Application Configuration

Configuration Overview

The DonaSF API uses multiple configuration sources to manage application settings:

appsettings.json: Main configuration file for JWT and email settings
Conf.txt: Database connection string in custom format
Environment variables: Override settings for different environments

Database Configuration

Connection String Format

The application uses a custom connection string format stored in Conf.txt:

SERVER_NAME\INSTANCE:DATABASE_NAME:USERNAME:PASSWORD

Configuration Details

Connection File Location

The Conf.txt file must be located in the same directory as the application executable:Development:

ServiciosConsolaCentralizada/Conf.txt

Production:

/path/to/published/app/Conf.txt

The Conf.txt file is automatically copied to the output directory during build

Connection String Examples

SQL Server with Named Instance:

MYSERVER\SQLEXPRESS:WSDonaciones:sa:SecurePassword123

SQL Server Default Instance:

MYSERVER:WSDonaciones:sqluser:P@ssw0rd!

Localhost Development:

localhost\SQLEXPRESS01:WSDonaciones:sa:Usuario1

Azure SQL Database:

myserver.database.windows.net:WSDonaciones:[email protected]:ComplexPassword123!

Connection Security

The application automatically appends TrustServerCertificate=true to all connections:

// Actual connection string used
Server=MYSERVER\INSTANCE;Database=WSDonaciones;UID=user;PWD=pass;TrustServerCertificate=true

This setting is required for SQL Server 2019+ to accept self-signed certificates

Multiple Databases

The application connects to two main databases:

WSPaqueteria: Package management and client data
WSDonaciones: Donations and verification codes

Ensure the database name in Conf.txt matches your primary database. The application will access both databases using the same credentials.

JWT Authentication

JSON Web Token (JWT) configuration for API authentication and authorization.

Configuration in appsettings.json

appsettings.json

{
  "Jwt": {
    "Key": "Q1w2e3r4t5y6u7i8o9p0a1s2d3f4g5h6j7k8l90@",
    "Expires": 3600
  }
}

Configuration Options

Jwt.Key

string

required

Secret key used to sign and validate JWT tokensRequirements:

Minimum 32 characters (256 bits)
Use strong, random characters
Include letters, numbers, and special characters
Never commit production keys to version control

Example:

Q1w2e3r4t5y6u7i8o9p0a1s2d3f4g5h6j7k8l90@

Jwt.Expires

integer

default:3600

Token expiration time in secondsCommon values:

3600 - 1 hour (recommended for production)
7200 - 2 hours
86400 - 24 hours (development only)

Default: 3600 seconds (1 hour)

JWT Token Validation

The API validates tokens with the following parameters:

Program.cs:22-29

options.TokenValidationParameters = new TokenValidationParameters
{
    ValidateIssuer = false,
    ValidateAudience = false,
    ValidateLifetime = true,
    ValidateIssuerSigningKey = true,
    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
};

Issuer and Audience validation are disabled. Only lifetime and signing key are validated.

Generating Secure Keys

Generate a secure JWT key using PowerShell or Bash:

[Convert]::ToBase64String((1..64 | ForEach-Object { Get-Random -Maximum 256 }))

Email Configuration

Configure email addresses for system notifications and communications.

Configuration in appsettings.json

appsettings.json

{
  "CorreosElectronicos": {
    "Correo1": "[email protected]",
    "Correo2": "[email protected]",
    "Correo3": "[email protected]"
  }
}

Email Settings

CorreosElectronicos.Correo1

string

Primary email address for system notifications

CorreosElectronicos.Correo2

string

Secondary email address for notifications

CorreosElectronicos.Correo3

string

Tertiary email address for notifications

These email addresses are injected via dependency injection using IOptions<CorreosElectronicos>

Twilio Configuration (Optional)

The application includes Twilio SDK for SMS notifications (currently commented out in code).

Adding Twilio Support

If you want to enable SMS functionality:

Add Twilio configuration to appsettings.json:

appsettings.json

{
  "Twilio": {
    "AccountSid": "your_account_sid",
    "AuthToken": "your_auth_token",
    "PhoneNumber": "+1234567890"
  }
}

Uncomment and update the Twilio code in BCliente.cs:139-145:

Twilio.TwilioClient.Init(accountSid, authToken);
var msg = Twilio.Rest.Api.V2010.Account.MessageResource.Create(
    body: message,
    from: new Twilio.Types.PhoneNumber(phoneNumber),
    to: new Twilio.Types.PhoneNumber(recipientPhone)
);

Logging Configuration

Configure application logging levels:

appsettings.json

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  }
}

Log Levels

Trace

Most detailed logs. May include sensitive data. Never enable in production.

