websocket POC demo - not production ready.

devinleighsmith · devinleighsmith · commit 34799a453b77 · 2026-03-10T14:43:13.000-07:00
diff --git a/api/Controllers/NotificationsController.cs b/api/Controllers/NotificationsController.cs
@@ -0,0 +1,41 @@
+using System;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Scv.Api.Models;
+using Scv.Api.Services;
+
+namespace Scv.Api.Controllers;
+
+[ApiController]
+[Route("api/notifications")]
+[Authorize]
+public class NotificationsController(INotificationPublisher publisher) : ControllerBase
+{
+    private readonly INotificationPublisher _publisher = publisher;
+
+    [HttpPost("demo")]
+    public async Task<IActionResult> SendDemo()
+    {
+        var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
+        if (string.IsNullOrWhiteSpace(userId))
+        {
+            return Unauthorized();
+        }
+
+        var serverId = Environment.MachineName;
+        Response.Headers["X-Server-Id"] = serverId;
+
+        var notification = new NotificationDto(
+            Type: "demo",
+            Message: $"Hello from the server! server id: ({serverId})",
+            Timestamp: DateTimeOffset.UtcNow,
+            Payload: new { source = "demo-endpoint" }
+        );
+
+        await _publisher.NotifyUserAsync(userId, notification);
+
+        return Ok();
+    }
+}
diff --git a/api/Hubs/NotificationsHub.cs b/api/Hubs/NotificationsHub.cs
@@ -0,0 +1,79 @@
+using System.Security.Claims;
+using System;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.SignalR;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
+
+namespace Scv.Api.Hubs;
+
+[Authorize]
+public class NotificationsHub : Hub
+{
+    public override Task OnConnectedAsync()
+    {
+        var httpContext = Context.GetHttpContext();
+        var config = httpContext?.RequestServices.GetService<IConfiguration>();
+        var logger = httpContext?.RequestServices.GetService<ILogger<NotificationsHub>>();
+        var allowedOrigin = config?.GetValue<string>("CORS_DOMAIN");
+        var disableOriginCheck = config?.GetValue<bool>("DISABLE_SIGNALR_ORIGIN_CHECK") ?? false;
+        var origin = httpContext?.Request.Headers["Origin"].ToString();
+
+        logger?.LogInformation(
+            "SignalR connect attempt. Origin={Origin}, CORS_DOMAIN={CorsDomain}",
+            origin,
+            allowedOrigin);
+
+        if (disableOriginCheck)
+        {
+            logger?.LogWarning("SignalR origin check disabled via DISABLE_SIGNALR_ORIGIN_CHECK.");
+        }
+        else if (!string.IsNullOrWhiteSpace(allowedOrigin))
+        {
+            var allowedOrigins = allowedOrigin
+                .Split(';', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
+                .Select(value => value.Trim().Trim('"', '\''))
+                .Where(value => !string.IsNullOrWhiteSpace(value))
+                .ToArray();
+
+            logger?.LogInformation(
+                "SignalR allowed origins resolved to {AllowedOrigins}",
+                string.Join(";", allowedOrigins));
+
+            if (allowedOrigins.Length > 0 &&
+                (string.IsNullOrWhiteSpace(origin) ||
+                 !allowedOrigins.Any(value => string.Equals(origin, value, StringComparison.OrdinalIgnoreCase))))
+            {
+                logger?.LogWarning(
+                    "SignalR connection aborted due to origin mismatch. Origin={Origin}",
+                    origin);
+                Context.Abort();
+                return Task.CompletedTask;
+            }
+        }
+
+        var userId = Context.User?.FindFirstValue(ClaimTypes.NameIdentifier);
+        if (string.IsNullOrWhiteSpace(userId))
+        {
+            if (logger != null)
+            {
+                var claims = Context.User?.Claims
+                    .Select(claim => $"{claim.Type}={claim.Value}")
+                    .ToArray() ?? Array.Empty<string>();
+                logger.LogDebug(
+                    "SignalR user claims: {Claims}",
+                    string.Join(";", claims));
+            }
+            logger?.LogWarning("SignalR connection aborted due to missing user id claim.");
+            Context.Abort();
+            return Task.CompletedTask;
+        }
+
+        logger?.LogInformation("SignalR connection accepted for user {UserId}.", userId);
+
+        return base.OnConnectedAsync();
+    }
+}
diff --git a/api/Models/NotificationDto.cs b/api/Models/NotificationDto.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Scv.Api.Models;
+
+public record NotificationDto(
+    string Type,
+    string Message,
+    DateTimeOffset Timestamp,
+    object? Payload = null
+);
diff --git a/api/Properties/launchSettings.json b/api/Properties/launchSettings.json
@@ -23,7 +23,6 @@
       "launchBrowser": true,
       "launchUrl": "api/values",
       "environmentVariables": {
-        "CORS_DOMAIN": "http://localhost:8080",
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
       "applicationUrl": "http://localhost:5000"
@@ -37,4 +36,4 @@
       }
     }
   }
-}
+}
diff --git a/api/Services/NotificationPublisher.cs b/api/Services/NotificationPublisher.cs
@@ -0,0 +1,29 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.SignalR;
+using Scv.Api.Hubs;
+using Scv.Api.Models;
+
+namespace Scv.Api.Services;
+
+public interface INotificationPublisher
+{
+    Task NotifyUserAsync(string userId, NotificationDto notification);
+    Task NotifyAllAsync(NotificationDto notification);
+}
+
+public class NotificationPublisher(IHubContext<NotificationsHub> hubContext) : INotificationPublisher
+{
+    private readonly IHubContext<NotificationsHub> _hubContext = hubContext;
+
+    public Task NotifyUserAsync(string userId, NotificationDto notification)
+    {
+        return _hubContext.Clients.User(userId)
+            .SendAsync("notificationReceived", notification);
+    }
+
+    public Task NotifyAllAsync(NotificationDto notification)
+    {
+        return _hubContext.Clients.All
+            .SendAsync("notificationReceived", notification);
+    }
+}
diff --git a/api/SignalR/UserIdProvider.cs b/api/SignalR/UserIdProvider.cs
@@ -0,0 +1,12 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.SignalR;
+
+namespace Scv.Api.SignalR;
+
+public class UserIdProvider : IUserIdProvider
+{
+    public string? GetUserId(HubConnectionContext connection)
+    {
+        return connection.User?.FindFirstValue(ClaimTypes.NameIdentifier);
+    }
+}
diff --git a/api/Startup.cs b/api/Startup.cs
@@ -11,6 +11,7 @@
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Routing;
+using Microsoft.AspNetCore.SignalR;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -30,8 +31,12 @@
 using Scv.Api.Infrastructure.Middleware;
 using Scv.Api.Repositories;
 using Scv.Api.Infrastructure.Options;
+using Scv.Api.Hubs;
+using Scv.Api.Services;
+using Scv.Api.SignalR;
 using Scv.Api.Services.EF;
 using Scv.Db.Models;
+using System.Linq;
 
 namespace Scv.Api
 {
@@ -103,15 +108,29 @@ public void ConfigureServices(IServiceCollection services)
             services.AddHangfire(Configuration);
             services.AddGraphService(Configuration);
 
+            services.AddSignalR(options =>
+            {
+                options.MaximumReceiveMessageSize = 64 * 1024;
+            });
+            services.AddSingleton<IUserIdProvider, UserIdProvider>();
+            services.AddScoped<INotificationPublisher, NotificationPublisher>();
+
             #region Cors
 
-            string corsDomain = Configuration.GetValue<string>("CORS_DOMAIN");
+            var corsDomain = Configuration.GetValue<string>("CORS_DOMAIN");
+            var origins = corsDomain?
+                .Split(';', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
+                .Select(o => o.Trim().Trim('"', '\''))
+                .ToArray() ?? Array.Empty<string>();
 
             services.AddCors(options =>
             {
                 options.AddDefaultPolicy(builder =>
                 {
-                    builder.WithOrigins(corsDomain);
+                    builder.WithOrigins(origins)
+                        .AllowAnyHeader()
+                        .AllowAnyMethod()
+                        .AllowCredentials();
                 });
             });
 
@@ -259,6 +278,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
             app.UseEndpoints(endpoints =>
             {
                 endpoints.MapControllers();
+                endpoints.MapHub<NotificationsHub>("/hubs/notifications");
             });
         }
     }
diff --git a/docker/api/Dockerfile.dev b/docker/api/Dockerfile.dev
@@ -2,7 +2,6 @@ FROM mcr.microsoft.com/dotnet/sdk:10.0
 
