refact

2021-07-05 12:55:52 +01:00
parent 5de53a3cba
commit 476d35ae8a
270 changed files with 476 additions and 400 deletions
--- a/src/isnd/Authorisation/ValidApiKeyRequirement.cs
+++ b/src/isnd/Authorisation/ValidApiKeyRequirement.cs
@ -0,0 +1,10 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace isn.Authorization
+{
+    internal class ValidApiKeyRequirement : IAuthorizationRequirement
+    {
+    }
+
+
+}
--- a/src/isnd/Authorisation/ValidApiKeyRequirementHandler.cs
+++ b/src/isnd/Authorisation/ValidApiKeyRequirementHandler.cs
@ -0,0 +1,13 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+
+namespace isn.Authorization
+{
+    internal class ValidApiKeyRequirementHandler : AuthorizationHandler<ValidApiKeyRequirement>
+    {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidApiKeyRequirement requirement)
+        {
+            throw new System.NotImplementedException();
+        }
+    }
+}
--- a/src/isnd/Constants.cs
+++ b/src/isnd/Constants.cs
@ -0,0 +1,9 @@
+namespace isn
+{
+    public static class Constants
+    {
+        public const string AdministratorRoleName = "Admin";
+        public const string RequireAdminPolicyName = "RequireAdministratorRole";
+        public const string RequireValidApiKey = "RequireValideApiKey";
+    }
+}
--- a/src/isnd/Controllers/AccountController.cs
+++ b/src/isnd/Controllers/AccountController.cs
@ -0,0 +1,260 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
+using isn.Data;
+using isn.Data.Roles;
+using System;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace isn.Controllers
+{
+    [AllowAnonymous]
+    public class AccountController : Controller
+    {       
+        private readonly IAuthenticationSchemeProvider _schemeProvider;
+
+        private readonly SignInManager<ApplicationUser> _signInManager;
+        private readonly UserManager<ApplicationUser> _userManager;
+        private readonly AdminStartupList _startupAdminList;
+
+        public AccountController(
+            IAuthenticationSchemeProvider schemeProvider,
+            SignInManager<ApplicationUser> signInManager,
+            UserManager<ApplicationUser> userManager,
+            IOptions<AdminStartupList> startupAdminListConfig )
+        {
+            _schemeProvider = schemeProvider;
+            _signInManager = signInManager;
+            _userManager = userManager;
+            _startupAdminList = startupAdminListConfig.Value;
+        }
+
+        /// <summary>
+        /// Entry point into the login workflow
+        /// </summary>
+        [HttpGet]
+        public async Task<IActionResult> Login(string returnUrl)
+        {
+            // build a model so we know what to show on the login page
+            var vm = await BuildLoginViewModelAsync(returnUrl);
+
+            if (vm.IsExternalLoginOnly)
+            {
+                // we only have one option for logging in and it's an external provider
+                return RedirectToAction("Challenge", "External", new { scheme = vm.ExternalLoginScheme, returnUrl });
+            }
+
+            return View(vm);
+        }
+
+        /// <summary>
+        /// Handle postback from username/password login
+        /// </summary>
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> Login(LoginInputModel model, string button)
+        {
+          
+            // the user clicked the "cancel" button
+            if (button != "login")
+            {
+               
+                // since we don't have a valid context, then we just go back to the home page
+                return Redirect("~/");
+            }
+
+            if (ModelState.IsValid)
+            {
+                // validate username/password
+                var user = await _userManager.FindByNameAsync(model.Username);
+                var signResult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, true);
+
+                if (signResult.Succeeded)
+                {
+                    
+                    // only set explicit expiration here if user chooses "remember me". 
+                    // otherwise we rely upon expiration configured in cookie middleware.
+                    AuthenticationProperties props = null;
+                    if (AccountOptions.AllowRememberLogin && model.RememberLogin)
+                    {
+                        props = new AuthenticationProperties
+                        {
+                            IsPersistent = true,
+                            ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration)
+                        };
+                    };
+                    
+                    await _signInManager.SignInAsync(user, model.RememberLogin && AccountOptions.AllowRememberLogin);
+                    if (Url.IsLocalUrl(model.ReturnUrl))
+                    {
+                        return Redirect(model.ReturnUrl);
+                    }
+                    else if (string.IsNullOrEmpty(model.ReturnUrl))
+                    {
+                        return Redirect("~/");
+                    }
+                    else
+                    {
+                        // user might have clicked on a malicious link - should be logged
+                        throw new Exception("invalid return URL");
+                    }
+                }
+
+                ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage);
+            }
+
+            // something went wrong, show form with error
+            var vm = await BuildLoginViewModelAsync(model);
+            return View(vm);
+        }
+
+        
+        /// <summary>
+        /// Show logout page
+        /// </summary>
+        [HttpGet]
+        public async Task<IActionResult> Logout(string logoutId)
+        {
+            // build a model so the logout page knows what to display
+            var vm = await BuildLogoutViewModelAsync(logoutId);
+
+            if (vm.ShowLogoutPrompt == false)
+            {
+                // if the request for logout was properly authenticated from IdentityServer, then
+                // we don't need to show the prompt and can just log the user out directly.
+                return await Logout(vm);
+            }
+
+            return View(vm);
+        }
+
+        /// <summary>
+        /// Handle logout page postback
+        /// </summary>
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> Logout(LogoutInputModel model)
+        {
+            // build a model so the logged out page knows what to display
+            var vm = await BuildLoggedOutViewModelAsync(model.LogoutId);
+
+            if (User?.Identity.IsAuthenticated == true)
+            {
+                // delete local authentication cookie
+                await HttpContext.SignOutAsync();
+            }
+
+            // check if we need to trigger sign-out at an upstream identity provider
+            if (vm.TriggerExternalSignout)
+            {
+                // build a return URL so the upstream provider will redirect back
+                // to us after the user has logged out. this allows us to then
+                // complete our single sign-out processing.
