `.env.local`:
```powershell
Copy-Item Events.ClientApp\.env.example Events.ClientApp\.env.local
```
The current example includes:
- `VITE_AUTH0_DOMAIN=fer-web2.eu.auth0.com`
- `VITE_AUTH0_CLIENT_ID=whed5Hdb8l1b1fGyyAz7Qrdsb2oKcSh3`
- `VITE_AUTH0_AUDIENCE=https://erasmus-sta-2026/events-api`
- `VITE_AUTH0_SCOPE=openid profile email events:read events:write`
- `VITE_API_BASE_URL=https://localhost:7295`
- `VITE_FILES_API_BASE_URL=https://localhost:7296`
## Running Required Infrastructure
Start PostgreSQL using the repository Docker definitions:
```powershell
docker compose -f ..\docker-definitions\postgres-eventsdb\docker-compose.yml up -d
```
Start RabbitMQ:
```powershell
docker run -d --name rabbitmq-for-events -p 5672:5672 -p 15672:15672 rabbitmq:4-management
```
The RabbitMQ management UI is typically available at:
```text
http://localhost:15672
```
## Running The APIs
Restore and build the full solution:
```powershell
dotnet restore Events-WebApi.slnx
dotnet build Events-WebApi.slnx
```
Run `Events.WebAPI`:
```powershell
dotnet run --project Events.WebAPI\Events.WebAPI.csproj
```
Run `Events.FilesAPI`:
```powershell
dotnet run --project Events.FilesAPI\Events.FilesAPI.csproj
```
Once the APIs are running:
- open Swagger for `Events.WebAPI` at `/docs`
- most `WebAPI` endpoints require a bearer token
- `FilesAPI` download endpoints are also protected and require the `events:read` scope
## Running The Client App
See [Events.ClientApp/README.md](/C:/GitRepos/FPMOZ-PI/predavanja/Events-WebApi/Events.ClientApp/README.md:1) for more details.
Typical local flow:
```powershell
cd Events.ClientApp
npm install
npm run dev
```
## Generated Files
`Events.FilesAPI` stores generated files in the directory configured by:
- `Paths:OutputPath`
According to the current `appsettings.json`, the default is:
```text
./Certificates
```
## Troubleshooting
- If an API cannot connect to the database, first verify `ConnectionStrings:EventsPostgres`
- If Swagger opens but secured requests return 401 or 403, verify `Auth:Authority`, `Auth:Audience`, and scope claims
- If `ClientApp` cannot download files, verify `VITE_FILES_API_BASE_URL`
- If PDF or XLSX files are not generated, verify `Paths:OutputPath` and filesystem permissions
- If `dotnet build` reports locked DLLs, one of the API processes is probably still running in the background
Reference in New Issue View Git Blame Copy Permalink