fix

bitfoundation · Jul 8, 2024 · 2cdcd15 · 2cdcd15
1 parent 75bd273
commit 2cdcd15
Show file tree

Hide file tree

Showing 9 changed files with 39 additions and 15 deletions.
diff --git a/...ilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Web/Boilerplate.Client.Web.csproj b/...ilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Web/Boilerplate.Client.Web.csproj
@@ -52,7 +52,7 @@
     </ItemGroup>
 
     <!--/+:msbuild-conditional:noEmit -->
-    <ItemGroup Condition=" '$(sample)' == 'Admin' AND '$(offlineDb)' == 'false'">
+    <ItemGroup Condition=" ('$(sample)' == 'Admin' OR '$(sample)' == '') AND ('$(offlineDb)' == 'false' OR '$(offlineDb)' == '')">
         <BlazorWebAssemblyLazyLoad Include="System.Private.Xml.wasm" />
         <BlazorWebAssemblyLazyLoad Include="System.Data.Common.wasm" />
     </ItemGroup>

diff --git a/src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/AppSettings.cs b/src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/AppSettings.cs
@@ -17,6 +17,11 @@ public class AppSettings : IValidatableObject
     public string GoogleRecaptchaSecretKey { get; set; } = default!;
     //#endif
 
+    /// <summary>
+    /// See WebClientUrl_Comment in appsettings.json for more info.
+    /// </summary>
+    public string? WebClientUrl { get; set; }
+
     public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
     {
         var validationResults = new List<ValidationResult>();

diff --git a/....Boilerplate/src/Server/Boilerplate.Server.Api/Controllers/Identity/IdentityController.cs b/....Boilerplate/src/Server/Boilerplate.Server.Api/Controllers/Identity/IdentityController.cs
@@ -257,7 +257,7 @@ public async Task SendResetPasswordToken(SendResetPasswordTokenRequestDto reques
         var isEmail = string.IsNullOrEmpty(request.Email) is false;
         var qs = $"{(isEmail ? "email" : "phoneNumber")}={Uri.EscapeDataString(isEmail ? request.Email! : request.PhoneNumber!)}";
         var url = $"reset-password?token={Uri.EscapeDataString(token)}&{qs}&culture={CultureInfo.CurrentUICulture.Name}";
-        var link = new Uri(HttpContext.Request.GetBaseUrl(), url);
+        var link = new Uri(HttpContext.Request.GetWebClientUrl(), url);
 
         async Task SendEmail()
         {
@@ -295,7 +295,7 @@ public async Task SendOtp(IdentityRequestDto request, string? returnUrl = null,
 
         var (token, url) = await GenerateOtpTokenData(user, returnUrl);
 
-        var link = new Uri(HttpContext.Request.GetBaseUrl(), url);
+        var link = new Uri(HttpContext.Request.GetWebClientUrl(), url);
 
         async Task SendEmail()
         {
@@ -519,7 +519,7 @@ private async Task SendConfirmEmailToken(User user, CancellationToken cancellati
 
         var email = user.Email!;
         var token = await userManager.GenerateUserTokenAsync(user, TokenOptions.DefaultPhoneProvider, FormattableString.Invariant($"VerifyEmail:{email},{user.EmailTokenRequestedOn}"));
-        var link = new Uri(HttpContext.Request.GetBaseUrl(), $"confirm?email={Uri.EscapeDataString(email)}&emailToken={Uri.EscapeDataString(token)}&culture={CultureInfo.CurrentUICulture.Name}");
+        var link = new Uri(HttpContext.Request.GetWebClientUrl(), $"confirm?email={Uri.EscapeDataString(email)}&emailToken={Uri.EscapeDataString(token)}&culture={CultureInfo.CurrentUICulture.Name}");
 
         await emailService.SendEmailToken(user, email, token, link, cancellationToken);
     }
@@ -539,7 +539,7 @@ private async Task SendConfirmPhoneToken(User user, CancellationToken cancellati
 
         var phoneNumber = user.PhoneNumber!;
         var token = await userManager.GenerateUserTokenAsync(user, TokenOptions.DefaultPhoneProvider, FormattableString.Invariant($"VerifyPhoneNumber:{phoneNumber},{user.PhoneNumberTokenRequestedOn}"));
-        var link = new Uri(HttpContext.Request.GetBaseUrl(), $"confirm?phoneNumber={Uri.EscapeDataString(phoneNumber!)}&phoneToken={Uri.EscapeDataString(token)}&culture={CultureInfo.CurrentUICulture.Name}");
+        var link = new Uri(HttpContext.Request.GetWebClientUrl(), $"confirm?phoneNumber={Uri.EscapeDataString(phoneNumber!)}&phoneToken={Uri.EscapeDataString(token)}&culture={CultureInfo.CurrentUICulture.Name}");
 
         await smsService.SendSms(Localizer[nameof(AppStrings.ConfirmPhoneTokenSmsText), token], phoneNumber, cancellationToken);
     }

diff --git a/.../Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Controllers/Identity/UserController.cs b/.../Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Controllers/Identity/UserController.cs
@@ -93,7 +93,7 @@ public async Task SendChangeEmailToken(SendEmailTokenRequestDto request, Cancell
             throw new ResourceValidationException(result.Errors.Select(e => new LocalizedString(e.Code, e.Description)).ToArray());
 