+                string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
+
+                // this triggers a redirect to the external provider for sign-out
+                return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
+            }
+            
+            return View("LoggedOut", vm);
+        }
+
+        [HttpGet]
+        public IActionResult AccessDenied()
+        {
+            return new BadRequestObjectResult(403);
+        }
+
+
+        /*****************************************/
+        /* helper APIs for the AccountController */
+        /*****************************************/
+        private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl)
+        {
+            
+
+            var schemes = await _schemeProvider.GetAllSchemesAsync();
+
+            var providers = schemes
+                .Where(x => x.DisplayName != null)
+                .Select(x => new ExternalProvider
+                {
+                    DisplayName = x.DisplayName ?? x.Name,
+                    AuthenticationScheme = x.Name
+                }).ToList();
+
+            var allowLocal = true;
+            
+
+            return new LoginViewModel
+            {
+                AllowRememberLogin = AccountOptions.AllowRememberLogin,
+                EnableLocalLogin = allowLocal && AccountOptions.AllowLocalLogin,
+                ReturnUrl = returnUrl,
+                ExternalProviders = providers.ToArray()
+            };
+        }
+
+        private async Task<LoginViewModel> BuildLoginViewModelAsync(LoginInputModel model)
+        {
+            var vm = await BuildLoginViewModelAsync(model.ReturnUrl);
+            vm.Username = model.Username;
+            vm.RememberLogin = model.RememberLogin;
+            return vm;
+        }
+
+        private async Task<LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
+        {
+            var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt };
+
+            if (User?.Identity.IsAuthenticated != true)
+            {
+                // if the user is not authenticated, then just show logged out page
+                vm.ShowLogoutPrompt = false;
+                return vm;
+            }
+
+            // show the logout prompt. this prevents attacks where the user
+            // is automatically signed out by another malicious web page.
+            return vm;
+        }
+
+        private async Task<LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
+        {
+           
+            var vm = new LoggedOutViewModel
+            {
+                AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut,
+                LogoutId = logoutId
+            };
+        
+            return vm;
+        }
+
+        [Authorize]
+        public async Task<IActionResult> GetAdminrole()
+        {
+            string username =  User.FindFirstValue(ClaimTypes.NameIdentifier);
+            if (_startupAdminList.Users.Contains(username))
+            {
+                var user = await _userManager.FindByNameAsync(username);
+                var roles = await _userManager.GetRolesAsync(user);
+                if (!roles.Contains(Constants.AdministratorRoleName))
+                {
+                    await _userManager.AddToRoleAsync(user, Constants.AdministratorRoleName);
+                    
+                }
+                return Ok();
+            }
+            return BadRequest();
+        }
+    }
+}
--- a/src/isnd/Controllers/ApiKeysController.cs
+++ b/src/isnd/Controllers/ApiKeysController.cs
@ -0,0 +1,147 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Rendering;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Options;
+using isn.Data;
+using isn.Entities;
+using isn.Data.ApiKeys;
+
+
+namespace isn.Controllers
+{
+    [Authorize]
+    public class ApiKeysController : Controller
+    {
+        private readonly ApplicationDbContext dbContext;
+        private readonly NugetSettings nugetSettings;
+        private readonly UserManager<ApplicationUser> _userManager;
+
+        private readonly IDataProtector protector;
+        public ApiKeysController(ApplicationDbContext dbContext, 
+        IOptions<NugetSettings> nugetSettingsOptions,
+        IDataProtectionProvider provider,
+        UserManager<ApplicationUser> userManager)
+        {
+            this.dbContext = dbContext;
+            this.nugetSettings = nugetSettingsOptions.Value;
+            protector = provider.CreateProtector(nugetSettings.ProtectionTitle);
+            _userManager = userManager;
+        }
+
+        [HttpGet]
+        public async Task<ActionResult> Index()
+        {
+            string userid = User.FindFirstValue(ClaimTypes.NameIdentifier);
+            System.Collections.Generic.List<ApiKey> index = GetUserKeys().ToList();
+            IndexModel model = new IndexModel { ApiKey = index };
+            ViewData["Title"] = "Index";
+            return View("Index", model);
+        }
+
+        [HttpGet]
+        public async Task<ActionResult> Create()
+        {
+            var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
+            var username = User.Identity.Name;
+            var user = await _userManager.FindByIdAsync(userId);
+            ViewBag.UserId = new SelectList(new List<ApplicationUser> { user });
+            return View(new CreateModel{ });
+        }
+
+        [HttpPost]
+        public async Task<ActionResult> Create(CreateModel model)
+        {
+            string userid =  User.FindFirstValue(ClaimTypes.NameIdentifier);
+            IQueryable<ApiKey> userKeys = GetUserKeys();
+            if (userKeys.Count() >= nugetSettings.MaxUserKeyCount)
+            {
+                ModelState.AddModelError(null, "Maximum key count reached");
+                return View();
+            }
+            ApiKey newKey = new ApiKey { UserId = userid, Name = model.Name,
+            CreationDate = DateTime.Now };
+            _ = dbContext.ApiKeys.Add(newKey);
+            _ = await dbContext.SaveChangesAsync();
+            return View("Details", new DetailModel { Name = newKey.Name,
+             ProtectedValue = protector.Protect(newKey.Id),
+             ApiKey = newKey });
+        }
+
+        [HttpGet]
+        public async Task<ActionResult> Delete(string id)
+        {
+            string userid =  User.FindFirstValue(ClaimTypes.NameIdentifier);
+            ApiKey key = dbContext.ApiKeys.FirstOrDefault(k => k.Id == id && k.UserId == userid);
+            return View(new DeleteModel { ApiKey = key });
+
+        }
+
+        [HttpPost]
+        public async Task<ActionResult> Delete(DeleteModel model)
+        {
+            string userid =  User.FindFirstValue(ClaimTypes.NameIdentifier);
+            ApiKey key = dbContext.ApiKeys.FirstOrDefault(k => k.Id == model.ApiKey.Id && k.UserId == userid);
+            if (key == null)
+            {
+                ModelState.AddModelError(null, "Key not found");
+                return View();
+            }
+            _ = dbContext.ApiKeys.Remove(key);
+            _ = await dbContext.SaveChangesAsync();
+            return View("Index", new IndexModel { ApiKey = GetUserKeys().ToList() } );
+        }
+
+        public async Task<ActionResult> Details(string id)
+        {
+            string userid =  User.FindFirstValue(ClaimTypes.NameIdentifier);
+            ApiKey key = await dbContext.ApiKeys.FirstOrDefaultAsync(k => k.Id == id && k.UserId == userid);
+                    if (key == null)
+                    {
+                        ModelState.AddModelError(null, "Key not found");
+                        return View();
+                    }
+                    return View("Details", new DetailModel { ApiKey = key, Name = key.Name, ProtectedValue = protector.Protect(key.Id)});
+
+        }
+
+        public async Task<ActionResult> Edit(string id)
+        {
+
+            EditModel edit = new EditModel();
