FullStackHero 10 .NET Starter Kit Release Merge #1152
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updated the `Serilog` package version in `Directory.Packages.props` from `4.3.1-dev-02390` to `4.3.1-dev-02395`. Added a new `Architecture.md` file to the solution under the `/Solution Items/` folder. This document provides a detailed overview of the FullStackHero .NET 10 Starter Kit architecture, including solution structure, technology stack, development guidelines, and future plans for Aspire orchestration. The `Architecture.md` file serves as a single source of truth for developers, ensuring clarity and consistency across the project.
Introduced a configuration-driven rate limiting feature to protect APIs from abuse, with tenant- and user-aware policies. Added `RateLimitingOptions` for global and auth-specific limits, exempting health endpoints. Updated the pipeline to include rate limiting middleware. Replaced `DatabaseOptionsLogger` with `DatabaseOptionsStartupLogger` as a hosted service for logging database provider details at startup. Removed OpenAPI annotations from health endpoints and ensured static files are unaffected by rate limiting. Added `Microsoft.AspNetCore.RateLimiting` dependency, `MailOptions` configuration, and placeholders for `AppHost` and `ServiceDefaults`. Performed code cleanup and updated documentation to reflect these changes.
Introduced a new HTTP Auditing module with request/response logging, W3C Trace Context correlation, body capture with masking, and default exclusions. Automatically integrates into the pipeline when referenced. Enhanced logging with structured Serilog configuration, correlation ID enrichment, and noise control for common frameworks. Added production best practices and example `appsettings` for JSON sinks. Improved middleware pipeline in `Extensions.cs`: - Added `ServeStaticFiles` option for early static file serving. - Adjusted CORS middleware placement. - Auto-wired Auditing middleware if referenced. Enhanced `AuditHttpMiddleware`: - Masked sensitive fields in request/response bodies. - Replaced route pattern logging with exact path logging. - Improved exception auditing and updated source identifier. Expanded sensitive field masking in `JsonMaskingService` to include `accessToken` and `refreshToken`. Introduced `AppHost + ServiceDefaults` in `Architecture.md` to outline plans for resource orchestration and deployment bridges.
Renamed and rebranded the FullStackHero (FSH) framework to Hero across the codebase. This includes updates to method names, class names, namespaces, and configuration references to ensure consistency with the new naming convention. Key changes: - Updated `AddFshPlatform` and `UseFshPlatform` to `AddHeroPlatform` and `UseHeroPlatform`. - Renamed `ConfigureDatabase` to `ConfigureHeroDatabase` in database-related classes. - Replaced `BindDbContext` with `AddHeroDbContext` in all modules. - Updated CORS, OpenAPI, and health check methods to use the `Hero` prefix. - Refactored multi-tenant database configuration to `UseHeroMultiTenantDatabases`. These changes ensure a consistent and unified naming convention for the Hero framework.
Introduced a new `Architecture.Tests` project to enforce solution-wide architectural rules, including modularity, namespace conventions, and decoupling between modules and host projects. - Added new package references in `Directory.Packages.props` for testing libraries (`xunit`, `Shouldly`, `AutoFixture`, etc.). - Updated `FSH.Framework.slnx` to include the `Architecture.Tests` project under `/Tests/`. - Created `Architecture.Tests.csproj` targeting `net10.0` with references to building blocks, modules, and the Playground API. - Added `ModuleArchitectureTests` to ensure module runtime projects do not reference other module runtime projects directly. - Added `NamespaceConventionsTests` to enforce namespace alignment with folder structure in `BuildingBlocks/Core/Domain`. - Added `PlaygroundArchitectureTests` to ensure modules do not depend on Playground host assemblies. - Introduced `ModuleArchitectureTestsFixture` for dynamic solution root discovery. - Updated `README.md` to document the purpose, structure, and usage of the `Architecture.Tests` project.
