hdiv · manuel-alvarez-alvarez · Dec 3, 2021 · Dec 3, 2021
diff --git a/Data/ApplicationDbContext.cs b/Data/ApplicationDbContext.cs
@@ -1,13 +1,10 @@
 using insecure_bank_net.Bean;
 using Microsoft.EntityFrameworkCore;
-using System.Data.Common;
 
 namespace insecure_bank_net.Data
 {
     public class ApplicationDbContext : DbContext
     {
-        public static DbConnection connection { get; set;}
-
         public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
             : base(options)
         {

diff --git a/Facade/TransferFacadeImpl.cs b/Facade/TransferFacadeImpl.cs
@@ -11,14 +11,16 @@ public class TransferFacadeImpl : ITransferFacade
         private readonly ICashAccountDao cashAccountDao;
         private readonly ICreditAccountDao creditAccountDao;
         private readonly IActivityDao activityDao;
+        private readonly ITransferDao transferDao;
 
         public TransferFacadeImpl(ApplicationDbContext dbContext, ICashAccountDao cashAccountDao,
-            ICreditAccountDao creditAccountDao, IActivityDao activityDao)
+            ICreditAccountDao creditAccountDao, IActivityDao activityDao, ITransferDao transferDao)
         {
             this.dbContext = dbContext;
             this.cashAccountDao = cashAccountDao;
             this.creditAccountDao = creditAccountDao;
             this.activityDao = activityDao;
+            this.transferDao = transferDao;
         }
 
         public void CreateNewTransfer(Transfer transfer)
@@ -41,7 +43,7 @@ public void CreateNewTransfer(Transfer transfer)
 
         private void InsertTransfer(Transfer transfer)
         {
-            new TransferDaoImpl(dbContext).InsertTransfer(transfer);
+            transferDao.InsertTransfer(transfer);
         }
 
         private void UpdateFromAccounts(Transfer transfer)

diff --git a/Program.cs b/Program.cs
@@ -1,24 +1,35 @@
-using System;
-using System.Collections.Generic;
-using System.IO;
-using System.Linq;
-using System.Threading.Tasks;
+using System.Data.Common;
 using Microsoft.AspNetCore;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.Data.Sqlite;
 using Microsoft.Extensions.Configuration;
-using Microsoft.Extensions.Logging;
 
 namespace insecure_bank_net
 {
     public class Program
     {
+        private static IWebHost Host { get; set; }
+        private static DbConnection Connection { get; set;}
+
         public static void Main(string[] args)
         {
-            CreateWebHostBuilder(args).Build().Run();
+            Host = CreateWebHost(args);
+            Connection = PersistentConnection();
+            Host.Run();
         }
 
-        public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
+        private static IWebHost CreateWebHost(string[] args) =>
             WebHost.CreateDefaultBuilder(args)
-                .UseStartup<Startup>();
+                .UseStartup<Startup>()
+                .Build();
+
+        // Connection that will be kept persistent holding the in memory database
+        // https://docs.microsoft.com/es-es/dotnet/standard/data/sqlite/in-memory-databases
+        private static DbConnection PersistentConnection() {
+            var configuration = Host.Services.GetService(typeof(IConfiguration)) as IConfiguration;
+            var conn = new SqliteConnection(configuration.GetConnectionString("DefaultConnection"));
+            conn.Open();
+            return conn;
+        }
     }
 }
diff --git a/Startup.cs b/Startup.cs
@@ -9,7 +9,6 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
-using Microsoft.Data.Sqlite;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -32,11 +31,8 @@ public void ConfigureServices(IServiceCollection services)
         {
             services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
 
-            var SqLiteConnection = new SqliteConnection(Configuration.GetConnectionString("DefaultConnection"));
-            SqLiteConnection.Open();
-
             services.AddDbContext<ApplicationDbContext>(options =>
-                options.UseSqlite(SqLiteConnection));
+                options.UseSqlite(Configuration.GetConnectionString("DefaultConnection")));
 
             services.AddScoped(typeof(IAccountDao), typeof(AccountDaoImpl));
             services.AddScoped(typeof(IActivityDao), typeof(ActivityDaoImpl));
@@ -88,17 +84,16 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env, Applicat
             app.UseAuthorization();
 
             app.UseEndpoints(endpoints => endpoints.MapRazorPages() );
-
-            context.Database.EnsureDeleted();
             context.Database.EnsureCreated();
             PopulateDatabase(context);
             LoadAssemblies(VulnerableAssemblies);
         }
 
         private void PopulateDatabase(ApplicationDbContext context)
         {
-            ApplicationDbContext.connection = context.Database.GetDbConnection();
-            using var command = ApplicationDbContext.connection.CreateCommand();
+            using var conn = context.Database.GetDbConnection();
+            conn.Open();
+            using var command = conn.CreateCommand();
             command.CommandText = "select count(*) from account";
             if (int.Parse(command.ExecuteScalar().ToString()!) == 0)
             {

diff --git a/appsettings.json b/appsettings.json
@@ -1,6 +1,6 @@
 {
   "ConnectionStrings": {
-    "DefaultConnection": "Data Source=InMemorySample;Mode=Memory;Cache=Shared",
+    "DefaultConnection": "Data Source=InMemorySample;Mode=Memory;Cache=Shared"
   },
   "Logging": {
     "LogLevel": {