+            string userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
+            
+            var user = await _userManager.FindByIdAsync(userId);
+
+            edit.ApiKey = await GetUserKeys().SingleOrDefaultAsync(k => 
+            k.UserId == userId && k.Id == id);
+            ViewBag.UserId = new SelectList(new List<ApplicationUser> { user });
+         
+            return View(edit);
+        }
+
+        [HttpPost]
+        public async Task<ActionResult> Edit(EditModel model)
+        {
+            string userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
+            
+            var apiKey = await dbContext.ApiKeys.SingleOrDefaultAsync(k => k.UserId == userId && k.Id == model.ApiKey.Id);
+            apiKey.Name = model.ApiKey.Name;
+            apiKey.ValidityPeriodInDays = model.ApiKey.ValidityPeriodInDays;
+            await dbContext.SaveChangesAsync();
+            return View("Details", new DetailModel { ApiKey = apiKey });
+        }
+
+        public IQueryable<ApiKey> GetUserKeys()
+        {
+            return dbContext.ApiKeys.Include(k => k.User).Where(k => k.User.UserName == User.Identity.Name);
+        }
+    }
+}
--- a/src/isnd/Controllers/HomeController.cs
+++ b/src/isnd/Controllers/HomeController.cs
@ -0,0 +1,68 @@
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using isn.Entities;
+using isn.Data;
+using System.Linq;
+using isn.ViewModels;
+using Unleash.ClientFactory;
+using Unleash;
+
+namespace isn.Controllers
+{
+    public class HomeController : Controller
+    {
+        private readonly ILogger _logger;
+        readonly IHostingEnvironment _environment;
+        public SmtpSettings _smtpSettings { get; } //set only via Secret Manager
+
+        private ApplicationDbContext _dbContext;
+
+        public HomeController(
+            IOptions<SmtpSettings> smtpSettings,
+            IHostingEnvironment environment,
+            ApplicationDbContext dbContext,
+            ILogger<HomeController> logger)
+        {
+            _environment = environment;
+            _logger = logger;
+            _smtpSettings = smtpSettings.Value;
+            _dbContext = dbContext;
+        }
+        
+        public IActionResult Index()
+        {
+            return View(new HomeIndexViewModel{
+                PkgCount = _dbContext.Packages.Count(),
+                UnleashClient = Startup.UnleashĈlient
+                });
+        }
+
+        public IActionResult About()
+        {
+            ViewData["Message"] = "Your application description page.";
+
+            return View();
+        }
+
+        public IActionResult Contact()
+        {
+            ViewData["Message"] = "Your contact page.";
+
+            return View();
+        }
+
+        public IActionResult Privacy()
+        {
+            ViewData["Message"] = "Your Privacy page.";
+
+            return View(ViewData);
+        }
+
+        public IActionResult Error()
+        {
+            return View();
+        }
+    }
+}
--- a/src/isnd/Controllers/NewUpdateController.cs
+++ b/src/isnd/Controllers/NewUpdateController.cs
@ -0,0 +1,17 @@
+using System;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using isn.Data;
+
+namespace isn.Controllers
+{
+
+    public class NewUpdateController : Controller
+    {
+        [Authorize(Policy = Constants.RequireAdminPolicyName)]
+        public IActionResult NewRelease(NewReleaseInfo version)
+        {
+            return View(version);
+        }
+    }
+}
--- a/src/isnd/Controllers/PackageVersionController.cs
+++ b/src/isnd/Controllers/PackageVersionController.cs
@ -0,0 +1,93 @@
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using isn.Data;
+using isn.ViewModels;
+
+namespace isn
+{
+    [AllowAnonymous]
+    public class PackageVersionController : Controller
+    {
+        private readonly ApplicationDbContext _context;
+
+        public PackageVersionController(ApplicationDbContext context)
+        {
+            _context = context;
+        }
+
+        // GET: PackageVersion
+        public async Task<IActionResult> Index(PackageVersionIndexViewModel model)
+        {
+            var applicationDbContext = _context.PackageVersions.Include(p => p.Package).Where(p => p.PackageId == model.PackageId);
+
+            model.Versions = await applicationDbContext.ToListAsync();
+
+            return View(model);
+        }
+
+        // GET: PackageVersion/Details/5
+        public async Task<IActionResult> Details(string pkgid, string version)
+        {
+            if (pkgid == null || version == null)
+            {
+                return NotFound();
+            }
+
+            var packageVersion = await _context.PackageVersions
+                .Include(p => p.Package)
+                .FirstOrDefaultAsync(m => m.PackageId == pkgid && m.FullString == version);
+            if (packageVersion == null)
+            {
+                return NotFound();
+            }
+
+            return View(packageVersion);
+        }
+
+        [Authorize]
+        public async Task<IActionResult> Delete(string pkgid, string version)
+        {
+            if (pkgid == null || version == null)
+            {
+                return NotFound();
+            }
+
+            var packageVersion = await _context.PackageVersions
+                .Include(p => p.Package)
+                .FirstOrDefaultAsync(m => m.PackageId == pkgid && m.FullString == version);
+            if (packageVersion == null)
+            {
+                return NotFound();
+            }
+
+            if (!IsOwner(packageVersion)) return Unauthorized();
+
+            return View(packageVersion);
+        }
+
+        bool IsOwner(PackageVersion v)
+        {
+            var userId =  User.FindFirstValue(ClaimTypes.NameIdentifier);
+            return v.Package.OwnerId == userId;
+        }
+
+        // POST: PackageVersion/Delete/5
+        [HttpPost, ActionName("Delete")]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> DeleteConfirmed(string PackageId, string FullString)
+        {
+            var packageVersion = await _context.PackageVersions.Include(p => p.Package)
+             .FirstOrDefaultAsync(m => m.PackageId == PackageId && m.FullString == FullString);
+            if (packageVersion == null) return NotFound();
+            if (!IsOwner(packageVersion)) return Unauthorized();
+
+            _context.PackageVersions.Remove(packageVersion);
+            await _context.SaveChangesAsync();
+            return RedirectToAction(nameof(Index));
+        }
+    }
+}
--- a/src/isnd/Controllers/PackagesController.Put.cs
+++ b/src/isnd/Controllers/PackagesController.Put.cs
@ -0,0 +1,173 @@
+
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.IO.Compression;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using NuGet.Packaging.Core;
+using NuGet.Versioning;
+using isn.Data;
+using isn.Helpers;
+
+namespace isn.Controllers
+{
+
+    public partial class PackagesController
+    {
+
+        [HttpPut("packages")]
+        public async Task<IActionResult> Put()
+        {
+            try
+            {
+                var clientVersionId = Request.Headers["X-NuGet-Client-Version"];
+                var apiKey = Request.Headers["X-NuGet-ApiKey"];
+                ViewData["versionId"] = typeof(PackagesController).Assembly.FullName;
+                var files = new List<string>();
+                ViewData["files"] = files;
+
+                var clearkey = protector.Unprotect(apiKey);
+                var apikey = dbContext.ApiKeys.SingleOrDefault(k => k.Id == clearkey);
+                if (apikey == null)
+                {
+                    logger.LogError("403 : no api-key");
+                    return Unauthorized();
+                }
+
+                foreach (var file in Request.Form.Files)
+                {
+                    string initpath = Path.Combine(Environment.GetEnvironmentVariable("TEMP") ??
+                    Environment.GetEnvironmentVariable("TMP") ?? "/tmp",
+                     $"isn-{Guid.NewGuid()}.nupkg");
+
+                    using (FileStream fw = new FileStream(initpath, FileMode.Create))
+                    {
+                        file.CopyTo(fw);
+                    }
+
+                    using (FileStream fw = new FileStream(initpath, FileMode.Open))
+                    {
+                        var archive = new ZipArchive(fw);
+
+                        var nuspec = archive.Entries.FirstOrDefault(e => e.FullName.EndsWith(".nuspec"));
+                        if (nuspec == null) return BadRequest(new { error = "no nuspec from archive" });
+                        string pkgpath;
+                        NuGetVersion version;
+                        string pkgid;
+                        string fullpath;
+
+                        using (var specstr = nuspec.Open())
+                        {
+                            NuspecCoreReader reader = new NuspecCoreReader(specstr);
+
+                            string pkgdesc = reader.GetDescription();
+                            var types = reader.GetPackageTypes();
+                            pkgid = reader.GetId();
+                            version = reader.GetVersion();
+
+                            string pkgidpath = Path.Combine(nugetSettings.PackagesRootDir,
+                                pkgid);
+                            pkgpath = Path.Combine(pkgidpath, version.ToFullString());
+                            string name = $"{pkgid}-{version}.nupkg";
+                            fullpath = Path.Combine(pkgpath, name);
+
+                            var destpkgiddir = new DirectoryInfo(pkgidpath);
+                            Package package = dbContext.Packages.SingleOrDefault(p => p.Id == pkgid);
+                            if (package != null)
+                            {
+                                if (package.OwnerId != apikey.UserId)
+                                {
+                                    return new ForbidResult();
+                                }
+                                package.Description = pkgdesc;
+                            }
+                            else
+                            {
+                                package = new Package
+                                {
+                                    Id = pkgid,
+                                    Description = pkgdesc,
+                                    OwnerId = apikey.UserId
+                                };
+                                dbContext.Packages.Add(package);
+                            }
+                            if (!destpkgiddir.Exists) destpkgiddir.Create();
+
+                            var source = new FileInfo(initpath);
+                            var dest = new FileInfo(fullpath);
+                            var destdir = new DirectoryInfo(dest.DirectoryName);
+                            if (dest.Exists)
+                            {
+                                ViewData["msg"] = "existant";
+                                ViewData["ecode"] = 1;
+                                logger.LogWarning("400 : existant");
+                                return base.BadRequest(new { error = ModelState });
+                            }
+                            else
+                            {
+                                destdir.Create();
+                                source.MoveTo(fullpath);
+                                files.Add(name);
+                                string fullstringversion = version.ToFullString();
+                                var pkgvers = dbContext.PackageVersions.Where
+                                (v => v.PackageId == package.Id && v.FullString == fullstringversion);
+                                if (pkgvers.Count() > 0)
+                                {
+                                    foreach (var v in pkgvers.ToArray())
+                                        dbContext.PackageVersions.Remove(v);
+                                }
+                                foreach (var type in types)
+                                {
+                                    var pkgver = new PackageVersion
+                                    {
+                                        Package = package,
+                                        Major = version.Major,
+                                        Minor = version.Minor,
+                                        Patch = version.Patch,
+                                        IsPrerelease = version.IsPrerelease,
+                                        FullString = version.ToFullString(),
+                                        Type = type.Name
+                                    };
+                                    dbContext.PackageVersions.Add(pkgver);
+                                }
+                                await dbContext.SaveChangesAsync();
+
+                                logger.LogInformation($"new package : {nuspec.Name}");
+                            }
+                        }
+                        using (var shacrypto = System.Security.Cryptography.SHA512.Create())
+                        {
+                            using (var stream = System.IO.File.OpenRead(fullpath))
+                            {
+                                var hash = shacrypto.ComputeHash(stream);
+                                var shafullname = fullpath + ".sha512";
+                                var hashtext = Convert.ToBase64String(hash);
+                                var hashtextbytes = Encoding.ASCII.GetBytes(hashtext);
+
+                                using (var shafile = System.IO.File.OpenWrite(shafullname))
+                                {
+                                    shafile.Write(hashtextbytes, 0, hashtextbytes.Length);
+                                }
+                            }
+                        }
+                        nuspec.ExtractToFile(Path.Combine(pkgpath, pkgid + ".nuspec"));
+                    }
+
+                }
+                return Ok(ViewData);
+            }
+            catch (Exception ex)
+            {
+                logger.LogError(ex.Message);
+                logger.LogError("Stack Trace: " + ex.StackTrace);
+                return new ObjectResult(new { ViewData, ex.Message })
+                { StatusCode = 500 };
+            }
+        }
+    }
+}
--- a/src/isnd/Controllers/PackagesController.cs
+++ b/src/isnd/Controllers/PackagesController.cs
@ -0,0 +1,173 @@
+using System.ComponentModel.DataAnnotations;
+using System.IO;
+using System.Linq;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using NuGet.Versioning;
+using isn.Data;
+using isn.Entities;
+using Unleash.ClientFactory;
+using Unleash;
+using System.Collections.Generic;
+using isnd.Services;
+
+namespace isn.Controllers
+{
+
+    [AllowAnonymous]
+    public partial class PackagesController : Controller
+    {
+        const int maxTake = 100;
+
+        const string _pkgRootPrefix = "~/package";
