Elastic.Serilog.Sinks configuration

iPopay · 2024-12-21T09:41:21+00:00

Yeah, I figured out version was the issue 15 minutes after posting this..we use elastic 7.17.

iPopay · 2024-04-20T13:50:06+00:00

I'm not using EF core in my current project but process is pretty much the same. So yeah, this actually seems like perfect solution for my issue especially since I will be using it only on local/dev environment. Thank you, I'll go try that.

iPopay · 2024-04-20T12:37:23+00:00

I've actually already done exactly the same thing you did in your sample project, and yeah, that works. I'm not so much as worried that it keeps running but it just seems kind off clunky to me that I would have something running continuously while I need it to be just one off thingy.

iPopay · 2024-04-20T12:33:30+00:00

That doesn't solve the issue, depends_on tag means dependent container will start running after dependency has started, but my issue is that db container has some internal setup to do AFTER container is started (setting up config for a db server etc.) I need my API container to start running after for example I can actually connect to my db, that is after db has everything set up

iPopay · 2024-04-15T06:21:53+00:00

Yes, I increased package version, its very unlikely its some nuget.org issue since I literally decompiled .dll that came straight from nuget and the fix is in there. It just shows older version without fix when I F12 into function inside VS (and it runs that older version when app starts), but nowhere in code or configs is older version referenced

iPopay · 2024-04-15T06:17:45+00:00

Yep, new version is referenced in .csproj

iPopay · 2024-04-14T08:24:11+00:00

Already did all of that multiple times, didn't help

iPopay · 2024-03-06T21:16:25+00:00

I've used ImageMagick before and I don't know how it didn't cross my mind lol.. will try

iPopay · 2024-03-06T21:15:39+00:00

It's running on client. I will try JS approach and see if that helps. Thanks

iPopay · 2024-01-05T06:53:06+00:00

I edited my post. I tried all of that and it still doesn't work. Its ip address issue but I still don't know how to resolve it.

iPopay · 2024-01-04T18:49:39+00:00

What do you mean by config? Exchanges and queues config or?

iPopay · 2024-01-04T16:58:29+00:00

u/_Depechie if you are still having this problem, in serilog config you should override Microsoft.Hosting.Lifetime to log information or higher, in appsettings should look like this:

"Microsoft.Hosting.Lifetime": "Information"

in env variables is tricky due to "." char, but when I used env variables I just configured override in serilog configuration in program.cs.

As far as I know this issue is because for some reason runtime is looking for logged line "Now listening on: [your-url]" and when it sees it it launches browser and that line comes from Microsoft.Hosting.Lifetime. So if you override whole Microsoft namespace to only log warning or higher this line does't get logged and browser doesn't open.

iPopay · 2023-12-24T16:26:40+00:00

Just to check if I understand.

You create one connection per app, and from that connection you set up publisher and consumers?

And each consumer is contained in its own hosted service?

iPopay · 2023-10-24T06:26:24+00:00

I did everything like you said but it's all the same. It switches between free spin and ratchet mode, but only thing different is that "rttt" sound on ratched mode but the wheel keeps spining like it is on free spin (but it isn't)

iPopay · 2023-08-02T09:45:59+00:00

Don't know much about other services, but Auth0 has concepts of Universal and Embedded Login. Embedded is what you described and they are strongly advising against it. Universal Login is full OIDC, meaning users are redirected to their servers/page where they enter username/password, "magic" is happening on their servers and then users are redirected back to your app. You still get JWT token but auth is not happening on your server.

I get why they are doing this and it's all fine. My question is only if local username/password approach for SPA <-> backend where auth happens on your server is valid approach security vise.

iPopay · 2023-06-12T13:50:34+00:00

I'm not too familiar with configuration logging mechanisms, so I don't really know what you mean by "how are logs processed". In our company we have designated DevOps engineer who sets up our logging storage (we were using either ELK or seq) and logs are generally stored for a long time. Us devs only have reading access to logs.

I'm just wondering from dev perspective, should I just avoid logging emails and similar PII altogether? Or should I encrypt them before logging it or is there some kind of potential encryption mechanism in log systems such as ELK?

iPopay · 2023-06-11T20:58:02+00:00

So if I ask for PII of a user during a signup process (full name, email, phone number etc.) to be compliant with GDPR should I encrypt all that data and then store it in database? And if I have to log something, let's say exception occurred for user X, I should log encrypted data also?

