Introduction
API Support: nguyenxuannhan407@gmail.com | URL: https://github.com/foxminchan/SaoVietPortal | License: MIT
Sao Viet Portal is an open source platform designed to manage and organize student information for the Sao Viet. With this portal, students, teachers, and staff can easily access and update student records, such as attendance, grades, and personal information.
OpenAPI Specification
Sao Viet Portal uses the OpenAPI Specification (OAS) for describing its API. The OAS is a specification for machine-readable interface files for describing, producing, consuming, and visualizing REST web services. The specification is written in YAML and JSON and can be read on GitHub.
We also use ReDoc to generate API documentation from the OpenAPI Specification. ReDoc is a OpenAPI/Swagger-generated API Reference Documentation. It is available as a hosted version or as a self-hosted version.
Cross-Origin Resource Sharing (CORS)
Sao Viet Portal supports Cross-Origin Resource Sharing (CORS) in compliance with the W3C specification. CORS is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
Authentication
With backend for frontend (BFF) architecture, Sao Viet Portal uses the JSON Web Token (JWT) standard for authentication. The JWT standard defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.
For bff for website, we use cookie to store token and OpenID Connect (OIDC) for authentication. OIDC is an authentication layer on top of OAuth 2.0, an authorization framework. The standard is controlled by the OpenID Foundation.
Authorization
For authorization, Sao Viet Portal uses policy based authorization. Policy-based authorization is a flexible and extensible approach to authorization that is based on claims that are contained in tokens. The policy-based authorization model in ASP.NET Core is based on evaluating authorization requirements against the claims found in the current user's ClaimsPrincipal object.
Here is the list of roles and claims for policy based authorization:
| Name | Role | Claim | Description |
|---|---|---|---|
| Developer | [Technical, Developer] | User can access all APIs in development environment | |
| Admin | Staff | Branch Manager, Teacher, Accountant, System Admin | Advanced user can access all APIs in production environment |
| Teacher | Staff | Teacher | Teacher can access limited APIs for teaching |
| Branch Manager | Staff | Branch Manager, Teacher, Accountant | Advanced user can access limited APIs for managing branch |
| Accountant | Staff | Teacher, Accountant | Advanced user can access limited APIs for managing finance |
| Student | Student | Student can access limited APIs for viewing student information |
API Versioning
Sao Viet Portal uses the Semantic Versioning (SemVer) standard for versioning its API. The SemVer standard defines a versioning scheme that uses a three-part version number: MAJOR.MINOR.PATCH. The basic idea behind semantic versioning is to assign specific meanings to each of the three version numbers:
- MAJOR version when you make incompatible API changes,
- MINOR version when you add functionality in a backwards compatible manner, and
- PATCH version when you make backwards compatible bug fixes.
- Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format.