+        const string defaultSemVer = "2.0.0";
+        private readonly Resource[] ressources;
+        private readonly ILogger<PackagesController> logger;
+        private readonly IDataProtector protector;
+
+        private readonly NugetSettings nugetSettings;
+        ApplicationDbContext dbContext;
+        private PackageManager packageManager;
+
+        public PackagesController(
+            PackageManager packageManager,
+            ILoggerFactory loggerFactory,
+            IDataProtectionProvider provider,
+            IOptions<NugetSettings> nugetOptions,
+            ApplicationDbContext dbContext)
+        {
+            logger = loggerFactory.CreateLogger<PackagesController>();
+            nugetSettings = nugetOptions.Value;
+            protector = provider.CreateProtector(nugetSettings.ProtectionTitle);
+            this.dbContext = dbContext;
+            this.packageManager = packageManager;
+            
+            ressources = packageManager.GetResources(Startup.UnleashĈlient).ToArray();
+        }
+
+        // dotnet add . package -s http://localhost:5000/packages isn
+        // packages/FindPackagesById()?id='isn'&semVerLevel=2.0.0
+
+        // Search
+        // GET {@id}?q={QUERY}&skip={SKIP}&take={TAKE}&prerelease={PRERELEASE}&semVerLevel={SEMVERLEVEL}&packageType={PACKAGETYPE}
+
+
+        [HttpGet("~/index.json")]
+        public IActionResult ApiIndex()
+        {
+            return Ok(ressources);
+        }
+
+
+        [HttpGet(_pkgRootPrefix + "/index.json")]
+        public IActionResult Index(
+            string q,
+            string semVerLevel = defaultSemVer,
+            bool prerelease = false,
+            string packageType = null,
+            int skip = 0,
+            int take = 25)
+        {
+            if (string.IsNullOrEmpty(q))
+            {
+                ModelState.AddModelError("q", "no value");
+            }
+            if (take > maxTake)
+            {
+                ModelState.AddModelError("take", "Maximum exceeded");
+            }
+            if (ModelState.IsValid)
+            {
+                return Ok(packageManager.SearchByName(q,skip,take,prerelease,packageType));
+            }
+            return BadRequest(new { error = ModelState });
+        }
+
+        // GET /autocomplete?id=nuget.protocol&prerelease=true
+        [HttpGet(_pkgRootPrefix + "/autocomplete")]
+        public IActionResult AutoComplete(
+            string id,
+            string semVerLevel = defaultSemVer,
+            bool prerelease = false,
+            string packageType = null,
+            int skip = 0,
+            int take = 25)
+        {
+            if (take > maxTake)
+            {
+                ModelState.AddModelError("take", "Maximum exceeded");
+                return BadRequest(ModelState);
+            }
+            
+            return Ok(packageManager.AutoComplete(id,skip,take,prerelease,packageType));
+        }
+        // TODO GET {@id}/{LOWER_ID}/index.json 
+        // LOWER_ID 	URL 	string 	yes 	The package ID, lowercased
+        // response : versions 	array of strings 	yes 	The versions available
+        [HttpGet(_pkgRootPrefix + "/{id}/{lower}/index.json")]
+        public IActionResult GetVersions(
+            string id,
+            string lower,
+            bool prerelease = false,
+            string packageType = null,
+            int skip = 0,
+            int take = 25)
+        {
+            if (take > maxTake)
+            {
+                ModelState.AddModelError("take", "Maximum exceeded");
+            }
+            // NugetVersion
+            if (!NuGetVersion.TryParse(lower, out NuGetVersion parsedVersion))
+            {
+                ModelState.AddModelError("lower", "invalid version string");
+            }
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+            return Ok(new
+            {
+                versions = packageManager.GetVersions(
+                    id, parsedVersion, prerelease, packageType, skip, take)
+            });
+        }
+
+        // TODO GET GET {@id}/{LOWER_ID}/{LOWER_VERSION}/{LOWER_ID}.{LOWER_VERSION}.nupkg
+        // LOWER_ID 	URL 	string 	yes 	The package ID, lowercase
+        // LOWER_VERSION 	URL 	string 	yes 	The package version, normalized and lowercased
+        // response 200 : the package
+        [HttpGet(_pkgRootPrefix + "/{id}/{lower}/{idf}.{lowerf}.nupkg")]
+        public IActionResult GetPackage(
+           [FromRoute] string id, [FromRoute] string lower,
+            [FromRoute] string idf, [FromRoute] string lowerf)
+        {
+            var pkgpath = Path.Combine(nugetSettings.PackagesRootDir,
+            id, lower, $"{idf}.{lowerf}.nupkg"
+            );
+
+            FileInfo pkgfi = new FileInfo(pkgpath);
+            return File(pkgfi.OpenRead(), "application/zip; charset=binary");
+        }
+
+        // TODO GET {@id}/{LOWER_ID}/{LOWER_VERSION}/{LOWER_ID}.nuspec
+        // response 200 : the nuspec
+        [HttpGet(_pkgRootPrefix + "/{id}/{lower}/{idf}.{lowerf}.nuspec")]
+        public IActionResult GetNuspec(
+            [FromRoute][SafeName][Required] string id,
+            [FromRoute][SafeName][Required] string lower,
+            [FromRoute][SafeName][Required] string idf,
+            [FromRoute][SafeName][Required] string lowerf)
+        {
+            var pkgpath = Path.Combine(nugetSettings.PackagesRootDir,
+            id, lower, $"{idf}.{lowerf}.nuspec");
+
+            FileInfo pkgfi = new FileInfo(pkgpath);
+            return File(pkgfi.OpenRead(), "text/xml; charset=utf-8");
+        }
+    }
+}
--- a/src/isnd/Controllers/Resource.cs
+++ b/src/isnd/Controllers/Resource.cs
@ -0,0 +1,10 @@
+namespace isn.Controllers
+{
+    internal class Resource
+    {
+        public string id {get; set; }
+        public string type {get; set; }
+        public string comment {get; set; }
+
+    }
+}
--- a/src/isnd/Controllers/SafeNameAttribute.cs
+++ b/src/isnd/Controllers/SafeNameAttribute.cs
@ -0,0 +1,20 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+
+namespace isn.Controllers
+{
+    internal class SafeNameAttribute : ValidationAttribute
+    {
+        public override bool IsValid(object value)
+        {
+            if (!(value is string))
+                return false;
+            string str = value as string;
+            if (str.Length>126) return false;
+            if (str.Any(c => !char.IsLetterOrDigit(c)
+            && !"-_.".Contains(c))) return false;
+            return true;
+        }
+    }
+}
--- a/src/isnd/Data/Account/AccountOptions.cs
+++ b/src/isnd/Data/Account/AccountOptions.cs
@ -0,0 +1,20 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+using System;
+
+namespace isn.Data
+{
+    public class AccountOptions
+    {
+        public static bool AllowLocalLogin = true;
+        public static bool AllowRememberLogin = true;
+        public static TimeSpan RememberMeLoginDuration = TimeSpan.FromDays(30);
+
+        public static bool ShowLogoutPrompt = true;
+        public static bool AutomaticRedirectAfterSignOut = false;
+
