social-media/backend/Modules/Identity/DependencyInjection.cs

using Hutopy.Modules.Identity.Configuration;
using Hutopy.Modules.Identity.Contracts;
using Hutopy.Modules.Identity.Data;
using Hutopy.Modules.Identity.Services;
using Microsoft.AspNetCore.Identity;

namespace Hutopy.Modules.Identity;

public static class DependencyInjection
{
    public static WebApplicationBuilder AddIdentityModule(
        this WebApplicationBuilder builder,
        Action<DbContextOptionsBuilder>? configureAction = null)
    {
        builder.Services.AddDbContext<IdentityDbContext>(configureAction);

        builder.Services.Configure<JwtOptions>(
            builder.Configuration.GetRequiredSection(JwtOptions.SectionName));

        builder.Services.AddAuthentication()
            .AddBearerToken(IdentityConstants.BearerScheme);

        builder.Services.AddAuthorizationBuilder();

        builder.Services
            .AddIdentityCore<User>()
            .AddUserManager<UserManager>()
            .AddRoles<Role>()
            .AddEntityFrameworkStores<IdentityDbContext>()
            .AddApiEndpoints()
            .AddDefaultTokenProviders();

        // Singleton services
        builder.Services.AddSingleton(TimeProvider.System);

        // Scoped services
        builder.Services.AddScoped<IdentityService>();
        builder.Services.AddScoped<EmailVerificationService>();
        builder.Services.AddScoped<IUserLookup, UserLookup>();

        return builder;
    }

    public static async Task<IApplicationBuilder> UseIdentityModuleAsync(
        this IApplicationBuilder app,
        CancellationToken cancellationToken = default)
    {
        IServiceScopeFactory scopeFactory = app.ApplicationServices.GetRequiredService<IServiceScopeFactory>();
        using IServiceScope scope = scopeFactory.CreateScope();
        await using IdentityDbContext context = scope.ServiceProvider.GetRequiredService<IdentityDbContext>();
        await context.Database.MigrateAsync(cancellationToken);

        RoleManager<Role> roleManager = scope.ServiceProvider.GetRequiredService<RoleManager<Role>>();
        await TrySeedAsync(roleManager);

        return app;
    }

    private static async Task TrySeedAsync(RoleManager<Role> roleManager)
    {
        Role administratorRole = new(KnownRoles.Administrator);
        if (roleManager.Roles.All(r => r.Name != administratorRole.Name))
        {
            await roleManager.CreateAsync(administratorRole);
        }

        Role roleCreator = new(KnownRoles.Creator);
        if (roleManager.Roles.All(r => r.Name != roleCreator.Name))
        {
            await roleManager.CreateAsync(roleCreator);
        }
    }
}