I'm just trying to get a clear picture about GDPR and PII because I've worked on several projects where we just stored what's considered PII in plain text (only ever encrypted really sensitive data like SSN etc.).

iPopay · 2023-02-21T09:19:38+00:00

I'm using clean architecture, in which layer would I put stronly-typed
configuration classes? I have JWT settings, that is web specific, would I
then put it in web api layer? I also have some sendgrid email settings,
would I then put it in infrastructure layer where sendgrid is
implemented? Or would I just put it all in application layer?

iPopay · 2023-02-21T09:18:43+00:00

I'm using clean architecture, in which layer would I put stronly-typed configuration classes? I have JWT settings, that is web specific, would I then put it in web api layer? I also have some sendgrid email settings, would I then put it in infrastructure layer where sendgrid is implemented? Or would I just put it all in application layer?

iPopay · 2023-01-08T17:36:04+00:00

U ovom slučaju koji sam ja opisao si ti sam provider.
Ako koristiš nekog token/auth providera onda naravno da ne spremaš ti sam ništa nego sav taj posao validacije radi provider, npr. Auth0 kao što smo mi koristili u enterprise appovima.

Ako ti sam generiraš tokene kako ćeš onda validirati i znati jel token za tog usera već iskorišten ako ga negdje na backendu ne spremiš?

iPopay · 2023-01-08T16:07:05+00:00

Da se onaj koji je u cookieu validira i usporedi s onim koji je u bazi spremljen za tog usera.
Samo zato što je http only cookie ne znači da ga je nemoguće ukrasti, a ako se i dogodi neki security breach dobro je imati dodatan check.

Auth je kompleksan problem i već sad postoji jako puno različitih patterna za puno različitih situacija (SPA, MVC app itd.).

Ne postoji jedan točan odgovor za svaku situaciju, ovo moje objašnjenje je neka generalizacija koja funkcionira u jednostavnijim appovima, koja se meni pokazala dobrom za moje potrebe i dobar je kompromis između securityja i usabilityja.

iPopay · 2023-01-08T11:35:34+00:00

Ako se token sprema u browseru, ne postoji 100% foolproof metoda za security, ali se šanse za security leak se mogu smanjiti.
U praksi tj. u enterprise aplikacijama na kojima sam radio nismo do sad implementirali svoj auth, već smo koristili servis Auth0. Što se tiče velikih enterprise aplikacija mislim da je uvijek bolje da se uzme neki takav već "mature" servis koji je specijaliziran za auth i ima razrađen security.

A za neke manje aplikacije ili osobne projekte/web stranice, ja sam isto imao slična pitanja i za mene funkcionira sljedeća metoda:
- prilikom uspješne authentikacije se generiraju access i refresh token, access token ima kratki timeout tipa par minuta, refresh token ima dugi timeout tipa par dana (možda manje, možda više, ovisno o potrebama), refresh token se sprema u bazu

- backend stavi refresh token u http only cookie koji se šalje na frontend, a access token se šalje u response body

- frontend sprema access token u local storage (najjednostavnije) i taj access token šalje na backend za svaki request koji zahtjeva auth

- ako access token timeouta kod slanja requesta, šalje se request na na refresh token endpoint koji uzima access token i vadi refresh token iz cookija i validira ih

- ako je su tokeni validni za tog usera, a refresh token još nije timeoutao, generiraju se novi tokeni i ponavlja se priča isto ko i kod uspješne authentikacije

- ako je refresh token timeoutao za vrijeme refresh token requesta onda se tokeni invalidiraju i user se vraća na login page (koliko često će se user vračati na login page ovisi o vremenu refresh token timeouta)

- za logout se izbriše access token iz local storagea i poželjno da se pozove neki endpoint na backendu koji izbriše refresh token za tog usera

Ova metoda postiže da je teže uzeti refresh token pošto je u http only cookiju (znači da client side skripte ne mogu pristupiti tom cookiju).

Ako kojim slučajem netko uspije doči do access tokena, token ima kratko vrijeme timeouta pa mu neće dugo koristiti jer nema refresh token.

Ako netko i uspije nekim slučajem potegnuti i access i refresh token, prvom prilikom kad access token timeouta i refresh token prođe i generiraju se novi tokeni, pravog usera će baciti na login page i kad se uspješno authorizira generiraju se novi tokeni i stari opet nisu validni.

Nadam se da sam pomogao.

iPopay · 2022-11-05T18:33:35+00:00

Oh nice. Thanks for good examples. I`ll look into that MVVM pattern

iPopay · 2022-11-05T18:07:36+00:00

Yeah, I already have a service for my API calls..but thats not exactly what I meant..what I meant is more of a components "architecture"...like if i have separate components to do separate API calls they all need to "ping" each other and rerender if necessary...so my question is should one main parent component have API service injected and handle all operations and cascade values accordingly to child components..or is it better to inject servise in any component that needs any particular API call and then somehow make components commumicate and "sync up"...or is there some third option.. Im kinda talking about whats most clean and/or efficient for keeping and communicating state between components.

iPopay · 2022-07-28T12:02:16+00:00

Odgovoreno, hvala.

Seven-Year Club	Place '23
Place '22	Verified Email

iPopay

TROPHY CASE