Renamed basic-auth example

ramondeklein · Jan 17, 2024 · f0a4f4a · f0a4f4a
1 parent 501b957
commit f0a4f4a
Show file tree

Hide file tree

Showing 7 changed files with 24 additions and 27 deletions.
diff --git a/...ple.Kestrel/NWebDav.Sample.Kestrel.csproj → ...BasicAuth/NWebDav.Sample.BasicAuth.csproj b/...ple.Kestrel/NWebDav.Sample.Kestrel.csproj → ...BasicAuth/NWebDav.Sample.BasicAuth.csproj
@@ -1,18 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net7.0</TargetFramework>
-    <AssemblyName>NWebDav.Sample.Kestrel</AssemblyName>
-    <Title>NWebDav example using Kestrel</Title>
+    <Title>NWebDAV example using Basic authentication</Title>
     <OutputType>Exe</OutputType>
-    <Description>WebDAV server sample application (using Kestrel).</Description>
-    <Nullable>enable</Nullable>
-  </PropertyGroup>
-
-  <PropertyGroup Condition=" '$(Configuration)' == 'Release' ">
-    <PublishTrimmed>true</PublishTrimmed>
-    <TrimMode>full</TrimMode>
-    <PublishSingleFile>true</PublishSingleFile>
+    <Description>WebDAV server sample application using Basic authentication</Description>
+    <RootNamespace>NWebDav.Sample.BasicAuth</RootNamespace>
   </PropertyGroup>
 
   <ItemGroup>

diff --git a/NWebDav.Sample.Kestrel/Program.cs → NWebDav.Sample.BasicAuth/Program.cs b/NWebDav.Sample.Kestrel/Program.cs → NWebDav.Sample.BasicAuth/Program.cs
@@ -10,10 +10,15 @@
 using NWebDav.Server.Authentication;
 
 var builder = WebApplication.CreateBuilder(args);
+
+// Add NWebDAV services and set the options 
 builder.Services
     .AddNWebDav(opts => opts.RequireAuthentication = true)
     .AddDiskStore<UserDiskStore>();
 
+// Data protection is used to protect cached cookies. If you're
+// not using cached cookies, then data protection is not required
+// by NWebDAV.
 builder.Services
     .AddDataProtection()
     .PersistKeysToFileSystem(new DirectoryInfo(Path.GetTempPath()));
@@ -22,11 +27,14 @@
     .AddAuthentication(opts => opts.DefaultScheme = BasicAuthenticationDefaults.AuthenticationScheme)
     .AddBasicAuthentication(opts =>
     {
-        opts.AllowInsecureProtocol = true;
-        opts.CacheCookieName = "NWebDAV";
-        opts.CacheCookieExpiration = TimeSpan.FromHours(1);
+        opts.AllowInsecureProtocol = true;  // This will enable NWebDAV to allow authentication via HTTP, but your client may not allow it
+        opts.CacheCookieName = "NWebDAV";   // Cache the authorization result in a cookie
+        opts.CacheCookieExpiration = TimeSpan.FromHours(1); // Cached credentials in the cookie are valid for an hour
         opts.Events.OnValidateCredentials = context =>
         {
+            // In a real-world application, this is where you would contact
+            // you identity provider and validate the credentials and determine
+            // the claims.
             if (context is { Username: "test", Password: "nwebdav" })
             {
                 var claims = new[]

diff --git a/NWebDav.Sample.Kestrel/UserDiskStore.cs → NWebDav.Sample.BasicAuth/UserDiskStore.cs b/NWebDav.Sample.Kestrel/UserDiskStore.cs → NWebDav.Sample.BasicAuth/UserDiskStore.cs
@@ -1,12 +1,13 @@
 using System.IO;
 using System.Security.Authentication;
+using System.Security.Claims;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using NWebDav.Server.Stores;
 
 namespace NWebDav.Sample.Kestrel;
 
-public sealed class UserDiskStore : DiskStoreBase
+internal sealed class UserDiskStore : DiskStoreBase
 {
     private readonly IHttpContextAccessor _httpContextAccessor;
 
@@ -21,11 +22,17 @@ public override string BaseDirectory
     {
         get
         {
-            var username = _httpContextAccessor.HttpContext?.User.Identity?.Name;
+            // Each user has a dedicated directory
+            var username = User?.Identity?.Name;
             if (username == null) throw new AuthenticationException("not authenticated");
             var path = Path.Combine(Path.GetTempPath(), username);
             Directory.CreateDirectory(path);
             return path;
         }
     }
+
+    // Even though the store is a singleton, the HttpContext will still hold
+    // the current request's principal. IHttpContextAccessor uses AsyncLocal
+    // internally that flows the async operation.
+    private ClaimsPrincipal? User => _httpContextAccessor.HttpContext?.User;
 }
diff --git a/...mple.Kestrel/appsettings.Development.json → ...le.BasicAuth/appsettings.Development.json b/...mple.Kestrel/appsettings.Development.json → ...le.BasicAuth/appsettings.Development.json
diff --git a/NWebDav.Sample.Kestrel/appsettings.json → NWebDav.Sample.BasicAuth/appsettings.json b/NWebDav.Sample.Kestrel/appsettings.json → NWebDav.Sample.BasicAuth/appsettings.json
diff --git a/NWebDav.Sample.Kestrel/Namespace.cs b/NWebDav.Sample.Kestrel/Namespace.cs
diff --git a/NWebDav.sln b/NWebDav.sln
@@ -11,7 +11,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Files", "Files", "{942BBBEF
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "NWebDav.Server", "NWebDav.Server\NWebDav.Server.csproj", "{6F982556-E0C2-46E9-A90C-7477B3ED19CC}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "NWebDav.Sample.Kestrel", "NWebDav.Sample.Kestrel\NWebDav.Sample.Kestrel.csproj", "{31CB7C10-0A3F-4760-BDFD-5097046721A6}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "NWebDav.Sample.BasicAuth", "NWebDav.Sample.BasicAuth\NWebDav.Sample.BasicAuth.csproj", "{31CB7C10-0A3F-4760-BDFD-5097046721A6}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution