unblinking / trappykeepy Goto Github PK
View Code? Open in Web Editor NEWA document storage web API
A document storage web API
Add the ability to request results that are sorted, filtered, paginated, etc.
For this requirement, do not create new APIs โ instead, enable sorting, filtering, and pagination capabilities in resource collection API and pass the input parameters as query parameters. e.g.
http://api.example.com/device-management/managed-devices
http://api.example.com/device-management/managed-devices?region=USA
http://api.example.com/device-management/managed-devices?region=USA&brand=XYZ
http://api.example.com/device-management/managed-devices?region=USA&brand=XYZ&sort=installation-date
Add roles that users can have.
Role | Access |
---|---|
Regular | download |
Manager | Upload/download |
Admin | CRUD users and groups, upload/download |
Currently using SimpleJWT which works great except that it automatically adds a 30 minute expiration to all tokens.
See the issue I created for this unexpected behavior.
Maybe switch to something like JWT which is much more recently updated and used.
Restrict the application from doing things like drop table in the database.
Add something to prevent XSS stuff, such as saving <SCRIPT>alert('hello from script')</SCRIPT>
into a string property of an entity.
Looks like MS used to have this but its no longer a thing?
Add unit and end-to-end tests.
Authorize with a specific scheme in ASP.NET Core
services.AddAuthentication()
.AddJwtBearer(options => {
options.Audience = "http://localhost:5001/";
options.Authority = "http://localhost:5000/";
});
The Large Objects feature is a way of storing large files in a PostgreSQL database. Files can normally be stored in bytea columns but there are two downsides; a file can only be 1 GB and the backend buffers the whole file when reading or writing a column, which may use significant amounts of RAM on the backend.
With the Large Objects feature, objects are instead stored in a separate system table in smaller chunks and provides a streaming API for the user. Each object is given an integral identifier that is used for accessing the object, that can, for example, be stored in a user's table containing information about this object.
Example
// Retrieve a Large Object Manager for this connection
var manager = new NpgsqlLargeObjectManager(Conn);
// Create a new empty file, returning the identifier to later access it
uint oid = manager.Create();
// Reading and writing Large Objects requires the use of a transaction
using (var transaction = Conn.BeginTransaction())
{
// Open the file for reading and writing
using (var stream = manager.OpenReadWrite(oid))
{
var buf = new byte[] { 1, 2, 3 };
stream.Write(buf, 0, buf.Length);
stream.Seek(0, System.IO.SeekOrigin.Begin);
var buf2 = new byte[buf.Length];
stream.Read(buf2, 0, buf2.Length);
// buf2 now contains 1, 2, 3
}
// Save the changes to the object
transaction.Commit();
}
Mostly could be useful to log exceptions.
Logging in .NET Core and ASP.NET Core
private readonly ILogger<GroupController> _logger;
public GroupController(ILogger<GroupController> logger)
{
_logger = logger;
}
Also, might be best to log some things in the database directly. When a function runs, log details about who ran it, when, etc.
I messed up saving the file data into the database when I was quickly putting that part together. See the dumb mistake below, trying to insert the binary data like a string.
using (var command = new NpgsqlCommand())
{
command.CommandText = $"SELECT * FROM tk.filedatas_create('{filedata.KeeperId}', '{filedata.BinaryData}');";
var result = await RunScalar(command);
var newId = Guid.Empty;
if (result is not null)
}
Did I accidentally add project references in such a way that could create some kind of circular reference problem?
Implement zxcvbn checking on user passwords before allowing them.
Right now I just have the connection string stored as an env var. That is fine, but I have to load it inside of each service.
Can it be loaded once in the Program.cs
and then shared to each service via dependency injection?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.