Cyclomatic
Why is the antiforgery token in MS example appending the token only on "/" or "/index/html"
I'm working on an angular SPA front end and C# web api backend. I want to use antiforgery cookies. The front end and backend live on the same server on different ports (not sure if any of this is relevant to the question).
I've got the antiforgery cookie correctly working - if I visit my page directly, www.mywebsite.com, then the token is appended and everything works fine.. However, if I visit my angular SPA starting at a URL that is not "/" or "/index.html" then the cookie is not appended and I get exceptions in my backend when trying to make calls. I think this is because I am implementing it as suggested here:
https://learn.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-8.0#generate-antiforgery-tokens-with-iantiforgery
Why do they only append the XSRF-TOKEN when the path is "/" or "/index.html"? And, if I should continue doing as in the example, how do I solve the problem I am having? i.e. if I visit www.mywebsite.com/en for example, the cookie is not appended and I get forgery token errors.
Thanks in advance!
1 replies
XML Deserialization
Hi, I want to deserialize an XML document and I'm using an XmlSerializer. That's all fine, but the order of the elements in the XML is important to me.
For example, I might have some xml that looks like:
Where the title and header order is important to me. Is there any way to pull out the "index" of the xml tag when deserializing?
28 replies
SSL error with entity core
Or malformed SQL, it varies...
I have web api that access and database using entity core. I have an angular frontend. If I call my endpoints invidually, or successively, it works fine. But for some reason when I do something like this:
let patientsObs = forkJoin(neededPatientId.map(id => patientService.getPatientById(id))).pipe(defaultIfEmpty([]));
let doctorObs = forkJoin(needDoctorId.map(id => doctorService.getDoctorById(id))).pipe(defaultIfEmpty([]));
return combineLatest([patientsObs, doctorObs]).pipe(
where neededPatientId and needDoctorId are arrays if integers, the backend throws an exception.
But when i get the patientObs first, and then the doctorObs, it works fine10 replies
Passing DateOnly to controller
What's wrong with this snippet?
[HttpGet("ondate")]
public async Task<IActionResult> GetAppointmentsByDate([FromQuery]DateOnly date)
{
var appointments = await _appointmentDatabaseService.GetAppointmentByDate(date);
if (appointments != null)
{
return Ok(appointments);
}
return NotFound();
}
I'm using swagger, and the JSON looks like this:
{
"year": 2024,
"month": 5,
"day": 5,
"dayOfWeek": 1
}
yet I get the default(DateOnly) in my request
13 replies
Naming conventions with Dto
I've got a PatientDto and it has an Id in it from entity core. Sometimes I want a PatientDto without an Id, i.e. if I've got an endpoint GetPatientById(int id) there isn't much point in returning the Id. Should I just returning it anyway and avoid the hassle or should i have a different dto?
52 replies
Entity Framework IQueryable question
I'm trying to get a list of prescriptions from my Patients entity:
var kk = await _context.Patients.Where(p => p.Id == id)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Medicine)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Doctor)
.ToListAsync();
var gg = await _context.Patients.Where(p => p.Id == id)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Medicine)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Doctor)
.Select(p => new
{
Prescription = p.Prescriptions.Select(p => p.ToDto())
})
.ToListAsync();
kk works, but gg returns an empty list;. Any ideas why this might be happening? I know it's a short snippet, but I figured there would be something obvious I am doing wrong...
Thanks!33 replies
Model, Dto, Entity - Id?
Hi,
I'm messing with a simple CRUD application.
My PatientEntity looks like this:
public class PatientEntity
{
public int Id { get; set; }
public string FirstName { get; set; }
public string Surname { get; set; }
public int Age { get; set; }
public string Gender { get; set; }
}
And my model looks like this (no id):
public class Patient
{
public string FirstName { get; set; }
public string Surname { get; set; }
public int Age { get; set; }
public string Gender { get; set; }
}
And my dto looks like this (no id):
public class PatientDto
{
public string FirstName { get; set; }
public string Surname { get; set; }
public int Age { get; set; }
public string Gender { get; set; }
}
And currently a method in my DatabaseService looks like this:
public async Task<Patient> GetPatientById(int id)
{
PatientEntity patientEntity = await _context.Patients.FindAsync(id);
if (patientEntity != null)
{
return patientEntity.ToPatient(); // i.e. returning the Patient model
}
_logger.LogInformation("Patient not found in the database.");
return null;
}
Should my DatabaseService return a PatientEntity i.e. with an id, and my PatientDto contain the Id? My PatientDto is returned by a web api controller.
I feel like my PatientDto should contain the Id. I guess the problem is that the DatabaseService is returning a Patient (Model) rather than the PatientEntity. Does it make sense to return the model from the Database service?
Here's the git:
https://github.com/billymaat/MedTrackDash
81 replies