administration/Program.cs

using administration.Models;
using administration.Models.Finances;
using administration.Models.HelloFresh;
using administration.Services;
using IngredientsAI.Services;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using System.Text.Json;
using User = administration.Models.User;

namespace administration
{
    public class Program
    {
        public static void Main(string[] args)
        {
            DotNetEnv.Env.Load();
            var builder = WebApplication.CreateBuilder(args);

            // ==============================================
            // 1️⃣ Base de données
            // ==============================================
            var dbConnection = Environment.GetEnvironmentVariable("ADMIN_DB_CONNECTION");
            if (string.IsNullOrEmpty(dbConnection))
                throw new Exception("❌ ADMIN_DB_CONNECTION est introuvable.");

            builder.Services.AddDbContext<FinancesContext>(options =>
                options.UseSqlServer(dbConnection, sqlOptions => sqlOptions.EnableRetryOnFailure()));

            builder.Services.AddDbContext<HelloFreshContext>(options =>
                options.UseSqlServer(builder.Configuration.GetConnectionString("HelloFreshConnection")));

            builder.Services.AddDbContext<LayoutDataContext>(options =>
                options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection")));

            AppSettings.Initialize(builder.Configuration);
            builder.Services.AddSingleton<OllamaService>();

            // ==============================================
            // 2️⃣ Session
            // ==============================================
            builder.Services.AddSession(options =>
            {
                options.IdleTimeout = TimeSpan.FromHours(8);
                options.Cookie.HttpOnly = true;
                options.Cookie.IsEssential = true;
            });

            // ==============================================
            // 3️⃣ Authentification par cookie
            // ==============================================
            builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(options =>
                {
                    options.LoginPath = "/Connections/Login";
                    options.AccessDeniedPath = "/Connections/Login";
                    options.SlidingExpiration = true;
                    options.ExpireTimeSpan = TimeSpan.FromDays(14);
                });

            builder.Services.AddAuthorization();
            builder.Services.AddControllers().AddJsonOptions(o =>
            {
                o.JsonSerializerOptions.PropertyNamingPolicy = JsonNamingPolicy.CamelCase;
            });

            // ==============================================
            // 4️⃣ MVC + services
            // ==============================================
            builder.Services.AddControllersWithViews();
            builder.Services.AddHttpContextAccessor();
            builder.Services.AddScoped<IPasswordHasher<User>, PasswordHasher<User>>();

            // ==============================================
            // 5️⃣ CORS
            // ==============================================
            builder.Services.AddCors(options =>
            {
                options.AddPolicy("AllowFrontend", policy =>
                {
                    policy.WithOrigins("http://localhost:5018", "https://administration.byakurepo.online")
                          .AllowAnyHeader()
                          .AllowAnyMethod();
                });
            });


            builder.Services.AddHttpClient(); // déjà présent chez toi

            builder.Services.AddHttpClient("ollama", (sp, client) =>
            {
                var cfg = sp.GetRequiredService<IConfiguration>();
                var baseUrl = cfg["Ollama:Url"] ?? "http://ollama:11434";
                client.BaseAddress = new Uri(baseUrl);
                client.Timeout = TimeSpan.FromSeconds(25);
            })
#if DEBUG
                .ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler
                {
                    ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
                });
            #endif

            // ...
            // ...
            builder.Logging.AddFilter("administration.Services.BasicAuthenticationHandler", LogLevel.Warning);

            var app = builder.Build();
            // ==============================================
            // 6️⃣ Pipeline

            if (!app.Environment.IsDevelopment())
            {
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();
            app.UseCors("AllowFrontend");

            app.UseSession();          // ✅ toujours avant auth
            app.UseAuthentication();   // ✅ s'applique à tout le site
            app.UseAuthorization();

            app.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");

            app.Run();
        }
    }
}