- Create FshStatCard shared component with hover animations - Update FshPageHeader with modern styling and elevation - Create Eventing.Abstractions project for lightweight interfaces - Move FileUploadRequest DTO from Storage to Shared project - Update Modules.Identity.Contracts to use Eventing.Abstractions - Update Modules.Multitenancy.Contracts to remove Storage dependency - Update architecture tests for new dependency structure Co-Authored-By: Claude Opus 4.5 <[email protected]>
Configure JWT not to block debug when no profile pic
* Include .ico in theme favicon upload. Configure JWT not to block debug when no profile pic * Use SendGrid as Alternative mailing Client * Handle TenantThemeSate restore after login. * Update as per request * Added ArgumentNullException on settings of null
* feat: Make repo AI-ready with comprehensive guidelines - Rewrite CLAUDE.md with architectural philosophy and patterns - Add .cursorrules for Cursor IDE users - Add .github/copilot-instructions.md for GitHub Copilot AI assistants can now understand: - Modular monolith + vertical slice philosophy - Feature structure and patterns - Decision guides for where to put code - Critical rules and rationale * chore: Remove Cursor and Copilot files, keep Claude only * feat: Complete AI-ready setup with rules, skills, and agents Structure: - CLAUDE.md → Entry point with quick reference - .claude/rules.md → 12 hard constraints with rationale - .claude/skills.md → Step-by-step guides for common tasks - .claude/agents.md → AI behavior guidelines and decision framework This enables AI assistants to: - Understand architectural philosophy - Follow patterns consistently - Make correct decisions about code placement - Catch common mistakes before they happen * feat: Add Claude Code agents, skills, and rules Following Claude Code official documentation structure: Skills (.claude/skills/<name>/SKILL.md): - add-feature: Create API endpoints with vertical slice pattern - add-module: Scaffold new bounded contexts - add-entity: Create domain entities with multi-tenancy - query-patterns: Pagination, filtering, specifications - testing-guide: Unit, integration, architecture tests - mediator-reference: Mediator vs MediatR (background knowledge) Subagents (.claude/agents/<name>.md): - code-reviewer: Review PRs against FSH patterns (sonnet, read-only) - feature-scaffolder: Generate complete feature files - module-creator: Scaffold new modules - architecture-guard: Verify architecture (haiku, plan mode) - migration-helper: EF Core migrations Rules (.claude/rules/<name>.md) - path-scoped: - buildingblocks-protection: Warns on BuildingBlocks changes - api-conventions: Endpoint requirements - testing-rules: Test conventions Removed old flat files (skills.md, agents.md, rules.md) Updated CLAUDE.md with new structure reference --------- Co-authored-by: jarvis <[email protected]>
Add domain events for identity-related operations: - UserRegisteredEvent: Raised when a new user registers - PasswordChangedEvent: Raised when a user changes password - UserRoleAssignedEvent: Raised when roles are assigned to a user - UserActivatedEvent: Raised when a user account is activated - UserDeactivatedEvent: Raised when a user account is deactivated - SessionRevokedEvent: Raised when a user session is revoked All events inherit from DomainEvent base record and include: - EventId, OccurredOnUtc, CorrelationId, TenantId (from base) - Relevant domain-specific data - Static factory method for convenient creation Co-authored-by: jarvis <[email protected]>
* fix: Add CancellationToken to Identity handlers - PathAwareAuthorizationHandler: Pass context.RequestAborted to WriteAsync - RequiredPermissionAuthorizationHandler: Extract CancellationToken from HttpContext and pass to HasPermissionAsync Note: UserRegisteredEmailHandler and TokenGeneratedLogHandler already have proper CancellationToken handling. * fix: Standardize Identity endpoints to use TypedResults Replace Results.* with TypedResults.* in Identity module endpoints: - Results.Ok() → TypedResults.Ok() - Results.NotFound() → TypedResults.NotFound() - Results.NoContent() → TypedResults.NoContent() - Results.BadRequest() → TypedResults.BadRequest() Files updated: - AdminRevokeSessionEndpoint.cs - RevokeSessionEndpoint.cs - DeleteRoleEndpoint.cs - UpdateRolePermissionsEndpoint.cs - ToggleUserStatusEndpoint.cs - ChangePasswordEndpoint.cs - ForgotPasswordEndpoint.cs - ConfirmEmailEndpoint.cs - DeleteUserEndpoint.cs - UpdateUserEndpoint.cs - AssignUserRolesEndpoint.cs - ResetPasswordEndpoint.cs --------- Co-authored-by: jarvis <[email protected]>
