From f033c5e92ea61898ac566b1593f575987967ceaa Mon Sep 17 00:00:00 2001 From: Eugene Fox Date: Thu, 27 Mar 2025 20:51:22 +0000 Subject: [PATCH] init: inital commit --- .devcontainer/devcontainer.json | 45 ++ .dockerignore | 5 + .github/ISSUE_TEMPLATE/bug_report.yml | 67 +++ .github/ISSUE_TEMPLATE/config.yml | 3 + .github/ISSUE_TEMPLATE/feature_request.yml | 62 +++ .github/dependabot.yml | 12 + .github/pull_request_template.md | 7 + .github/workflows/ci.yml | 71 +++ .gitignore | 485 +++++++++++++++++++++ .vscode/extensions.json | 11 + .vscode/launch.json | 30 ++ .vscode/settings.json | 12 + .vscode/tasks.json | 41 ++ Backbone.csproj | 17 + Backbone.sln | 22 + CODE_OF_CONDUCT.md | 134 ++++++ CONTRIBUTING.md | 31 ++ Dockerfile | 20 + LICENSE | 21 + Program.cs | 56 +++ Properties/launchSettings.json | 12 + README.md | 93 ++++ SECURITY.md | 18 + appsettings.Development.json | 11 + appsettings.json | 9 + 25 files changed, 1295 insertions(+) create mode 100644 .devcontainer/devcontainer.json create mode 100644 .dockerignore create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/config.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml create mode 100644 .github/dependabot.yml create mode 100644 .github/pull_request_template.md create mode 100644 .github/workflows/ci.yml create mode 100644 .gitignore create mode 100644 .vscode/extensions.json create mode 100644 .vscode/launch.json create mode 100644 .vscode/settings.json create mode 100644 .vscode/tasks.json create mode 100644 Backbone.csproj create mode 100644 Backbone.sln create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md create mode 100644 Dockerfile create mode 100644 LICENSE create mode 100644 Program.cs create mode 100644 Properties/launchSettings.json create mode 100644 README.md create mode 100644 SECURITY.md create mode 100644 appsettings.Development.json create mode 100644 appsettings.json diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..9df588b --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,45 @@ +// For format details, see https://aka.ms/devcontainer.json. For config options, see the +// README at: https://github.com/devcontainers/templates/tree/main/src/dotnet +{ + "name": "Backbone", + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "image": "mcr.microsoft.com/devcontainers/dotnet:1-9.0-noble", + + // Features to add to the dev container. More info: https://containers.dev/features. + "features": { + "ghcr.io/devcontainers/features/docker-in-docker:2": { + "installDockerBuildx": true, + "version": "latest", + "dockerDashComposeVersion": "latest" + } + }, + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [5000, 5001], + // "portsAttributes": { + // "5001": { + // "protocol": "https" + // } + // } + + // Use 'postCreateCommand' to run commands after the container is created. + "postCreateCommand": "dotnet restore", + + // Configure tool-specific properties. + "customizations": { + "vscode": { + "extensions": [ + "bierner.github-markdown-preview", + "github.vscode-github-actions", + "GitHub.vscode-pull-request-github", + "Gruntfuggly.todo-tree", + "ms-dotnettools.csdevkit", + "patcx.vscode-nuget-gallery", + "saeris.markdown-github-alerts" + ] + } + } + + // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root. + // "remoteUser": "root" +} diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..e2c173a --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +* +!*.csproj +!*.cs +!launchSettings.json +!appsettings*.json diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..99a9ff4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,67 @@ +name: "🐞 Bug Report" +description: Create a report to help us improve the website +title: "[Bug]: " +labels: ["bug", "needs-triage"] +assignees: + - xfox111 +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + + - type: textarea + id: description + attributes: + label: Description + description: A clear and concise description of what the bug is. + validations: + required: true + + - type: textarea + attributes: + label: Reproduction steps + description: Precisely describe minimal number of steps that make the bug to appear + placeholder: | + 1. Go to '...' + 2. Click on '...' + 3. Scroll down to '...' + 4. See '...' + validations: + required: true + + - type: textarea + attributes: + label: Expected behavior + description: A clear and concise description of what you expected to happen. + validations: + required: true + + - type: textarea + id: context + attributes: + label: Additional context + description: Add any other context about the problem here. + validations: + required: false + + - type: dropdown + id: requested-help + attributes: + label: Are you willing to submit a PR for this issue? + options: + - "yes" + - "no" + validations: + required: true + + - type: checkboxes + id: checkboxes + attributes: + label: Validations + description: Before submitting the issue, please make sure you do the following + options: + - label: Check that there isn't already an issue that reports the same bug to avoid creating a duplicate. + required: true + - label: The provided reproduction is a minimal reproducible example of the bug. + required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..9e6deba --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,3 @@ +# yaml-language-server: $schema=https://json.schemastore.org/github-issue-config.json + +blank_issues_enabled: true diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..6318208 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,62 @@ +name: "🚀 New feature proposal" +description: Suggest a feature idea for this project +title: "[Feature]: " +labels: ["feature", "needs-triage"] +assignees: + - xfox111 +body: + - type: markdown + attributes: + value: | + Thanks for your interest in the project and taking the time to fill out this feature report! + + - type: textarea + id: proposition + attributes: + label: Proposed solution + description: Describe the solution you'd like + validations: + required: true + + - type: textarea + id: justification + attributes: + label: Justification + description: Is your feature request related to a problem? Please describe. + validations: + required: true + + - type: textarea + id: alts + attributes: + label: Alternatives + description: Describe alternatives you've considered. + validations: + required: true + + - type: textarea + id: context + attributes: + label: Additional context + description: Add any other context or screenshots about the feature request here. + validations: + required: false + + - type: dropdown + id: requested-help + attributes: + label: Are you willing to submit a PR for this issue? + options: + - "yes" + - "no" + validations: + required: true + + - type: checkboxes + id: checkboxes + attributes: + label: Validations + description: Before submitting the issue, please make sure you do the following + options: + - label: Check that there isn't already an issue that request the same feature to avoid creating a duplicate. + required: true diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..f33a02c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for more information: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +# https://containers.dev/guide/dependabot + +version: 2 +updates: + - package-ecosystem: "devcontainers" + directory: "/" + schedule: + interval: weekly diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..9586a1d --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,7 @@ +Resolves: #issue_number + +# Description + + + + diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..875f7e9 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,71 @@ +name: "CI pipeline" + +on: + push: + branches: [ "main" ] + paths-ignore: + - '.devcontainer/*' + - '.github/*' + - '!.github/workflows/ci.yml' + - '.vscode/*' + - '**.md' + - 'Properties/launchSettings.json' + - 'LICENSE' + pull_request: + branches: [ "main", "deps" ] + paths-ignore: + - '.devcontainer/*' + - '.github/*' + - '!.github/workflows/ci.yml' + - '.vscode/*' + - '**.md' + - 'Properties/launchSettings.json' + - 'LICENSE' + workflow_dispatch: + inputs: + push: + type: boolean + required: false + default: false + description: "Push to Docker Hub" + +jobs: + build: + runs-on: ubuntu-latest + + permissions: + packages: write + + steps: + - uses: actions/checkout@v4 + + - uses: docker/metadata-action@v5 + id: meta + with: + images: | + ${{ github.repository }} + ghcr.io/${{ github.repository }} + tags: | + latest + ${{ github.sha }} + + - name: "Login to Docker Hub" + if: github.event_name != 'pull_request' || github.event.inputs.push == 'true' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: "Login to GitHub Container Registry" + if: github.event_name != 'pull_request' || github.event.inputs.push == 'true' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - uses: docker/build-push-action@v6 + with: + context: . + push: ${{ github.event_name != 'pull_request' || github.event.inputs.push == 'true' }} + tags: ${{ steps.meta.outputs.tags }} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..eeb260e --- /dev/null +++ b/.gitignore @@ -0,0 +1,485 @@ +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from `dotnet new gitignore` + +# dotenv files +.env + +# User-specific files +*.rsuser +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Mono auto generated files +mono_crash.* + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +[Ww][Ii][Nn]32/ +[Aa][Rr][Mm]/ +[Aa][Rr][Mm]64/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ +[Ll]ogs/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUnit +*.VisualState.xml +TestResult.xml +nunit-*.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET +project.lock.json +project.fragment.lock.json +artifacts/ + +# Tye +.tye/ + +# ASP.NET Scaffolding +ScaffoldingReadMe.txt + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_h.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*_wpftmp.csproj +*.log +*.tlog +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc +core + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Coverlet is a free, cross platform Code Coverage Tool +coverage*.json +coverage*.xml +coverage*.info + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# NuGet Symbol Packages +*.snupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx +*.appxbundle +*.appxupload + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!?*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser +*- [Bb]ackup.rdl +*- [Bb]ackup ([0-9]).rdl +*- [Bb]ackup ([0-9][0-9]).rdl + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio 6 auto-generated project file (contains which files were open etc.) +*.vbp + +# Visual Studio 6 workspace and project file (working project files containing files to include in project) +*.dsw +*.dsp + +# Visual Studio 6 technical files +*.ncb +*.aps + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# CodeRush personal settings +.cr/personal + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + +# Visual Studio History (VSHistory) files +.vshistory/ + +# BeatPulse healthcheck temp database +healthchecksdb + +# Backup folder for Package Reference Convert tool in Visual Studio 2017 +MigrationBackup/ + +# Ionide (cross platform F# VS Code tools) working folder +.ionide/ + +# Fody - auto-generated XML schema +FodyWeavers.xsd + +# VS Code files for those working on multiple tools +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +*.code-workspace + +# Local History for Visual Studio Code +.history/ + +# Windows Installer files from build outputs +*.cab +*.msi +*.msix +*.msm +*.msp + +# JetBrains Rider +*.sln.iml +.idea/ + +## +## Visual studio for Mac +## + + +# globs +Makefile.in +*.userprefs +*.usertasks +config.make +config.status +aclocal.m4 +install-sh +autom4te.cache/ +*.tar.gz +tarballs/ +test-results/ + +# Mac bundle stuff +*.dmg +*.app + +# content below from: https://github.com/github/gitignore/blob/main/Global/macOS.gitignore +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +# content below from: https://github.com/github/gitignore/blob/main/Global/Windows.gitignore +# Windows thumbnail cache files +Thumbs.db +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# Windows shortcuts +*.lnk + +# Vim temporary swap files +*.swp diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000..d270750 --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,11 @@ +{ + "recommendations": [ + "bierner.github-markdown-preview", + "github.vscode-github-actions", + "GitHub.vscode-pull-request-github", + "Gruntfuggly.todo-tree", + "ms-dotnettools.csdevkit", + "patcx.vscode-nuget-gallery", + "saeris.markdown-github-alerts" + ] +} diff --git a/.vscode/launch.json b/.vscode/launch.json new file mode 100644 index 0000000..dc61bf2 --- /dev/null +++ b/.vscode/launch.json @@ -0,0 +1,30 @@ +{ + "version": "0.2.0", + "configurations": [ + { + // Use IntelliSense to find out which attributes exist for C# debugging + // Use hover for the description of the existing attributes + // For further information visit https://github.com/dotnet/vscode-csharp/blob/main/debugger-launchjson.md. + "name": ".NET Core Launch (web)", + "type": "coreclr", + "request": "launch", + "preLaunchTask": "build", + // If you have changed target frameworks, make sure to update the program path. + "program": "${workspaceFolder}/bin/Debug/net9.0/Backbone.dll", + "args": [], + "cwd": "${workspaceFolder}", + "stopAtEntry": false, + "env": { + "ASPNETCORE_ENVIRONMENT": "Development" + }, + "sourceFileMap": { + "/Views": "${workspaceFolder}/Views" + } + }, + { + "name": ".NET Core Attach", + "type": "coreclr", + "request": "attach" + } + ] +} diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..eaf5046 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,12 @@ +{ + "editor.insertSpaces": false, + "editor.rulers": [ + { + "column": 120 + } + ], + "files.eol": "\n", + "files.insertFinalNewline": true, + "files.trimFinalNewlines": true, + "files.trimTrailingWhitespace": true, +} diff --git a/.vscode/tasks.json b/.vscode/tasks.json new file mode 100644 index 0000000..51e3d09 --- /dev/null +++ b/.vscode/tasks.json @@ -0,0 +1,41 @@ +{ + "version": "2.0.0", + "tasks": [ + { + "label": "build", + "command": "dotnet", + "type": "process", + "args": [ + "build", + "${workspaceFolder}/Backbone.sln", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary;ForceNoAlign" + ], + "problemMatcher": "$msCompile" + }, + { + "label": "publish", + "command": "dotnet", + "type": "process", + "args": [ + "publish", + "${workspaceFolder}/Backbone.sln", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary;ForceNoAlign" + ], + "problemMatcher": "$msCompile" + }, + { + "label": "watch", + "command": "dotnet", + "type": "process", + "args": [ + "watch", + "run", + "--project", + "${workspaceFolder}/Backbone.sln" + ], + "problemMatcher": "$msCompile" + } + ] +} \ No newline at end of file diff --git a/Backbone.csproj b/Backbone.csproj new file mode 100644 index 0000000..d057f3a --- /dev/null +++ b/Backbone.csproj @@ -0,0 +1,17 @@ + + + + net9.0 + enable + enable + true + + true + true + true + + true + true + + + diff --git a/Backbone.sln b/Backbone.sln new file mode 100644 index 0000000..71b4599 --- /dev/null +++ b/Backbone.sln @@ -0,0 +1,22 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 17 +VisualStudioVersion = 17.0.31903.59 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Backbone", "Backbone.csproj", "{79FCBBD5-0D12-4E24-BADC-FC5C2613774C}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {79FCBBD5-0D12-4E24-BADC-FC5C2613774C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {79FCBBD5-0D12-4E24-BADC-FC5C2613774C}.Debug|Any CPU.Build.0 = Debug|Any CPU + {79FCBBD5-0D12-4E24-BADC-FC5C2613774C}.Release|Any CPU.ActiveCfg = Release|Any CPU + {79FCBBD5-0D12-4E24-BADC-FC5C2613774C}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection +EndGlobal diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..ad52cd6 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,134 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, caste, color, religion, or sexual +identity and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the overall + community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or advances of + any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email address, + without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official email address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +[opensource@xfox111.net](mailto:opensource@xfox111.net). +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series of +actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or permanent +ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within the +community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.1, available at +[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. + +Community Impact Guidelines were inspired by +[Mozilla's code of conduct enforcement ladder][Mozilla CoC]. + +For answers to common questions about this code of conduct, see the FAQ at +[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at +[https://www.contributor-covenant.org/translations][translations]. + +> Contributor Covenant is released under the [Creative Commons Attribution 4.0 International Public License](https://github.com/EthicalSource/contributor_covenant/blob/release/LICENSE.md). + +[homepage]: https://www.contributor-covenant.org +[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html +[Mozilla CoC]: https://github.com/mozilla/diversity +[FAQ]: https://www.contributor-covenant.org/faq +[translations]: https://www.contributor-covenant.org/translations diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..21bce83 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,31 @@ +# Contribution Guidelines + +Thank you for considering contributing to the project! We welcome your help and appreciate your support. + +## General guidelinesing work, check the issue tracker to see if a relevant issue already exists. If not, create a new issue to describe the bug or feature. + +2. **Get Assigned:** Make sure you are assigned to an issue before beginning any work. This helps prevent duplicate efforts. + +3. **Fork the Repository:** Fork the repository and clone it to your local machine. + +4. **Work on Your Changes:** Create a new branch for your work and make your changes. + +5. **Commit Your Changes:** Write clear, concise commit messages. + +6. **Open a Pull Request (PR):** Once your changes are ready, open a PR. Ensure + +- **Follow templates:** Use the provided issue and pull request templates to ensure consistency and completeness. Be concise. +- **Follow Single responisibility principle:** Each contribution must correspond to a single area of work. Don't mix them up (e.g. fixing a bug and adding a new feature in the same PR). +- **Code of Conduct:** Be sure to follow our [Code of Conduct](CODE_OF_CONDUCT.md). + +## Contributing Process + +1. **Create an Issue:** Before startyou link the PR to the corresponding issue. + +7. **Review Process:** Be responsive to feedback and make any requested changes. + +## Additional Notes + +Feel free to suggest improvements or ask questions. You can send your feedback to [opensource@xfox111.net](mailto:opensource@xfox111.net) + +Thank you! diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..25d3c9a --- /dev/null +++ b/Dockerfile @@ -0,0 +1,20 @@ +FROM mcr.microsoft.com/dotnet/sdk:9.0-alpine AS build +WORKDIR /build + +# Installing additional dev dependencies for AOT +RUN apk add clang binutils musl-dev build-base zlib-static + +ADD *.csproj . +RUN dotnet restore --runtime linux-musl-x64 + +ADD . ./ +RUN dotnet publish --configuration Release --no-restore --output /out + +FROM scratch AS prod +WORKDIR /app + +COPY --from=build /out/Backbone . +COPY --from=build /out/appsettings*.json . + +EXPOSE 80 +ENTRYPOINT [ "./Backbone", "--urls", "http://*:80" ] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..db0177c --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2025 Eugene Fox + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/Program.cs b/Program.cs new file mode 100644 index 0000000..94a02d7 --- /dev/null +++ b/Program.cs @@ -0,0 +1,56 @@ +using System.Text.Json.Serialization; +using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.SignalR; + +WebApplicationBuilder builder = WebApplication.CreateSlimBuilder(args); + +builder.Services.AddSignalR(); + +builder.Services.ConfigureHttpJsonOptions(options => + options.SerializerOptions.TypeInfoResolverChain.Insert(0, AppJsonSerializerContext.Default) +); +builder.Services.Configure(options => + options.PayloadSerializerOptions.TypeInfoResolverChain.Insert(0, AppJsonSerializerContext.Default) +); + +builder.Services.AddCors(options => +{ + options.AddDefaultPolicy(policy => + policy + .SetIsOriginAllowed(_ => true) + .WithMethods(["POST"]) + .WithHeaders(["x-requested-with", "x-signalr-user-agent"]) + .AllowCredentials()); +}); + +WebApplication app = builder.Build(); + +app.UseCors(); + +app.MapHub("/ws", options => +{ + options.ApplicationMaxBufferSize = 1; // 1B, virtually disabling ability for clients to send data +}); + +app.MapPost("/send", + static async ( + [FromServices] IHubContext hubContext, [FromServices] ILogger logger, + [FromQuery] string id, [FromBody] string data + ) => + { + if (string.IsNullOrWhiteSpace(data) || data.Length > 66_560) + return Results.BadRequest(); + + logger.LogDebug("Received payload for connection '{id}' (package length: {len})", id, data.Length); + await hubContext.Clients.Client(id).SendAsync("ReceiveData", data); + + return Results.Ok(); + } +); + +app.Run(); + +class WsHub : Hub { } + +[JsonSerializable(typeof(string))] +internal partial class AppJsonSerializerContext : JsonSerializerContext { } diff --git a/Properties/launchSettings.json b/Properties/launchSettings.json new file mode 100644 index 0000000..d887e75 --- /dev/null +++ b/Properties/launchSettings.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json.schemastore.org/launchsettings.json", + "profiles": { + "http": { + "commandName": "Project", + "applicationUrl": "http://localhost:8080", + "environmentVariables": { + "ASPNETCORE_ENVIRONMENT": "Development" + } + } + } +} diff --git a/README.md b/README.md new file mode 100644 index 0000000..d092b8e --- /dev/null +++ b/README.md @@ -0,0 +1,93 @@ +# Backbone + +[![GitHub last commit](https://img.shields.io/github/last-commit/xfox111/backbone?label=Last+update)](https://github.com/XFox111/backbone/commits/main) +[![Docker Image Size](https://img.shields.io/docker/image-size/xfox111/backbone?logo=docker&logoColor=white)](https://hub.docker.com/r/xfox111/backbone/) + +Small ASP.NET web server for one way communication between two clients. + +This server is one of the key components of [EasyLogon project](https://github.com/xfox111/easylogon-web). + +## Overview + +```mermaid +sequenceDiagram + participant S as Sender + participant B as Backbone + participant R as Receiver + + opt SignalR + R->>+B: Connection request + B->>-R: connection_id + end + opt Arbitrary data channel + R-->>S: connection_id + end + opt HTTP POST + S->>+B: connection_id + data + end + opt SignalR + B->>-R: data + end +``` + +### Endpoints +- **SignalR**: `/ws` - WebSocket endpoint for real-time communication. +- **POST**: `/send?id={connectionId}` - HTTP POST endpoint for sending data to the receiver. + +Body of the `/send` endpoint must be of type `Content-Type: application/json`. + +### Key points + +- The arbitrary channel for `connectionId` tranmission should be as secure as possibe (preferably an offline channel), since posession of `connectionId` can pose a security threat. +- Connection between Backbone and receiver preferably should be re-established after every transmission to avoid replay attacks. + +## Related papers + +- [QR Code Authentication System as an Ultimate Tool for Personal Cybersecurity (2023, IEEE)](https://ieeexplore.ieee.org/abstract/document/10397212) + +## Development + +### Prerequisites + +For development you can use [Dev Containers](https://devcontainers.io/) or [GitHub Codespaces](https://github.com/features/codespaces). Otherwise you will need to install following tools: +- [.NET SDK 9](https://dotnet.microsoft.com/download/dotnet/9.0) +- [Docker](https://www.docker.com/) + + +### Building and debugging + +Here're some commonly used commands: +```bash +dotnet restore # Install dependencies +dotnet run # Start the development server +dotnet build # Build the project for production +``` + +To build a Docker image, run: + +```bash +docker build -t . +``` + +> [!TIP] +> If you use VS Code, you can also use pre-defined tasks for building and debugging. + +## Contributing +[![GitHub issues](https://img.shields.io/github/issues/xfox111/backbone)](https://github.com/xfox111/backbone/issues) +[![CI](https://github.com/XFox111/backbone/actions/workflows/ci.yml/badge.svg)](https://github.com/XFox111/backbone/actions/workflows/ci.yaml) +[![GitHub repo size](https://img.shields.io/github/repo-size/xfox111/backbone?label=repo%20size)](https://github.com/xfox111/backbone) + +There are many ways in which you can participate in the project, for example: +- [Submit bugs and feature requests](https://github.com/xfox111/backbone/issues), and help us verify as they are checked in +- Review [source code changes](https://github.com/xfox111/backbone/pulls) +- Review documentation and make pull requests for anything from typos to new content + +If you are interested in fixing issues and contributing directly to the code base, please refer to the [Contribution Guidelines](/CONTRIBUTING.md) + +--- + +[![Bluesky](https://img.shields.io/badge/%40xfox111.net-BSky?logo=bluesky&logoColor=%230285FF&label=Bluesky&labelColor=white&color=%230285FF)](https://bsky.app/profile/xfox111.net) +[![GitHub](https://img.shields.io/badge/%40xfox111-GitHub?logo=github&logoColor=%23181717&label=GitHub&labelColor=white&color=%23181717)](https://github.com/xfox111) +[![Buy Me a Coffee](https://img.shields.io/badge/%40xfox111-BMC?logo=buymeacoffee&logoColor=black&label=Buy%20me%20a%20coffee&labelColor=white&color=%23FFDD00)](https://buymeacoffee.com/xfox111) + +> ©2025 Eugene Fox. Licensed under [MIT license](/LICENSE) diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..9725dfc --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,18 @@ +# Security Policy + +We as maintainers of this project are committed to maintaining the security of our software. We take security vulnerabilities seriously and will work to address them as quickly as possible. + +## Reporting vulnerabilities + +Here's a basic steps to report a vulnerability: + +1. Send an email to opensource@xfox111.net +1. Give a clear description of the issue, including how to reproduce it and what impact it might have. +1. If applicanle, provide a proof-of-concept or screenshot showing the problem. + +> [!IMPORTANT] +> Please do not disclose the vulnerability publicly until we have had a chance to address it. This helps us keep our users safe and gives us time to fix the issue. + +We'll do our best to address any issues and give you an update. + +Thank you <3 diff --git a/appsettings.Development.json b/appsettings.Development.json new file mode 100644 index 0000000..6c33b58 --- /dev/null +++ b/appsettings.Development.json @@ -0,0 +1,11 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning", + "Microsoft.AspNetCore.SignalR": "Debug", + "Microsoft.AspNetCore.Http.Connections": "Debug", + "Program": "Debug" + } + } +} diff --git a/appsettings.json b/appsettings.json new file mode 100644 index 0000000..2f36700 --- /dev/null +++ b/appsettings.json @@ -0,0 +1,9 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning" + } + }, + "AllowedHosts": "*" +}