So I ran into an unexpected issue after I implemented the new project design.  I had changed the projects access from https://www.casperinc.expert to https://projects.casperinc.expert.   This broke my CORS settings in my API that backed the Main Site project.  So….

It’s been awhile since I had promoted changes to the project into my production environment.  I decided to push all of my pending changes to production.  The major changes are..

  1. New Identity Provider server based on OpenIdDict, which is built on OpenAuth 2.0 and IdentityServer.
    1. I have a password flow enabled allowing logins from the angular site.
    2. I have a introspection flow enabled allowing for APIs to connect to the identity provider to verify user authentication/authorization tokens.
  2. Greatly expanded Main Site API
    1. Renamed to a domain scheme
    2. Added  put and introspection
    3. Updated to .Net Core 2.0
  3.  Expanded Main Site SPA (angular app)
    1. Updated to angular CLI
    2. Added login
      1. Get token from identity provider
      2. refresh token from identity provider
    3. Add authentication flow for API interactions
    4. Added an edit form based on the Froala Editor
  4. Configuration Files Everywhere
    1. I have removed specific information from my git repositories.  Now any connection specific and other sensitive credentials are loaded from configuration files at application load time. Being able to remove all of the connection data makes me feel more comfortable storing my source in git hub.

 


Leave a Reply