Adding Features

Security and Authentication

Authentication is the foundation of any secure system. Lino supports JWT (JSON Web Tokens) based authentication, using the Bearer scheme in APIs.

Typical authentication flow:

1. The user logs in (via endpoint or dedicated page).
2. A JWT is issued with claims representing identity, roles, and permissions.
3. Each API request includes the token in the header: Authorization: Bearer <token>
4. The authentication middleware validates the token, checking signature and expiration.

Policy-based Authorization

Lino uses Policies to implement granular authorization:

• Each action can require a specific Policy (e.g., People.Read, People.Create).
• Policies are configured via AddAuthorization.
• Endpoints can be protected by declaring: .RequireAuthorization

Adding Security to Lino Projects

To add security to a project, run:

lino features auth add

The CLI interactive wizard will request the following configurations:

• Service – the service in which security resources will be configured.
• Module – specific module where security will be installed (applicable only in modular services).
• Access Token Lifetime – lifespan of the access token.
• Refresh Token Lifetime – lifespan of the refresh token.
• User Identifier Type – defines the data type used as UserId (int, long, or Guid).

These settings ensure that the authentication/authorization pipeline is automatically configured, ready for use in APIs, and integrated with Blazor.

Background Jobs

Many systems need to run asynchronous processes in the background, such as:

• Sending emails
• Generating reports
• Synchronizing with external systems.

Lino provides native support for Hangfire as a job orchestrator.

Benefits of Hangfire

• Reliable execution of asynchronous jobs.
• Built-in monitoring dashboard.
• Support for recurring or scheduled jobs.
• Reliable persistence of jobs in the database.

Event Integration with Outbox Message

To ensure consistency in asynchronous integrations, Lino adopts the Outbox Message pattern.

When performing a business action (e.g., creating an order), the corresponding event (OrderCreated) is saved in the Outbox table, within the same transaction that persists the domain state. A background processor reads the Outbox table and publishes the events to messaging systems (RabbitMQ, Kafka, etc.).

Benefits of Outbox:

• Atomicity → database and published events remain synchronized.
• Reliability → no events are lost, even in case of failure.
• Scalability → multiple consumers can process the events.

This model ensures secure and resilient integrations in distributed architectures.

With these additional features, Lino provides robust security, granular access control, and reliable asynchronous processing, meeting the critical requirements of modern production applications.

Adding Background Job Features to Lino Projects

Asynchronous processing is essential for tasks that should not block the main request flow, such as sending notifications, generating reports, or publishing events.

Lino allows enabling Background Job support (via libraries) with a single command:

lino features background-job add

The CLI will prompt for the following configuration parameters:

• Service – the service in which the Background Job feature will be added.
• Library – the chosen library for executing and scheduling jobs.
• Check and processing interval – the interval at which the queue is checked for new Outbox messages.
• Number of records – the maximum number of records processed per cycle, controlling parallelism and resource usage.

These options allow the system to be configured in a scalable and resilient manner, ensuring reliable execution of background tasks.