+        public static string InvalidCredentialsErrorMessage = "Invalid username or password";
+    }
+}
--- a/src/isnd/Data/Account/ExternalProvider.cs
+++ b/src/isnd/Data/Account/ExternalProvider.cs
@ -0,0 +1,12 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+namespace isn.Data
+{
+    public class ExternalProvider
+    {
+        public string DisplayName { get; set; }
+        public string AuthenticationScheme { get; set; }
+    }
+}
--- a/src/isnd/Data/Account/LoggedOutViewModel.cs
+++ b/src/isnd/Data/Account/LoggedOutViewModel.cs
@ -0,0 +1,19 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+namespace isn.Data
+{
+    public class LoggedOutViewModel
+    {
+        public string PostLogoutRedirectUri { get; set; }
+        public string ClientName { get; set; }
+        public string SignOutIframeUrl { get; set; }
+
+        public bool AutomaticRedirectAfterSignOut { get; set; }
+
+        public string LogoutId { get; set; }
+        public bool TriggerExternalSignout => ExternalAuthenticationScheme != null;
+        public string ExternalAuthenticationScheme { get; set; }
+    }
+}
--- a/src/isnd/Data/Account/LoginInputModel.cs
+++ b/src/isnd/Data/Account/LoginInputModel.cs
@ -0,0 +1,18 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+using System.ComponentModel.DataAnnotations;
+
+namespace isn.Data
+{
+    public class LoginInputModel
+    {
+        [Required]
+        public string Username { get; set; }
+        [Required]
+        public string Password { get; set; }
+        public bool RememberLogin { get; set; }
+        public string ReturnUrl { get; set; }
+    }
+}
--- a/src/isnd/Data/Account/LoginViewModel.cs
+++ b/src/isnd/Data/Account/LoginViewModel.cs
@ -0,0 +1,22 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+
+namespace isn.Data
+{
+    public class LoginViewModel : LoginInputModel
+    {
+        public bool AllowRememberLogin { get; set; } = true;
+        public bool EnableLocalLogin { get; set; } = true;
+
+        public IEnumerable<ExternalProvider> ExternalProviders { get; set; } = Enumerable.Empty<ExternalProvider>();
+        public IEnumerable<ExternalProvider> VisibleExternalProviders => ExternalProviders.Where(x => !String.IsNullOrWhiteSpace(x.DisplayName));
+
+        public bool IsExternalLoginOnly => EnableLocalLogin == false && ExternalProviders?.Count() == 1;
+        public string ExternalLoginScheme => IsExternalLoginOnly ? ExternalProviders?.SingleOrDefault()?.AuthenticationScheme : null;
+    }
+}
--- a/src/isnd/Data/Account/LogoutInputModel.cs
+++ b/src/isnd/Data/Account/LogoutInputModel.cs
@ -0,0 +1,11 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+namespace isn.Data
+{
+    public class LogoutInputModel
+    {
+        public string LogoutId { get; set; }
+    }
+}
--- a/src/isnd/Data/Account/LogoutViewModel.cs
+++ b/src/isnd/Data/Account/LogoutViewModel.cs
@ -0,0 +1,11 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+namespace isn.Data
+{
+    public class LogoutViewModel : LogoutInputModel
+    {
+        public bool ShowLogoutPrompt { get; set; } = true;
+    }
+}
--- a/src/isnd/Data/Account/RedirectViewModel.cs
+++ b/src/isnd/Data/Account/RedirectViewModel.cs
@ -0,0 +1,12 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+
+
+namespace isn.Data
+{
+    public class RedirectViewModel
+    {
+        public string RedirectUrl { get; set; }
+    }
+}
--- a/src/isnd/Data/Account/RegisterViewModel.cs
+++ b/src/isnd/Data/Account/RegisterViewModel.cs
@ -0,0 +1,32 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace isn.Data
+{
+    public class RegisterViewModel
+    {
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 2)]
+        [Display(Name = "FullName")]
+        public string FullName { get; set; }
+
+        [Required]
+        [EmailAddress]
+        [Display(Name = "Email")]
+        public string Email { get; set; }
+
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Password)]
+        [Display(Name = "Password")]
+        public string Password { get; set; }
+
+        [DataType(DataType.Password)]
+        [Display(Name = "Confirm password")]
+        [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
+        public string ConfirmPassword { get; set; }
+    }
+}
--- a/src/isnd/Data/ApiKeys/ApiKey.cs
+++ b/src/isnd/Data/ApiKeys/ApiKey.cs
@ -0,0 +1,23 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace isn.Data.ApiKeys
+{
+    public class ApiKey
+    {
+        [Required][Key][DatabaseGenerated(DatabaseGeneratedOption.Identity)]
+        public string Id { get; set; }
+
+        [Required][ForeignKey("User")]
+        public string UserId { get; set; }
+
+        public virtual ApplicationUser User { get; set; }
+
+        public string Name { get; set; }
+
+        public int ValidityPeriodInDays{ get; set; }
+
+        public DateTime CreationDate { get; set; }
+    }
+}
--- a/src/isnd/Data/ApiKeys/ApiKeyViewModel.cs
+++ b/src/isnd/Data/ApiKeys/ApiKeyViewModel.cs
@ -0,0 +1,14 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace isn.Data.ApiKeys
+{
+    public class ApiKeyViewModel
+    {
+        [Display(Name = "Key Name")]
+        public string Name { get; set; }
+
+
+        [Display(Name = "Key Value")]
+        public string ProtectedValue { get; set; }
+    }
+}
--- a/src/isnd/Data/ApiKeys/CreateModel.cs
+++ b/src/isnd/Data/ApiKeys/CreateModel.cs
@ -0,0 +1,14 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace isn.Data.ApiKeys
+{
+    public class CreateModel
+    {        
+        
+        [Required][StringLength(255)]
+        [Display(Name = "Key Name")]
+        public string Name { get; set; }
+        public string UserId { get; set; }
+        
+    }
+}
--- a/src/isnd/Data/ApiKeys/DeleteModel.cs
+++ b/src/isnd/Data/ApiKeys/DeleteModel.cs
@ -0,0 +1,7 @@
+namespace isn.Data.ApiKeys
+{
+    public class DeleteModel
+    {
+        public ApiKey ApiKey { get; set; }
+    }
+}
--- a/src/isnd/Data/ApiKeys/DetailModel.cs
+++ b/src/isnd/Data/ApiKeys/DetailModel.cs
@ -0,0 +1,8 @@
+namespace isn.Data.ApiKeys
+{
+    public class DetailModel : ApiKeyViewModel
+    {       
+         public ApiKey ApiKey { get; set; }
+        
+    }
+}
--- a/src/isnd/Data/ApiKeys/EditModel.cs
+++ b/src/isnd/Data/ApiKeys/EditModel.cs
@ -0,0 +1,12 @@
+namespace isn.Data.ApiKeys
+{
+    public class EditModel
+    {
+        public EditModel()
+        {
+            if (ApiKey==null) ApiKey = new ApiKey();
+        }
+        
+        public ApiKey ApiKey { get; set; }
+    }
+}
--- a/src/isnd/Data/ApiKeys/IndexModel.cs
+++ b/src/isnd/Data/ApiKeys/IndexModel.cs
@ -0,0 +1,9 @@
+using System.Collections.Generic;
+
+namespace isn.Data.ApiKeys
+{
+    public class IndexModel
+    {
+        public List<ApiKey> ApiKey { get; set; }
+    }
+}
--- a/src/isnd/Data/ApplicationDbContext.cs
+++ b/src/isnd/Data/ApplicationDbContext.cs
@ -0,0 +1,32 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore;
+using isn.Data;
+using isn.Data.ApiKeys;
+
+namespace isn.Data
+{
+    public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
+    {
+        public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
+            : base(options)