* fix: Add missing authorization to Identity endpoints - ChangePasswordEndpoint: Add RequireAuthorization() for logged-in users - GetUserProfileEndpoint: Add RequireAuthorization() for logged-in users - AssignUserRolesEndpoint: Add RequirePermission(Users.ManageRoles) - GetUserPermissionsEndpoint: Add RequirePermission(Users.View) - Add Users.ManageRoles permission constant These endpoints were previously accessible without proper authorization checks. * fix: Add CancellationToken to Identity handlers - PathAwareAuthorizationHandler: Pass context.RequestAborted to WriteAsync - RequiredPermissionAuthorizationHandler: Extract CancellationToken from HttpContext and pass to HasPermissionAsync Note: UserRegisteredEmailHandler and TokenGeneratedLogHandler already have proper CancellationToken handling. --------- Co-authored-by: jarvis <[email protected]>
- ChangePasswordEndpoint: Add RequireAuthorization() for logged-in users - GetUserProfileEndpoint: Add RequireAuthorization() for logged-in users - AssignUserRolesEndpoint: Add RequirePermission(Users.ManageRoles) - GetUserPermissionsEndpoint: Add RequirePermission(Users.View) - Add Users.ManageRoles permission constant These endpoints were previously accessible without proper authorization checks. Co-authored-by: jarvis <[email protected]>
Added 13 validators: - AddUsersToGroupCommandValidator - DeleteGroupCommandValidator - RemoveUserFromGroupCommandValidator - DeleteRoleCommandValidator - AdminRevokeAllSessionsCommandValidator - AdminRevokeSessionCommandValidator - RevokeAllSessionsCommandValidator - RevokeSessionCommandValidator - AssignUserRolesCommandValidator - ConfirmEmailCommandValidator - DeleteUserCommandValidator - RegisterUserCommandValidator - ToggleUserStatusCommandValidator Co-authored-by: jarvis <[email protected]>
Applied Domain-Driven Design patterns to Identity module entities: - Group.cs: Private setters, private constructor, Create() factory, Update() and SetAsDefault() domain methods - UserGroup.cs: Private setters, private constructor, Create() factory - GroupRole.cs: Private setters, private constructor, Create() factory - UserSession.cs: Private setters, private constructor, Create() factory, UpdateActivity(), UpdateRefreshToken(), and Revoke() domain methods - PasswordHistory.cs: Private setters, private constructor, Create() factory Updated all usages in: - IdentityDbInitializer.cs - CreateGroupCommandHandler.cs - UpdateGroupCommandHandler.cs - AddUsersToGroupCommandHandler.cs - UserService.cs - SessionService.cs - PasswordHistoryService.cs Note: FshUser and FshRole were skipped as they inherit from ASP.NET Identity base classes. Co-authored-by: jarvis <[email protected]>
…dHandler (#1182) Fixes #1179 The catch block was swallowing exceptions silently. While the behavior is intentional (session creation failure shouldn't block login), the exception should be logged for debugging purposes. Changes: - Added ILogger<GenerateTokenCommandHandler> dependency - Log warning when session creation fails with exception details Co-authored-by: jarvis <[email protected]>
* fix: Add logging to session creation exception in GenerateTokenCommandHandler Fixes #1179 The catch block was swallowing exceptions silently. While the behavior is intentional (session creation failure shouldn't block login), the exception should be logged for debugging purposes. Changes: - Added ILogger<GenerateTokenCommandHandler> dependency - Log warning when session creation fails with exception details * fix: resolve all build warnings - Change navigation property setters from 'private set' to 'init' for EF Core entities (fixes S1144) - GroupRole.cs: Group, Role properties - PasswordHistory.cs: Id, User properties - UserGroup.cs: User, Group properties - UserSession.cs: User property - Add await to InvokeAsync(StateHasChanged) calls in PlaygroundLayout.razor (fixes CS4014) Build now completes with 0 warnings, 0 errors. --------- Co-authored-by: jarvis <[email protected]>
