derek/boredcareers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

harden the website

Browse Source
This commit is contained in:
Derek Holloway
2025-08-01 21:33:56 -07:00
parent f7acfc577e
commit 14d7bf7587
1 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Server/Program.cs
+21 -9
View File
@@ -12,7 +12,6 @@ using System.Security.Cryptography;
var builder = WebApplication.CreateBuilder(args); var builder = WebApplication.CreateBuilder(args);
// Disable null warnings becuse string.IsNullOrEmpty checks for NULL or Empty // Disable null warnings becuse string.IsNullOrEmpty checks for NULL or Empty
#pragma warning disable CS8600
#pragma warning disable CS8604 #pragma warning disable CS8604
//////////////////////////////// ////////////////////////////////
@@ -135,15 +134,28 @@ builder.Services.AddAuthentication(options => {
}; };
}); });
builder.Services.AddCors(o => o.AddDefaultPolicy(builder => { ////////////////////////////////
builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader(); // No CORS /// Rate Limiting Service ////
})); ////////////////////////////////
List<string> allowedOrigins = new List<string>{ "https://boredcareers.com", "https://www.boredcareers.com" };
if (builder.Environment.IsDevelopment()) {
allowedOrigins.Add("http://localhost:5000");
}
builder.Services.AddCors(options => {
options.AddDefaultPolicy(policy => {
policy.WithOrigins(allowedOrigins.ToArray())
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
});
});
builder.Services.AddRateLimiter(options => { builder.Services.AddRateLimiter(options => {
options.AddPolicy("PerUserPolicy", httpContext => { options.AddPolicy("PerUserPolicy", httpContext => {
var userId = httpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value var userId = httpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value
?? httpContext.User.Identity?.Name ?? $"ip:{httpContext.Connection.RemoteIpAddress}";
?? httpContext.Connection.RemoteIpAddress?.ToString();
return RateLimitPartition.GetTokenBucketLimiter(userId, key => new TokenBucketRateLimiterOptions { return RateLimitPartition.GetTokenBucketLimiter(userId, key => new TokenBucketRateLimiterOptions {
TokenLimit = 10, // max 10 requests TokenLimit = 10, // max 10 requests
@@ -156,9 +168,7 @@ builder.Services.AddRateLimiter(options => {
}); });
}); });
// Pages Service
builder.Services.AddControllers(); builder.Services.AddControllers();
builder.Services.AddRazorPages();
var app = builder.Build(); var app = builder.Build();
@@ -170,12 +180,14 @@ if( !app.Environment.IsDevelopment() ) {
app.UseDefaultFiles(); app.UseDefaultFiles();
app.UseStaticFiles(); app.UseStaticFiles();
app.UseRateLimiter();
app.UseCors(); app.UseCors();
app.UseRouting(); app.UseRouting();
app.UseAuthentication(); app.UseAuthentication();
app.MapControllers().RequireRateLimiting("perUserPolicy"); app.MapControllers();
app.MapFallbackToFile("index.html"); app.MapFallbackToFile("index.html");