+        {
+        }
+        protected override void OnModelCreating(ModelBuilder modelBuilder)
+        {
+            base.OnModelCreating(modelBuilder);
+            modelBuilder.Entity<PackageVersion>().HasKey(v => new
+            { 
+                v.PackageId,
+                v.FullString,
+                v.Type
+            });
+        }
+        public DbSet<ApiKey> ApiKeys { get; set; }
+        public DbSet<Package> Packages { get; set; }
+        public DbSet<PackageVersion> PackageVersions { get; set; }
+    }
+}
--- a/src/isnd/Data/ApplicationUser.cs
+++ b/src/isnd/Data/ApplicationUser.cs
@ -0,0 +1,10 @@
+using Microsoft.AspNetCore.Identity;
+
+namespace isn.Data
+{
+    // Add profile data for application users by adding properties to the ApplicationUser class
+    public class ApplicationUser : IdentityUser
+    {
+        public string FullName { get; set; }
+    }
+}
--- a/src/isnd/Data/NewReleaseInfo.cs
+++ b/src/isnd/Data/NewReleaseInfo.cs
@ -0,0 +1,11 @@
+using System;
+
+namespace isn.Data
+{
+    public class NewReleaseInfo
+    {
+        public string Version { get; set; }
+        public string ChangeLog { get; set; }
+        public DateTime BuildDate { get; set; }
+    }
+}
--- a/src/isnd/Data/Package.cs
+++ b/src/isnd/Data/Package.cs
@ -0,0 +1,27 @@
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+using Newtonsoft.Json;
+
+namespace isn.Data
+{
+    public class Package
+    {
+        [Key][Required]
+        public string Id { get; set; }
+
+        [Required]
+        [ForeignKey("Owner")]
+        public string OwnerId { get; set; }
+
+        [StringLength(1024)]
+        public string Description { get; set; }
+
+        [JsonIgnore]
+        virtual public ApplicationUser Owner { get; set; }
+
+        [JsonIgnore]
+
+        public virtual List<PackageVersion> Versions { get; set; }
+    }
+}
--- a/src/isnd/Data/PackageVersion.cs
+++ b/src/isnd/Data/PackageVersion.cs
@ -0,0 +1,34 @@
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+using Newtonsoft.Json;
+
+namespace isn.Data
+{
+    public class PackageVersion
+    {
+        [Required]
+        [ForeignKey("Package")]
+        public string PackageId { get; set; }
+
+        [Required]
+        public int Major { get; set; }
+        
+        [Required]
+        public int Minor { get; set; }
+        
+        [Required]
+        public int Patch { get; set; }
+
+        [StringLength(256)]
+        [Required]
+        public string FullString { get; set; }
+        public bool IsPrerelease { get; set; }
+
+        [StringLength(256)]
+        public string Type { get; set; }
+
+        [JsonIgnore]
+        public virtual Package Package { get; set; }
+
+    }
+}
--- a/src/isnd/Data/Roles/Administrator.cs
+++ b/src/isnd/Data/Roles/Administrator.cs
@ -0,0 +1,7 @@
+namespace isn.Data.Roles
+{
+    public class AdminStartupList
+    {
+        public string [] Users { get; set;}
+    }
+}
--- a/src/isnd/Entities/NugetSettings.cs
+++ b/src/isnd/Entities/NugetSettings.cs
@ -0,0 +1,10 @@
+namespace isn.Entities
+{
+    public class NugetSettings
+    {
+        public string ProtectionTitle {get; set;}
+        public string PackagesRootDir {get; set;}
+        public int MaxUserKeyCount {get; set;}
+        
+    }
+}
--- a/src/isnd/Entities/SmtpSettings.cs
+++ b/src/isnd/Entities/SmtpSettings.cs
@ -0,0 +1,12 @@
+namespace isn.Entities
+{
+    public class SmtpSettings
+    {
+        public string Server {get; set;}
+        public int Port {get; set;}
+        public string SenderName {get; set;}
+        public string SenderEMail {get; set;}
+        public string UserName {get; set;}
+        public string Password {get; set;}
+    }
+}
--- a/src/isnd/Entities/UnleashClientSettings.cs
+++ b/src/isnd/Entities/UnleashClientSettings.cs
@ -0,0 +1,8 @@
+namespace isnd.Entities
+{
+    public class UnleashClientSettings
+    {
+        public string ClientApiKey { get; set; }
+        public string ApiUrl { get; set; }
+    }
+}
--- a/src/isnd/Extensions/Extensions.cs
+++ b/src/isnd/Extensions/Extensions.cs
@ -0,0 +1,17 @@
+using System;
+using Microsoft.AspNetCore.Mvc;
+
+namespace isn.Data
+{
+    public static class Extensions
+    {
+
+        public static IActionResult LoadingPage(this Controller controller, string viewName, string redirectUri)
+        {
+            controller.HttpContext.Response.StatusCode = 200;
+            controller.HttpContext.Response.Headers["Location"] = "";
+            
+            return controller.View(viewName, new RedirectViewModel { RedirectUrl = redirectUri });
+        }
+    }
+}
--- a/src/isnd/Helpers/NuspecCoreReaderHelpers.cs
+++ b/src/isnd/Helpers/NuspecCoreReaderHelpers.cs
@ -0,0 +1,16 @@
+using System.Linq;
+using System.Xml.Linq;
+using NuGet.Packaging.Core;
+
+namespace isn.Helpers
+{
+    public static class NuspecCoreReaderHelpers
+    {
+        public static string GetDescription(this NuspecCoreReader reader)
+        {
+            var meta = reader.GetMetadata();
+            var kv = meta.SingleOrDefault(i => i.Key == "description");
+            return kv.Value;
+        }
+    }
+}
--- a/src/isnd/Interfaces/IMailer.cs
+++ b/src/isnd/Interfaces/IMailer.cs
@ -0,0 +1,10 @@
+
+using System.Threading.Tasks;
+
+namespace isn.Interfaces
+{
+    public interface IMailer
+    {
+        Task SendMailAsync(string name, string email, string subjet, string body);
+    }
+}
--- a/src/isnd/Migrations/20210424155323_init.Designer.cs
+++ b/src/isnd/Migrations/20210424155323_init.Designer.cs
@ -0,0 +1,230 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20210424155323_init")]
+    partial class init
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Migrations/20210424155323_init.cs
+++ b/src/isnd/Migrations/20210424155323_init.cs
@ -0,0 +1,219 @@
+using System;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+
+namespace nugethost.Migrations
+{
+    public partial class init : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "AspNetRoles",
+                columns: table => new
+                {
+                    Id = table.Column<string>(nullable: false),
+                    Name = table.Column<string>(maxLength: 256, nullable: true),
+                    NormalizedName = table.Column<string>(maxLength: 256, nullable: true),
+                    ConcurrencyStamp = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetRoles", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUsers",
+                columns: table => new
+                {
+                    Id = table.Column<string>(nullable: false),
+                    UserName = table.Column<string>(maxLength: 256, nullable: true),
+                    NormalizedUserName = table.Column<string>(maxLength: 256, nullable: true),
+                    Email = table.Column<string>(maxLength: 256, nullable: true),
+                    NormalizedEmail = table.Column<string>(maxLength: 256, nullable: true),
+                    EmailConfirmed = table.Column<bool>(nullable: false),
+                    PasswordHash = table.Column<string>(nullable: true),
+                    SecurityStamp = table.Column<string>(nullable: true),