Debug

Detailed logs for development debugging.

Information

General application flow information. Recommended for production.

Warning

Unexpected events that don’t stop execution.

Error

Errors and exceptions that need attention.

Critical

Critical failures requiring immediate attention.

Environment-Specific Configuration

Development Settings

Create appsettings.Development.json for development-only settings:

appsettings.Development.json

{
  "Logging": {
    "LogLevel": {
      "Default": "Debug",
      "Microsoft.AspNetCore": "Information"
    }
  },
  "Jwt": {
    "Expires": 86400
  }
}

Production Settings

Create appsettings.Production.json for production settings:

appsettings.Production.json

{
  "Logging": {
    "LogLevel": {
      "Default": "Warning",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "yourdomain.com;api.yourdomain.com"
}

Allowed Hosts

Configure which hosts can access the API:

{
  "AllowedHosts": "*"
}

In production, replace * with specific domains: "yourdomain.com;api.yourdomain.com"

Static Files Configuration

The application serves static files from multiple locations:

Program.cs:83-106

// Default wwwroot folder
app.UseStaticFiles();

// Serve index.html from ServiciosConsolaCentralizada folder
app.UseDefaultFiles(new DefaultFilesOptions
{
    FileProvider = new PhysicalFileProvider(
        Path.Combine(Directory.GetCurrentDirectory(), "ServiciosConsolaCentralizada")),
    RequestPath = ""
});

Image Storage Configuration

Product images path is configured in the database:

SELECT * FROM Cat_Parametro WHERE Descripcion = 'RUTA_IMAGENES_PRODUCTOS'

The application dynamically retrieves this path from the Cat_Parametro table.

Configuration Best Practices

Security

Never commit sensitive data to version control
Use environment variables for secrets in production
Rotate JWT keys regularly
Use strong, unique passwords

Environment Variables

Override settings using environment variables:

export Jwt__Key="your-production-key"
export Jwt__Expires="3600"

Configuration Hierarchy

Settings are loaded in order (later overrides earlier):

appsettings.json
appsettings..json
Environment variables
Command-line arguments

Validation

Validate configuration on startup:

Check JWT key length
Verify database connectivity
Test email configuration
Validate required settings exist

Next Steps

Setup Guide

Return to the development setup guide

Deployment

Learn how to deploy your configured application

Get Started

Core Concepts

Guides

Application Configuration

Configuration Overview

Database Configuration

Connection String Format

Configuration Details

JWT Authentication

Configuration in appsettings.json

Configuration Options

JWT Token Validation

Generating Secure Keys

Email Configuration

Configuration in appsettings.json

Email Settings

Twilio Configuration (Optional)

Adding Twilio Support

Logging Configuration

Log Levels

Environment-Specific Configuration

Development Settings

Production Settings

Allowed Hosts

Static Files Configuration

Image Storage Configuration

Configuration Best Practices

Security

Environment Variables

Configuration Hierarchy

Validation

Next Steps

Setup Guide

Deployment

Build docs developers (and LLMs) love

Get Started

Core Concepts

Guides

​Configuration Overview

​Database Configuration

​Connection String Format

​Configuration Details

​JWT Authentication

​Configuration in appsettings.json

​Configuration Options

​JWT Token Validation

​Generating Secure Keys

​Email Configuration

​Configuration in appsettings.json

​Email Settings

​Twilio Configuration (Optional)

​Adding Twilio Support

​Logging Configuration

​Log Levels

​Environment-Specific Configuration

​Development Settings

​Production Settings

​Allowed Hosts

​Static Files Configuration

​Image Storage Configuration

​Configuration Best Practices

Security

Environment Variables

Configuration Hierarchy

Validation

​Next Steps

Setup Guide

Deployment

Build docs developers (and LLMs) love

Configuration Overview

Database Configuration

Connection String Format

Configuration Details

JWT Authentication

Configuration in appsettings.json

Configuration Options

JWT Token Validation

Generating Secure Keys

Email Configuration

Configuration in appsettings.json

Email Settings

Twilio Configuration (Optional)

Adding Twilio Support

Logging Configuration

Log Levels

Environment-Specific Configuration

Development Settings

Production Settings

Allowed Hosts

Static Files Configuration

Image Storage Configuration

Configuration Best Practices

Next Steps