 ENV ASPNETCORE_ENVIRONMENT='Production'
 ENV ASPNETCORE_URLS='http://+:5000'
-ENV CORS_DOMAIN='http://localhost:8080'
 ENV DOTNET_STARTUP_PROJECT='./api/api.csproj'
 ENV DOTNET_USE_POLLING_FILE_WATCHER 1
 
diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml
@@ -24,6 +24,9 @@ services:
       - NPM_CONFIG_LOGLEVEL=notice
       - VITE_PORT=1339
       - CHOKIDAR_USEPOLLING=true
+      - VITE_WS_PROXY_INSECURE=${VITE_WS_PROXY_INSECURE}
+      - VITE_WS_PROXY_ORIGIN=${VITE_WS_PROXY_ORIGIN}
+      - DEBUG=http-proxy*
     ports:
       - '8080:1339'
     volumes:
@@ -124,6 +127,7 @@ services:
       - UserServicesClient__Password=${UserServicesClientPassword}
       - UserServicesClient__Url=${UserServicesClientUrl}
       - UserServicesClient__Username=${UserServicesClientUsername}
+      - CORS_DOMAIN=${CORS_DOMAIN}
 
     ports:
       - 5000:5000
diff --git a/web/package.json b/web/package.json
@@ -27,6 +27,7 @@
     "@fullcalendar/daygrid": "^6.1.20",
     "@fullcalendar/vue3": "^6.1.20",
     "@nutrient-sdk/viewer": "^1.11.0",
+    "@microsoft/signalr": "^8.0.7",
     "@types/luxon": "^3.7.1",
     "@types/underscore": "^1.13.0",
     "@vitejs/plugin-basic-ssl": "^2.1.4",
diff --git a/web/src/App.vue b/web/src/App.vue
@@ -3,6 +3,15 @@
     <v-app>
       <ProfileOffCanvas v-model="profile" />
       <AppBar @open-profile="profile = true" />
+            <v-btn
+              class="mr-2"
+              size="small"
+              variant="outlined"
+              :loading="isSendingNotification"
+              @click="sendDemoNotification"
+            >
+              Test Notification
+            </v-btn>
       <v-main>
         <router-view />
       </v-main>
@@ -14,6 +23,12 @@
 
 <script setup lang="ts">
   import { ref } from 'vue';
+  import type { HttpService } from '@/services/HttpService';
+  import { useCommonStore, useSnackbarStore } from '@/stores';
+  import {
+    type NotificationDto,
+    type NotificationsService,
+  } from '@/signalr/notifications';
   import DarsAccessModal from './components/dashboard/DarsAccessModal.vue';
   import AppBar from './components/shared/AppBar.vue';
   import ProfileOffCanvas from './components/shared/ProfileOffCanvas.vue';
@@ -22,9 +37,28 @@
   import { useThemeStore } from './stores/ThemeStore';
 
   const themeStore = useThemeStore();
+  const snackbarStore = useSnackbarStore();
   const darsStore = useDarsStore();
   const theme = ref(themeStore.state);
   const profile = ref(false);
+  const notificationsService = inject<NotificationsService>(
+    'notificationsService'
+  );
+  const httpService = inject<HttpService>('httpService');
+  const isSendingNotification = ref(false);
+
+  const sendDemoNotification = async () => {
+    if (isSendingNotification.value) {
+      return;
+    }
+
+    isSendingNotification.value = true;
+    try {
+      await httpService.post('api/notifications/demo', {});
+    } finally {
+      isSendingNotification.value = false;
+    }
+  };
 </script>
 
 <style>
diff --git a/web/src/services/index.ts b/web/src/services/index.ts
@@ -15,6 +15,7 @@ import { OrderService } from './OrderService';
 import { QuickLinkService } from './QuickLinkService';
 import { TimebankService } from './TimebankService';
 import { UserService } from './UserService';
+import { notificationsService } from '@/signalr/notifications';
 
 export function registerRouter(app: App) {
   const httpService = new HttpService(import.meta.env.BASE_URL);
@@ -50,6 +51,7 @@ export function registerRouter(app: App) {
   app.provide('quickLinkService', quickLinkService);
   app.provide('orderService', orderService);
   app.provide('judgeService', judgeService);
+  app.provide('notificationsService', notificationsService);
 }
 
 export * from './AuthService';
diff --git a/web/src/signalr/notifications.ts b/web/src/signalr/notifications.ts
diff --git a/web/vite.config.js b/web/vite.config.js

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,6 @@`
`23`	`23`	`"launchBrowser": true,`
`24`	`24`	`"launchUrl": "api/values",`
`25`	`25`	`"environmentVariables": {`
`26`		`- "CORS_DOMAIN": "http://localhost:8080",`
`27`	`26`	`"ASPNETCORE_ENVIRONMENT": "Development"`
`28`	`27`	`},`
`29`	`28`	`"applicationUrl": "http://localhost:5000"`
`@@ -37,4 +36,4 @@`
`37`	`36`	`}`
`38`	`37`	`}`
`39`	`38`	`}`
`40`		`-}`
	`39`	`+}`