How to deploy a Nuget Server with Basic Authentication

I wanted to build my own private NuGet server with basic authentication in Azure. There are plenty of tutorials to show how to create your own including the one on NuGet's site, but they were missing the part of basic authentication. In this blog, I will review over the steps I took to add basic authentication to my private Nuget server.

 

Azure Setup

The setup process is fairly simple. A pre-requisite is having an Azure account already setup with a credit card or credits.

Step 1: Start by loading the Portal site and clicking Add.

Step 2: Next we will want to create the Azure Web App. Search for "web app" and click on the row to invoke the creation process.

Step 3: Click the Create button and fill in the required information. After all required information is entered, click the Create button to finalize the process.

Once the Web App has been created, it should be displayed in the All Resources group.

 

 

Creating the Nuget Server

Now that we have the Azure site setup, we need the create the web application and publish it.

Step 1: First, open Visual Studio 2015 (Lower versions are supported) and create a new ASP.NET Web Application.

Step 2: Select an Empty web application and leave the Host in the Cloud option unchecked since we already created the Azure Web App.

Step 3: Once the solution is loaded, right-click the References folder and select Manage Nuget Packages. When the Manage NuGet Packages window opens, search for "nuget.server". Select the "NuGet.Server" option and click Install.

Step 4: When the Nuget.Server package is installed, it includes other dependencies needed to run the server. The installation will include basic configuration, but we want to add a little more. The first is to add a unique API Key. Open the "web.config" file and find and edit the key <add key="apiKey" value="Random GUID" /> with a random GUID. There are plenty of websites that generate random GUIDs.

Step 5: Now that the ASP.NET site is ready, we can publish the site to Azure. Right-Click the project in the solution explorer and select Publish. Select Microsoft Azure Web Apps and select the desired web app.

Once the web app has been selected, follow the screens and select Publish. After the publish has completed, it will open a new browser window and navigate to the NuGet server URL.

Step 6: Now we want to add basic authentication. In this tutorial, I will use the BasicAuthenticationModule from the DevBridge GitHub project. Download and add the .cs file to the project. After the file is added, open the web.config file. Add the following lines of code:

<configSections>  
    <section name="basicAuth" type="Devbridge.BasicAuthentication.Configuration.BasicAuthenticationConfigurationSection" />
    ...
  </configSections>
<basicAuth>  
    <credentials>
      <add username="username" password="password"/>
    </credentials>
  </basicAuth>
<system.webServer>  
    <validation validateIntegratedModeConfiguration="false" />
    <modules runAllManagedModulesForAllRequests="true">
      <add name="MyBasicAuthenticationModule" type="Devbridge.BasicAuthentication.BasicAuthenticationModule" />
      ...
    </modules>
    <system.webServer>

After the text has been added, Publish the site again. When the page loads, you should see a login screen pop-up.

Now, a user will not be able to access the Nuget Server without knowing the username and password.

 

Next Blog Post: I will be showing how to build and publish a package to the private Nuget Server.