From f919d5656a1d2f9a535c0aea317ef24a320a89dd Mon Sep 17 00:00:00 2001
From: Scott Galloway <scott@jane.com>
Date: Wed, 18 Sep 2024 12:22:52 +0100
Subject: [PATCH] Add cert auth.

---
 Mostlylucid/Program.cs                     | 28 +++++++++++++++++++---
 Mostlylucid/Properties/launchSettings.json |  5 ++--
 Mostlylucid/appsettings.json               |  4 ++--
 3 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/Mostlylucid/Program.cs b/Mostlylucid/Program.cs
index 6fcac5c..fad2329 100644
--- a/Mostlylucid/Program.cs
+++ b/Mostlylucid/Program.cs
@@ -1,3 +1,4 @@
+using System.Security.Cryptography.X509Certificates;
 using Mostlylucid.Services;
 using OpenTelemetry.Metrics;
 using Serilog.Debugging;
@@ -5,8 +6,29 @@
 try
 {
     var builder = WebApplication.CreateBuilder(args);
+    var config = builder.Configuration;
+    config.AddEnvironmentVariables();
+    var certExists = File.Exists("mostlylucid.pfx");
+    var certPassword = config["CertPassword"];
+ 
+    builder.WebHost.ConfigureKestrel(options =>
+    {
+        options.ListenAnyIP(8080); // HTTP endpoint
 
-
+        // HTTPS endpoint using SSL certificate
+        options.ListenAnyIP(7240, listenOptions =>
+        {
+            if (certExists)
+            {
+                var certificate = new X509Certificate2("mostlylucid.pfx", certPassword);
+                listenOptions.UseHttps(options => options.ServerCertificate = certificate);
+            }
+            else
+            //Local development without certificate.
+                listenOptions.UseHttps();
+            
+        });
+    });;
     builder.Host.UseSerilog((context, configuration) =>
     {
         configuration.ReadFrom.Configuration(context.Configuration);
@@ -20,8 +42,8 @@
         .AspNetCoreRequests()
         .TraceToSharedLogger();
 
-    var config = builder.Configuration;
-    builder.Configuration.AddEnvironmentVariables();
+
+
     builder.Configure<AnalyticsSettings>();
     var auth = builder.Configure<AuthSettings>();
     var translateServiceConfig = builder.Configure<TranslateServiceConfig>();
diff --git a/Mostlylucid/Properties/launchSettings.json b/Mostlylucid/Properties/launchSettings.json
index a537dd6..886b2d7 100644
--- a/Mostlylucid/Properties/launchSettings.json
+++ b/Mostlylucid/Properties/launchSettings.json
@@ -22,9 +22,10 @@
       "commandName": "Project",
       "dotnetRunMessages": true,
       "launchBrowser": true,
-      "applicationUrl": "https://localhost:7240;http://localhost:5118",
+//      "applicationUrl": "https://localhost:7240;http://localhost:5118",
       "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "Development"
+        "ASPNETCORE_ENVIRONMENT": "Development",
+        "CertPassword": "melkweg26"
       }
     },
     "IIS Express": {
diff --git a/Mostlylucid/appsettings.json b/Mostlylucid/appsettings.json
index cb1090b..8ec340e 100644
--- a/Mostlylucid/appsettings.json
+++ b/Mostlylucid/appsettings.json
@@ -1,8 +1,8 @@
 {
   "ConnectionStrings": {
     "DefaultConnection": "Host=localhost;Database=<database>;port=5432;Username=<username>;Password=<password>"
-  },
-  
+  }
+  ,
     "Markdown":
     {
       "MarkdownPath": "Markdown",