* fix: Add logging to session creation exception in GenerateTokenCommandHandler Fixes #1179 The catch block was swallowing exceptions silently. While the behavior is intentional (session creation failure shouldn't block login), the exception should be logged for debugging purposes. Changes: - Added ILogger<GenerateTokenCommandHandler> dependency - Log warning when session creation fails with exception details * fix: resolve all build warnings - Change navigation property setters from 'private set' to 'init' for EF Core entities (fixes S1144) - GroupRole.cs: Group, Role properties - PasswordHistory.cs: Id, User properties - UserGroup.cs: User, Group properties - UserSession.cs: User property - Add await to InvokeAsync(StateHasChanged) calls in PlaygroundLayout.razor (fixes CS4014) Build now completes with 0 warnings, 0 errors. * refactor: standardize endpoints to use TypedResults --------- Co-authored-by: jarvis <[email protected]>
- Make FshUser implement IHasDomainEvents with domain event methods: - RecordRegistered() for UserRegisteredEvent - RecordPasswordChanged() for PasswordChangedEvent - Activate()/Deactivate() for UserActivatedEvent/UserDeactivatedEvent - RecordRolesAssigned() for UserRoleAssignedEvent - Make UserSession implement IHasDomainEvents: - Revoke() now raises SessionRevokedEvent - Update UserService to raise domain events: - RegisterAsync and GetOrCreateFromPrincipalAsync raise UserRegisteredEvent - ToggleStatusAsync uses Activate/Deactivate methods for status events - AssignRolesAsync raises UserRoleAssignedEvent for newly assigned roles - ChangePasswordAsync/ResetPasswordAsync raise PasswordChangedEvent - Update SessionService to pass tenantId to Revoke calls: - RevokeSessionAsync, RevokeAllSessionsAsync - RevokeSessionForAdminAsync, RevokeAllSessionsForAdminAsync Domain events are automatically dispatched by DomainEventsInterceptor after SaveChanges. Co-authored-by: jarvis <[email protected]>
Split the 682-line UserService.cs into smaller, focused partial class files: - UserService.cs (~80 lines) - Core class with constructor and shared helpers - UserService.Registration.cs (~220 lines) - RegisterAsync, GetOrCreateFromPrincipalAsync - UserService.Profile.cs (~100 lines) - GetAsync, GetListAsync, UpdateAsync, existence checks - UserService.Lifecycle.cs (~115 lines) - DeleteAsync, ToggleStatusAsync - UserService.Roles.cs (~85 lines) - AssignRolesAsync, GetUserRolesAsync - UserService.Confirmation.cs (~50 lines) - ConfirmEmailAsync, ConfirmPhoneNumberAsync Existing partial files kept unchanged: - UserService.Password.cs (87 lines) - UserService.Permissions.cs (53 lines) No interface or method signature changes. Build verified with 0 errors, 0 warnings. Co-authored-by: jarvis <[email protected]>
- Extract helper methods in UserService.Lifecycle.cs - Simplify SearchUsersQueryHandler with extracted methods - Fixes CA1827 warnings (Count vs Any) Co-authored-by: jarvis <[email protected]>
* refactor: reduce cyclomatic complexity in Identity module - Extract helper methods in UserService.Lifecycle.cs - Simplify SearchUsersQueryHandler with extracted methods - Fixes CA1827 warnings (Count vs Any) * refactor: reduce complexity in UserService.Roles and Registration - AssignRolesAsync: 19 → extracted ValidateAdminRoleChangeAsync, ProcessRoleAssignmentsAsync - GetOrCreateFromPrincipalAsync: 18 → extracted claim handling, user creation helpers - RegisterAsync: 13 → extracted password validation, email sending, shared helpers Average complexity: 4.7 → 3.5 High complexity methods: 3 → 0 * refactor: reduce cyclomatic complexity across multiple modules ## Changes ### TenantThemeState.cs & ThemeStateFactory.cs - MapFromDto: 52 → 6 (extracted MapLightPalette, MapDarkPalette, etc.) ### TokenRefreshService.cs - TryRefreshTokenAsync: 39 → 8 (extracted cache checks, token validation, claims building) ### AuditHttpMiddleware.cs - InvokeAsync: 30 → 6 (extracted request/response capture, audit writing) ### EntityDiffBuilder.cs - Build: 25 → 5 (extracted property change detection, operation determination) ### SmtpMailService.cs - SendAsync: 19 → 4 (extracted sender/recipient config, attachments) ### IdentityService.cs - ValidateCredentialsAsync: 14 → 5 - ValidateRefreshTokenAsync: 14 → 5 - Eliminated duplicated claims building logic ## Impact - Eliminated 6 'Very Complex' and 'Untestable' rated methods - All refactored methods now ≤10 complexity - Better testability and maintainability --------- Co-authored-by: jarvis <[email protected]>
…1189) Extracted helper methods to reduce complexity in methods with CC 10-15: Method | Before | After ------------------------------------------------|--------|------ AddHeroRateLimiting | 15 | 3 GetQuery<T> (SpecificationEvaluator) | 13 | 1 ExecuteAsync (AuditBackgroundWorker) | 13 | 5 SendAsync (SendGridMailService) | 12 | 1 PublishSingleAsync (InMemoryEventBus) | 11 | 3 PublishAsync (ChannelAuditPublisher) | 11 | 2 Handle (GetAuditSummaryQueryHandler) | 11 | 1 Handle (GetExceptionAuditsQueryHandler) | 11 | 1 Handle (UpdateGroupCommandHandler) | 11 | 1 UpdatePermissionsAsync (RoleService) | 11 | 2 StartAsync (TenantAutoProvisioningHostedService)| 11 | 3 ApplySortingOverride (Specification<T>) | 11 | 3 Refactoring patterns used: - Extract Method: Split large methods into smaller focused helpers - Single Responsibility: Each helper does one thing - Reduced nesting: Flattened control flow structures All changes pass build verification with 0 errors and 0 warnings. Co-authored-by: jarvis <[email protected]>
- Add CancellationToken parameter to IdentityDbInitializer private methods and propagate from SeedAsync to all inner async calls - Add CancellationToken to IRoleService interface methods - Update RoleService to accept and propagate CancellationToken - Update all command/query handlers to pass CancellationToken to service This ensures proper cancellation support throughout the identity module for graceful shutdown and request cancellation scenarios. Co-authored-by: jarvis <[email protected]>
…ices (#1174) (#1192) Split the UserService god class into focused, single-responsibility services: **New Interfaces (Modules.Identity.Contracts/Services/):** - IUserRegistrationService: User registration and external auth - IUserProfileService: Profile CRUD operations - IUserStatusService: Status toggle and delete operations - IUserRoleService: Role assignment operations - IUserPasswordService: Password operations (forgot/reset/change) - IUserPermissionService: Permission queries and caching **New Implementations (Modules.Identity/Services/):** - UserRegistrationService - UserProfileService - UserStatusService - UserRoleService - UserPasswordService - UserPermissionService **Other Changes:** - UserService now acts as a facade delegating to the new services - Updated DI registration in IdentityModule.cs - Deleted 7 old partial class files This improves: - Single Responsibility Principle compliance - Testability (smaller focused services) - Maintainability (clear separation of concerns) - Reusability (handlers can inject specific services they need) Closes #1174 Co-authored-by: jarvis <[email protected]>
…terfaces (#1193) - Create ICurrentUserService interface combining ICurrentUser and ICurrentUserInitializer - Create IRequestContextService interface extending IRequestContext - Update CurrentUserService to implement ICurrentUserService (internal sealed) - Update RequestContextService to implement IRequestContextService (internal sealed) - Update DI registration to register services with their new interfaces - Maintain backward compatibility with existing ICurrentUser and IRequestContext consumers Closes #1180 Co-authored-by: jarvis <[email protected]>
