Net 5 Domain restricted routes - asp.net-core

I'm using Net 5 and I want to set up a new domain on our application.
What I'd like to happen is to be able to create the following routes:
www.domaina.com/aboutus
www.domainb.com/aboutus
I'd like these 2 routes to go to different views.
I'd also like to be able to restrict certain pages e.g.
www.domaina.com/pageA wouldn't be accessible from www.domainb.com/pageA and vice versa.
I've tried to decorate my methods and controllers with the new "Host" attribute but that doesn't seem to retrict them.
I've also tried methods from here to no avail: Domain-based routing in ASP.NET Core 2.0
I should also point out that the plan is to have these behind Azure Front Door, so I need to pull from the header "X-Forwarded-Host". I have logic to do this already in place, but would need something I can customise.
I'm using attribute based routing at the moment.
Any help would be greatly appreciated.
Thanks,
David

Related

ASP.NET Core Displaying data in View from Api

I am creating Cars store in Asp.Net for my school.
I built an Api Method:
[HttpGet("api/brands/{brandName}/models")]
public IActionResult Get(string brandName)
{
{
var model = _context.getBrandByName(brandName);
return Ok(model.Models.ToList());
}
}
An it works when I am checking it with Postman.
Now I would like User to choose brandName from selection list in the website and show him avaliable models.
In other words I dont know how to use this Api to get Data displayed.
Any help will be strongly appreciated
RESTful Web services are one way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations.
from Wikipedia.
This means, the REST API's only concern is to provide the data to work in a uniform and predefined set of operations, where those operations take the HTTP Verb that was used in consideration.
in your example, your GET route, should only be api/brands/{brandName}
the default in rest api, http verbs say:
GET - getting one element or a list
POST - creating
PUT - updating
DELETE - removing
in your application, the best approach would be something like:
GET /api/brands will get ALL existing brands
GET /api/brands/<brand_name> will get just one brand
POST /api/brands will create a new brand
PUT /api/brands will edit an existing brand
DELETE /api/brands will delete an existing brand
from your question:
Now I would like User to choose brandName from selection list on the website
the website would then request a GET to the route /api/brands to get the list of all of the brands.
This is the REST API part, it concerns ONLY in providing the right data to the system that request it.
if you want to create a website in order to CONSUME this data, you can easily create a new web project in your solution and request the data that the API provides, making the Website completely "blind" from where the data comes from, as it only asks for the data itself.
Making the whole system much easier for updated and maintainability.
In other words I dont know how to use this Api to get Data displayed.
The main purpose of REST API is to expose data not to display it by using any kind of UI framework.
If you think you need to manage the full stack of your application end-to-end. I mean from User interface to your database then you must think at implementing the V of the MVC pattern bu return a view and not just a data. ASP.Net Core can help you with that. Follow this tutorial, it explains a lot about this pattern in ASP.Net Core MVC.

Laravel 5.2 custom Middleware Levels on RESTful controllers

So from not using any framework at all, I finally forced myself to use LARAVEL 5.2 because i got tired of re-writing my own "framework" over and over again.
Anyway!
I think I'm pretty familiar with the Laravel framework and its dependencies now.
But now I need guidance on how to do this the smartest way.
I want to create a Middleware based on the companys DC.
Now every user is AUTHED by php's envget("username"); with a re-written "auth" middleware. So far, so good. (The server is not in the DMZ btw).
The thing is, our team thought that we should populate a database-table with all the users and give them a "Privilege-level", lets say 1 through 3 where 1 is "read only", 2 is "read+modify" and 3 is "read+create+modify" with our restful controllers. But.
since we use restful controllers i cannot really give them individual Middlewares? do I manually have to change every RESTful resource in my routes.php to make this happend? or can i do this another way? I would like to keep it as simple as possible.
Any suggestions?
Thanks in advance
(reserved for typsos )
#Tarre Tan
You can achieve this by adding your middleware in a parent controller's constructor.
All your controllers that require permissions will inherit from that controller.
You have one place to adjust your permissions if you want.
Hope this helps

Multiple url-patterns each with its own struts-config file

I am working on a struts 1.3 web application that has 2 interfaces one for regular staff and another for probationary staff. These can be looked at as 2 modules having some interfaces in common and some others that are different.
Instead of putting authorization rules on the application, I was wondering if I can control access to some resources using multiple configuration files. I need to implement the following behaviour:
For urls like /application/regular/* the application should use the struts-regular-config.xml file to work out the mapping.
For urls like /application/probationary/* it should user the struts-prob-config.xml file to work out the mapping.
So effectively I need the action servlet to work with 2 different config files one each for the 2 url-patterns that I have.
How can this be done? Many thanks in advance.
Try This Approach Instead of creating different/multiple URL pattern and URLs for different users.
Use the same URL for all the users.Divide your Projects into modules and sub modules using AJax tags.
Create one new Class RolePermission which will define Roles and permission for Different Users. For eg, whether User A has access to Module X or not.
Also use this parameter/fields like RoleId, RoleName,isAllowed,securityGroup for defining RolesPermission.

Yii: maximizing code reuse with per-user site configurations

The client I'm working for has a CMS written in Yii. Currently a part of their business is customizing the CMS to meet the specific needs of each customer. About 90% of the code is reused, essentially by copying and pasting from one directory to another. While I've been working on this project, I've had to merge changes in to the shared codebase several times.
All, or most, of these sites are hosted on the same server, and it would seem that it would make more sense to have a single login, that changed what features we showed based on the login. In some case that means overriding whole or partial views (eg, the _form.php might change from customer to customer) including the controller and model. Most of the time, it means adding a new controller for a bit of functionality written just for that client.
I've read about having both a front and backend site here: http://www.yiiframework.com/wiki/63/organize-directories-for-applications-with-front-end-and-back-end-using-webapplicationend-behavior but that doesn't seem to be the right fit (I don't want everyone coming to a different start php file, for instance)
Ideally, I'd have users log in, and get assigned a site id, which will filter data in the shared MVC objects, and will add in the ones specifically for them, or override the ones where necessary
Intuitively it seems like something like this would make sense:
Shared controllers go here:
/protected/controllers
Overrides and additions for client1 go here:
/protected/controllers/client1
or:
/protected/client1/controllers
But I'm not sure how to get Yii to do this in the most efficient and easy to manage way. Is this something that's going to work with Yii, or am I breaking it in ways unintended? If it will work, what's the best way to accomplish it so that it's clear to me six months from now, or some random developer who replaces me?
Do you know RBAM ?
With Role Based access you can profile your application in more-or-less granular way

Rails 3: routing to customer areas

I'm a Rails 3 beginner, but have experiences with other MVC web frameworks and need a starting hint about how to setup my routing in Rails. The application should allow users to register and after that the users data should be available at URLs like:
http://domainname/username/xyz
The common and user independent part should be available at
http://domainname/abc
To distinguis between both routes, I would force usernames to have at least 6 characters and all "abc"-routes will have 5 or less. Until this point I would be manage the routing by myself, but for the "xyz" part of the user area I would like to use the existing REST full features of rails. Any hint how to do that?
Have you already read http://edgeguides.rubyonrails.org/routing.html?
It's really a good resource for this sort of question. I believe some of the scheme you describe falls into the "Non-Resourceful" routing category.