Overview
A foundational set of web services that implement industry standard guidelines, common best practices, and the experienced insights afforded to Lighthouse Software thru decades of enterprise business software development.
Created and supported by Lighthouse Software @ https://LighthouseSoftware.com
Topics
5 Minute Test
Run the Voyage API and execute a JSON API request within 5 minutes
- Prerequisites
- Open Visual Studio with administrator privileges.
- Right-click on the Visual Studio icon and select "Run as administrator".
- Download source via Visual Studio GitHub extension
- Open Visual Studio's "Team Explorer" tab and click the "Manage Connections" button.
- Under the GitHub section, click "Clone" and enter your GitHub credentials.
- Choose "voyage-dotnet-api" from the list of repositories.
- Click "Clone". When done cloning, open the "Voyage.API" solution.
- Create the database
- Double-click the localhost.publish.xml file.
- Once the dialog appears, click the Publish button.
- Run the applications
- In Visual Studio, with the Voyage.Web project selected, press Ctrl + F5 to launch the Authentication website with IIS Express.
- Now, with the Voyage.Api selected, press Ctrl + F5 to launch the Web API website with IIS Express.
- Get an access token
- Using Postman, create a new "POST" request.
- Set the url to http://localhost:52431/oauth/token
- In the "Body", use x-www-form-urlencoded and fill in the following key/value pairs:
- "grant_type" : "Client Credentials"
- "username" : "admin@admin.com"
- "password" : "Hello123!"
- "client_id" : "123456"
- "client_secret"" : "abcdef"
- Click "Send". You should receive an access token back.
- Test the API
- Using Postman, create a new "GET" request.
- Set the url to http://localhost:55850/api/v1/users
- Add a header where the key is "Authorization" and the value is "Bearer
<token>". Replace <token> with the full token string from the previous request.
- Click "Send".
Features
Web Services
- HTTP Compliant RESTful API
- Follows HTTP protocols for RESTful web services
- Lightweight JSON requests and responses
- See our Web Service Standards
- Public API Status Service
- Web service that provides general status of the API to the public
- Helpful endpiont for automated monitoring
- User Administration Services
- Full suite of user administration web services (list, get, create, update, delete)
- Secured access through role based security
- Account Management Services
- Users can update their account information themselves
- Manage account settings
- Password reset
- API Documentation
- Complete documentation for web services consumers
- Includes detailed descriptions and example to quickly interact with the API
Security
- __OWASP Hacker Proof__
- Tested nightly against OWASP common hacks (particularly the top 10)
- Tested nightly using 3rd party penetration testing services to ensure enterprise grade security.
- OAuth2 Authentication
- Bearer Token authentication configuraiton
- SHA2 hash encrypted user password (when authenticating using the database)
- Supports other authentication methods
- Active Directory / LDAP Authentication
- Extends OAuth2 to support authentication with an AD/LDAP system
- Supports Enterprise SSO environments using AD/LDAP
- Role Based Authorization
- Custom role definitions to suit any situation
- Supports granular security permissions
- Full suite of role administration web services (list, get, create, update, delete)
- Forgot Username / Password Support
- Web services that allow users to reset their username and/or password
- Validates a user via their email address
- Auditing
- Complete enterprise access and data auditing to meet compliance requirements
- HTTP Request / Response logging to track user activity (anonymous and authenticated users)
- Database change logging to track manipulation of data over time (anonymous and authenticated users)
Tech Stack
- JSON RESTful Web Services
- Microsoft .NET
- WEB API for base web services behavior
- Identity Framework for Authentication and Authorization
- Entity Framework for database ORM
- Many other frameworks for auditing (OWIN), logging (SeriLog), and much more.
- Database Neutral
- Capable of integrating with any major database vendor (SQL Server, Oracle, DB2, MySQL, etc)
- Database interactions follow SQL99 standards with no vendor specific database features relied upon
- Liquibase database migrations produce on-demand SQL specific to the integrated database
- Integrated Test Suite
- Automated test coverage using XUnit and Moq frameworks
- Tests executed during every build to ensure high quality code coverage
- Continuous Integration (CI)
- Jenkins CI jobs able to invoke MSBuild and apiDoc commands to build, test, and package
- Jenkins jobs included with with API source
- Supports other CI environments like Team Foundation Server (TFS)
Developers
- Team Protocols
- Fast learning curve through clear documentation
- Easy values, standards, best practices that most developers will aggreement
- Core Values
- Documented core values that we believe will resonate with most development teams
- Unifies teams and promotes healthy communication
- See our Core Values documentation
- Coding Standards
- Industry accepted language coding standards
- Best practices when developing within the code base
- See our Development Team Standards
System Administrators
- Deploy Instructions
- Full instructions on how to properly build, test, and package the API app for deploy
- Continuous Integration job templates for QA, UAT, and PROD
- Docker Support
- Preconfigured Dockerfile for deployment within Amazon Web Services environment
- Generate a Docker bundle for distribution using built-in tasks
- Customize to fit any environment
- Amazon Web Services (AWS) - Elastic Beanstalk
- Supports AWS Elastic Beanstalk using a Docker image
- Run a build task to generate an AWS EB compatible .zip file
- API Monitoring
- Configure automated web uptime monitoring to use the Status Web Service
- DevOps Ready
- Ansible scripts for deploying the API Docker image to the Amazon Web Service (AWS) environment
- Customize scripts to support any environment