- Add FshManifest model for tracking project configuration and versions - Generate .fsh/manifest.json during project scaffolding - Add 'fsh version' command to show CLI and project versions - Add 'fsh upgrade' command skeleton with --check and --apply flags Sprint 1 deliverables: - [x] Manifest generation in SolutionGenerator - [x] FshManifest model with JSON serialization - [x] VersionCommand with table and JSON output - [x] UpgradeCommand skeleton with planned functionality preview The manifest tracks: - FSH framework version used - CLI version that created the project - Project options (type, architecture, database, modules) - Building blocks versions for upgrade detection Part of the CLI upgrade system - Sprint 2 will add GitHub API integration for checking available upgrades. Co-authored-by: jarvis <[email protected]>
- Add GitHubReleaseService for fetching releases from GitHub API - Add VersionComparer for parsing Directory.Packages.props and comparing versions - Implement 'fsh upgrade --check' functionality: - Fetches latest release from GitHub - Compares current vs latest version - Shows package changes (updates, additions, removals) - Displays release notes summary - Supports --include-prerelease flag Sprint 2 deliverables: - [x] GitHub API integration for release fetching - [x] Version comparison logic (semantic versioning) - [x] Package diff detection from Directory.Packages.props The check command now: - Fetches latest/prerelease from fullstackhero/dotnet-starter-kit - Parses and compares Directory.Packages.props - Shows detailed package-level changes - Identifies potentially breaking changes (major version bumps) Co-authored-by: jarvis <[email protected]>
* feat(identity): add ICurrentUserService and IRequestContextService interfaces - Create ICurrentUserService interface combining ICurrentUser and ICurrentUserInitializer - Create IRequestContextService interface extending IRequestContext - Update CurrentUserService to implement ICurrentUserService (internal sealed) - Update RequestContextService to implement IRequestContextService (internal sealed) - Update DI registration to register services with their new interfaces - Maintain backward compatibility with existing ICurrentUser and IRequestContext consumers Closes #1180 * fix(identity): reduce SessionService complexity Refactored SessionService.cs to reduce cyclomatic complexity: - Extract DeviceTypeClassifier: Moved device type detection logic to a dedicated static helper class, reducing CC from 9 to 3 (uses LINQ Any) - Add SessionCleanupHostedService: Background service for automated session cleanup (runs hourly, removes sessions expired >30 days) - Register hosted service in IdentityModule for automatic cleanup Changes: - SessionService.cs: ~350 lines (was 372), removed GetDeviceType method - DeviceTypeClassifier.cs: New helper class (~40 lines) - SessionCleanupHostedService.cs: New background service (~65 lines) - IdentityModule.cs: Register SessionCleanupHostedService Build: 0 errors, 0 new warnings Closes #1177 --------- Co-authored-by: jarvis <[email protected]>
- Add PackageUpdater service for updating Directory.Packages.props - Implement 'fsh upgrade --apply' functionality: - Fetches latest release and compares versions - Creates backup before making changes - Updates package versions in Directory.Packages.props - Adds new packages from latest release - Shows warnings for removed packages (manual review) - Updates manifest with new version and timestamp - Supports --dry-run for preview without changes - Supports --skip-breaking to skip breaking changes - Supports --force to skip confirmation - Offers rollback on failure Sprint 3 deliverables: - [x] Package version updater - [x] Safe (non-breaking) auto-apply with --skip-breaking - [x] Backup and restore functionality - [x] Interactive confirmation (skippable with --force) - [x] Dry run mode Co-authored-by: jarvis <[email protected]>
…DbContextFactory to read from configuration with default fallback (#1199)
