diff --git a/fundamentals/minimal-apis/samples/MyAntiForgery/Program.cs b/fundamentals/minimal-apis/samples/MyAntiForgery/Program.cs index 8ba2d8e..332ca07 100644 --- a/fundamentals/minimal-apis/samples/MyAntiForgery/Program.cs +++ b/fundamentals/minimal-apis/samples/MyAntiForgery/Program.cs @@ -11,6 +11,8 @@ builder.Services.AddAntiforgery(); var app = builder.Build(); +app.UseAntiforgery(); + // // Pass token app.MapGet("/", (HttpContext context, IAntiforgery antiforgery) => @@ -86,8 +88,7 @@ builder.Services.AddAntiforgery(); var app = builder.Build(); -// Implicitly added by WebApplicationBuilder -// app.UseAntiforgery(); +app.UseAntiforgery(); app.MapGet("/", () => "Hello World!"); diff --git a/fundamentals/minimal-apis/samples/MyAntiForgery8/MyAntiForgery.csproj b/fundamentals/minimal-apis/samples/MyAntiForgery8/MyAntiForgery.csproj deleted file mode 100644 index 1b28a01..0000000 --- a/fundamentals/minimal-apis/samples/MyAntiForgery8/MyAntiForgery.csproj +++ /dev/null @@ -1,9 +0,0 @@ - - - - net8.0 - enable - enable - - - diff --git a/fundamentals/minimal-apis/samples/MyAntiForgery8/Program.cs b/fundamentals/minimal-apis/samples/MyAntiForgery8/Program.cs deleted file mode 100644 index 332ca07..0000000 --- a/fundamentals/minimal-apis/samples/MyAntiForgery8/Program.cs +++ /dev/null @@ -1,97 +0,0 @@ -#define FIRST // FIRST SHORT -#if NEVER -#elif FIRST -// -using Microsoft.AspNetCore.Antiforgery; -using Microsoft.AspNetCore.Mvc; - -var builder = WebApplication.CreateBuilder(); - -builder.Services.AddAntiforgery(); - -var app = builder.Build(); - -app.UseAntiforgery(); - -// -// Pass token -app.MapGet("/", (HttpContext context, IAntiforgery antiforgery) => -{ - var token = antiforgery.GetAndStoreTokens(context); - return Results.Content(MyHtml.GenerateForm("/todo", token), "text/html"); -}); - -// Don't pass a token, fails -app.MapGet("/SkipToken", (HttpContext context, IAntiforgery antiforgery) => -{ - var token = antiforgery.GetAndStoreTokens(context); - return Results.Content(MyHtml.GenerateForm("/todo",token, false ), "text/html"); -}); - -// Post to /todo2. DisableAntiforgery on that endpoint so no token needed. -app.MapGet("/DisableAntiforgery", (HttpContext context, IAntiforgery antiforgery) => -{ - var token = antiforgery.GetAndStoreTokens(context); - return Results.Content(MyHtml.GenerateForm("/todo2", token, false), "text/html"); -}); - -// -app.MapPost("/todo", ([FromForm] Todo todo) => Results.Ok(todo)); - -app.MapPost("/todo2", ([FromForm] Todo todo) => Results.Ok(todo)) - .DisableAntiforgery(); -// -// - -app.Run(); - -class Todo -{ - public required string Name { get; set; } - public bool IsCompleted { get; set; } - public DateTime DueDate { get; set; } -} - -public static class MyHtml -{ - // - public static string GenerateForm(string action, - AntiforgeryTokenSet token, bool UseToken=true) - { - string tokenInput = ""; - if (UseToken) - { - tokenInput = $@""; - } - - return $@" - -
- {tokenInput} - - - - -
- - "; - } - // -} -// -#elif SHORT -// -var builder = WebApplication.CreateBuilder(); - -builder.Services.AddAntiforgery(); - -var app = builder.Build(); - -app.UseAntiforgery(); - -app.MapGet("/", () => "Hello World!"); - -app.Run(); -// -#endif diff --git a/fundamentals/minimal-apis/samples/MyAntiForgery8/appsettings.json b/fundamentals/minimal-apis/samples/MyAntiForgery8/appsettings.json deleted file mode 100644 index 10f68b8..0000000 --- a/fundamentals/minimal-apis/samples/MyAntiForgery8/appsettings.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Warning" - } - }, - "AllowedHosts": "*" -}