         var token = await userManager.GenerateUserTokenAsync(user!, TokenOptions.DefaultPhoneProvider, FormattableString.Invariant($"ChangeEmail:{request.Email},{user.EmailTokenRequestedOn}"));
-        var link = new Uri(HttpContext.Request.GetBaseUrl(), $"profile?email={Uri.EscapeDataString(request.Email!)}&emailToken={Uri.EscapeDataString(token)}&culture={CultureInfo.CurrentUICulture.Name}");
+        var link = new Uri(HttpContext.Request.GetWebClientUrl(), $"profile?email={Uri.EscapeDataString(request.Email!)}&emailToken={Uri.EscapeDataString(token)}&culture={CultureInfo.CurrentUICulture.Name}");
 
         await emailService.SendEmailToken(user, request.Email!, token, link, cancellationToken);
     }

diff --git a/...ate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Extensions/HttpRequestExtensions.cs b/...ate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Extensions/HttpRequestExtensions.cs
@@ -1,5 +1,4 @@
-using Microsoft.Extensions.Primitives;
-using Microsoft.Net.Http.Headers;
+using Boilerplate.Server.Api;
 
 namespace Microsoft.AspNetCore.Http;
 
@@ -18,4 +17,14 @@ internal static Uri GetBaseUrl(this HttpRequest req)
 
         return uriBuilder.Uri;
     }
+
+    internal static Uri GetWebClientUrl(this HttpRequest req)
+    {
+        var appSettings = req.HttpContext.RequestServices.GetRequiredService<AppSettings>();
+
+        if (string.IsNullOrEmpty(appSettings.WebClientUrl) is false)
+            return new Uri(appSettings.WebClientUrl);
+
+        return req.GetBaseUrl();
+    }
 }
diff --git a/...ates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Program.Middlewares.cs b/...ates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Program.Middlewares.cs
@@ -51,9 +51,7 @@ private static void ConfiureMiddlewares(this WebApplication app)
             }
         });
 
-        // 0.0.0.0 origins are essential for the proper functioning of BlazorHybrid's WebView, while localhost:4030 is a prerequisite for BlazorWebAssemblyStandalone testing.
-        app.UseCors(options => options.WithOrigins("https://0.0.0.0", "app://0.0.0.0", "http://localhost:4030", "http://localhost:5030", "https://use-your-server-url-here.com")
-            .AllowAnyHeader().AllowAnyMethod().WithExposedHeaders(HeaderNames.RequestId));
+        app.UseCors();
 
         app.UseAuthentication();
         app.UseAuthorization();

diff --git a/...mplates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Program.Services.cs b/...mplates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Program.Services.cs
@@ -8,6 +8,7 @@
 using Boilerplate.Server.Api.Models.Identity;
 using Microsoft.OpenApi.Models;
 using Microsoft.AspNetCore.OData;
+using Microsoft.Net.Http.Headers;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.AspNetCore.StaticFiles;
 using Microsoft.AspNetCore.DataProtection;
@@ -54,7 +55,18 @@ public static void ConfigureApiServices(this WebApplicationBuilder builder)
 
         var appSettings = configuration.GetSection(nameof(AppSettings)).Get<AppSettings>()!;
 
-        services.AddCors();
+        services.AddCors(builder =>
+        {
+            builder.AddDefaultPolicy(policy =>
+            {
+                // 0.0.0.0 origins are essential for the proper functioning of BlazorHybrid's WebView, while localhost:4030 is a prerequisite for BlazorWebAssemblyStandalone testing.
+                policy.WithOrigins("https://0.0.0.0", "app://0.0.0.0", string.IsNullOrEmpty(appSettings.WebClientUrl) ? "http://localhost:4030" : appSettings.WebClientUrl)
+                      .AllowAnyHeader()
+                      .AllowAnyMethod()
+                      .WithExposedHeaders(HeaderNames.RequestId);
+            });
+        });
+
         services.AddAntiforgery();
 
         services

diff --git a/src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/appsettings.json b/src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/appsettings.json
@@ -52,6 +52,8 @@
             "TwilioAutoToken": null
         },
         "UserProfileImagesDir": "attachments/profiles/",
+        "WebClientUrl": null,
+        "WebClientUrl_Comment": "If you are hosting the API and web client on different URLs (e.g., api.company.com and app.company.com), you must set `WebClientUrl` to your web client's address. This ensures that the API server redirects to the correct URL after social sign-ins and other similar actions.",
         //#if (captcha == "reCaptcha")
         "GoogleRecaptchaSecretKey": "6LdMKr4pAAAAANvngWNam_nlHzEDJ2t6SfV6L_DS"
         //#endif

diff --git a/...ates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Web/Program.Middlewares.cs b/...ates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Web/Program.Middlewares.cs
@@ -65,9 +65,7 @@ private static void ConfiureMiddlewares(this WebApplication app)
             }
         });
 
-        // 0.0.0.0 origins are essential for the proper functioning of BlazorHybrid's WebView, while localhost:4030 is a prerequisite for BlazorWebAssemblyStandalone testing.
-        app.UseCors(options => options.WithOrigins("https://0.0.0.0", "app://0.0.0.0", "http://localhost:4030", "https://use-your-server-url-here.com")
-            .AllowAnyHeader().AllowAnyMethod().WithExposedHeaders(HeaderNames.RequestId));
+        app.UseCors();
 
         app.UseAuthentication();
         app.UseAuthorization();