* docs: Add XML documentation to Caching module - ICacheService: Document all interface methods - CacheServiceExtensions: Document GetOrSet patterns - Extensions: Document AddHeroCaching DI registration - DistributedCacheService: Document implementation details - HybridCacheService: Document L1/L2 caching strategy Part of #1176 * docs: Add XML documentation to Core/Domain module - IEntity, BaseEntity, AggregateRoot: Entity and DDD base types - IDomainEvent, DomainEvent, IHasDomainEvents: Domain event patterns - IAuditableEntity: Audit metadata interface - ISoftDeletable: Soft delete support - IHasTenant: Multi-tenancy marker Generated by Codex CLI with --full-auto flag Part of #1176 * docs: Add XML documentation to Exceptions module * docs: Add XML documentation to Context module * docs: Add XML documentation to Common module * docs: Add XML documentation to Abstractions module * docs: Add XML documentation to Persistence core module * docs: Add XML documentation to Persistence specifications, pagination, and interceptors --------- Co-authored-by: jarvis <[email protected]>
…ses (#1202) BREAKING: None - maintains full backward compatibility Split the 1645-line TemplateEngine god class into focused services: - ITemplateLoader/TemplateLoader: Load templates from resources - ITemplateParser/TemplateParser: Parse template syntax and normalize names - ITemplateRenderer/TemplateRenderer: Render templates with variable substitution - ITemplateValidator/TemplateValidator: Validate templates and project options - ITemplateCache/TemplateCache: Cache frequently used templates - TemplateServices: DI container for service management Benefits: ✅ Single Responsibility Principle ✅ Better testability with focused classes ✅ Improved maintainability and extensibility ✅ Built-in validation with detailed error messages ✅ Template caching for better performance ✅ Full backward compatibility - no API changes Files: - Backed up original TemplateEngine.cs - Added Microsoft.Extensions.DependencyInjection dependency - Created comprehensive interfaces and implementations - Added validation tests and documentation Resolves: #1181 Co-authored-by: jarvis <[email protected]>
Adds MIT license to the repository, consistent with other fullstackhero repos. This resolves the legal ambiguity for the 6.2k+ stargazers and 1.9k+ forks who are currently using the starter kit without explicit permission. Closes #1200 Co-authored-by: jarvis <[email protected]>
* Add comprehensive handler tests for Identity module - Added GenerateTokenCommandHandler tests (login flow) - Added RefreshTokenCommandHandler tests (token refresh) - Added RegisterUserCommandHandler tests (user registration) - Added RevokeSessionCommandHandler tests (session management) - Added ChangePasswordCommandHandler tests (password change) Tests include: - Happy path scenarios - Invalid input handling (null checks) - Exception scenarios - CancellationToken propagation - Edge cases and error conditions Following existing test patterns from Multitenancy module: - Uses xUnit, Shouldly, NSubstitute, AutoFixture - Arrange/Act/Assert pattern - Comprehensive test coverage per handler Addresses issue #1173 * fix: add missing NSubstitute.ExceptionExtensions using directives - Added using NSubstitute.ExceptionExtensions to: - RevokeSessionCommandHandlerTests.cs - ChangePasswordCommandHandlerTests.cs - GenerateTokenCommandHandlerTests.cs - RegisterUserCommandHandlerTests.cs - Fixed IIntegrationEvent type in outboxStore assertions * fix: resolve all compiler warnings (56 → 0) - Make ConfigureRecipients and CreateBasicClaims static (CA1822) - Cache JsonSerializerOptions in VersionCommand (CA1869) - Delete unused TemplateEngineTests.cs debug file - Add NoWarn for false-positive warnings in CLI project: - CA1812: Classes instantiated via DI - CA1031: Intentional catch-all in TryLoad/IsValid methods - CA1303: CLI is not localized - CA1308: ToLowerInvariant intentional for identifiers - Other code style warnings that don't apply to CLI tools --------- Co-authored-by: jarvis <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#Architecture
scripts/openapi/generate-api-clients.ps1 -SpecUrl "<spec>"); Blazor consumes generated clients.