feat(01-02): implement health check round-trip with CORS and tutorial comments

- Add shared HealthResponse DTO in ChatAgent.Shared
- Add HealthController API endpoint with CORS policy for localhost:5200
- Add ChatApiClient typed HttpClient wrapper in WASM client
- Update Home.razor to display health check result on load
- Simplify MainLayout to minimal centered layout
- Add global imports for Services and Shared.Models
- Replace app.css with clean Phase 1 light theme styles
- Remove unused OpenAPI package from API project
- All files include tutorial-style inline comments (CODE-01)
This commit is contained in:
local
2026-03-27 22:58:19 +00:00
parent 4ef27598a0
commit 1fde98ca79
11 changed files with 484 additions and 185 deletions

View File

@@ -1,23 +1,59 @@
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllers();
// Learn more about configuring OpenAPI at https://aka.ms/aspnet/openapi
builder.Services.AddOpenApi();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.MapOpenApi();
}
app.UseHttpsRedirection();
app.UseAuthorization();
app.MapControllers();
app.Run();
// Program.cs -- ASP.NET Core Web API entry point for ChatAgent.
//
// This is the backend server. In Phase 1, it only serves a health check endpoint.
// In later phases, it will proxy OpenAI API calls (keeping the API key server-side)
// and manage JSON file storage for conversation persistence.
//
// ASP.NET Core uses a "builder pattern": first configure services (DI container),
// then build the app, configure middleware pipeline, and run.
var builder = WebApplication.CreateBuilder(args);
// --- Service Registration (Dependency Injection container) ---
// AddControllers() registers MVC controller services so ASP.NET Core discovers
// classes decorated with [ApiController]. We use Controllers (not Minimal API)
// for explicit structure -- each controller is a separate file with clear routing (D-05).
builder.Services.AddControllers();
// AddCors() registers Cross-Origin Resource Sharing services.
// CORS is REQUIRED because the Blazor WASM client runs on a different origin
// (https://localhost:5200) than this API (https://localhost:7100).
// Browsers block cross-origin HTTP requests by default as a security measure.
// Without this policy, the client's fetch() calls to the API would be rejected.
builder.Services.AddCors(options =>
{
options.AddPolicy("AllowBlazorClient", policy =>
{
policy
// Only allow requests from the Blazor WASM client origin
.WithOrigins("https://localhost:5200")
// Allow any HTTP header (Content-Type, Accept, etc.)
.AllowAnyHeader()
// Allow any HTTP method (GET, POST, PUT, DELETE, etc.)
.AllowAnyMethod();
});
});
var app = builder.Build();
// --- Middleware Pipeline ---
// Middleware order matters in ASP.NET Core -- each middleware runs in the order
// it is registered. CORS must be applied before routing and authorization
// so that preflight (OPTIONS) requests are handled correctly.
// Apply the CORS policy globally -- every response includes the correct
// Access-Control-Allow-Origin header for the Blazor client's origin.
app.UseCors("AllowBlazorClient");
// UseAuthorization() enables the authorization middleware. Even though we have
// no auth in Phase 1, it is included because ASP.NET Core expects it in the
// pipeline when controllers are used. It is a no-op without [Authorize] attributes.
app.UseAuthorization();
// MapControllers() scans the assembly for all classes with [ApiController]
// and maps their routes. This is what connects HealthController's
// [Route("api/[controller]")] to the URL path /api/health.
app.MapControllers();
app.Run();