+                    ConcurrencyStamp = table.Column<string>(nullable: true),
+                    PhoneNumber = table.Column<string>(nullable: true),
+                    PhoneNumberConfirmed = table.Column<bool>(nullable: false),
+                    TwoFactorEnabled = table.Column<bool>(nullable: false),
+                    LockoutEnd = table.Column<DateTimeOffset>(nullable: true),
+                    LockoutEnabled = table.Column<bool>(nullable: false),
+                    AccessFailedCount = table.Column<int>(nullable: false),
+                    FullName = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUsers", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetRoleClaims",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false)
+                        .Annotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn),
+                    RoleId = table.Column<string>(nullable: false),
+                    ClaimType = table.Column<string>(nullable: true),
+                    ClaimValue = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetRoleClaims", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_AspNetRoleClaims_AspNetRoles_RoleId",
+                        column: x => x.RoleId,
+                        principalTable: "AspNetRoles",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserClaims",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false)
+                        .Annotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn),
+                    UserId = table.Column<string>(nullable: false),
+                    ClaimType = table.Column<string>(nullable: true),
+                    ClaimValue = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserClaims", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_AspNetUserClaims_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserLogins",
+                columns: table => new
+                {
+                    LoginProvider = table.Column<string>(nullable: false),
+                    ProviderKey = table.Column<string>(nullable: false),
+                    ProviderDisplayName = table.Column<string>(nullable: true),
+                    UserId = table.Column<string>(nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserLogins", x => new { x.LoginProvider, x.ProviderKey });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserLogins_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserRoles",
+                columns: table => new
+                {
+                    UserId = table.Column<string>(nullable: false),
+                    RoleId = table.Column<string>(nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserRoles", x => new { x.UserId, x.RoleId });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserRoles_AspNetRoles_RoleId",
+                        column: x => x.RoleId,
+                        principalTable: "AspNetRoles",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                    table.ForeignKey(
+                        name: "FK_AspNetUserRoles_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserTokens",
+                columns: table => new
+                {
+                    UserId = table.Column<string>(nullable: false),
+                    LoginProvider = table.Column<string>(nullable: false),
+                    Name = table.Column<string>(nullable: false),
+                    Value = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserTokens", x => new { x.UserId, x.LoginProvider, x.Name });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserTokens_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetRoleClaims_RoleId",
+                table: "AspNetRoleClaims",
+                column: "RoleId");
+
+            migrationBuilder.CreateIndex(
+                name: "RoleNameIndex",
+                table: "AspNetRoles",
+                column: "NormalizedName",
+                unique: true);
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserClaims_UserId",
+                table: "AspNetUserClaims",
+                column: "UserId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserLogins_UserId",
+                table: "AspNetUserLogins",
+                column: "UserId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserRoles_RoleId",
+                table: "AspNetUserRoles",
+                column: "RoleId");
+
+            migrationBuilder.CreateIndex(
+                name: "EmailIndex",
+                table: "AspNetUsers",
+                column: "NormalizedEmail");
+
+            migrationBuilder.CreateIndex(
+                name: "UserNameIndex",
+                table: "AspNetUsers",
+                column: "NormalizedUserName",
+                unique: true);
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "AspNetRoleClaims");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserClaims");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserLogins");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserRoles");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserTokens");
+
+            migrationBuilder.DropTable(
+                name: "AspNetRoles");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUsers");
+        }
+    }
+}
--- a/src/isnd/Migrations/20210502153508_api-keys.Designer.cs
+++ b/src/isnd/Migrations/20210502153508_api-keys.Designer.cs
@ -0,0 +1,253 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20210502153508_api-keys")]
+    partial class apikeys
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKey", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKey", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Migrations/20210502153508_api-keys.cs
+++ b/src/isnd/Migrations/20210502153508_api-keys.cs
@ -0,0 +1,39 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace nugethost.Migrations
+{
+    public partial class apikeys : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "ApiKeys",
+                columns: table => new
+                {
+                    Id = table.Column<string>(nullable: false),
+                    UserId = table.Column<string>(nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_ApiKeys", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_ApiKeys_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_ApiKeys_UserId",
+                table: "ApiKeys",
+                column: "UserId");
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "ApiKeys");
+        }
+    }
+}
--- a/src/isnd/Migrations/20210508012908_ApkiKey.CreationDate.Designer.cs
+++ b/src/isnd/Migrations/20210508012908_ApkiKey.CreationDate.Designer.cs
@ -0,0 +1,259 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20210508012908_ApkiKey.CreationDate")]
+    partial class ApkiKeyCreationDate
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("CreationDate");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.Property<int>("ValidityPeriodInDays");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Migrations/20210508012908_ApkiKey.CreationDate.cs
+++ b/src/isnd/Migrations/20210508012908_ApkiKey.CreationDate.cs
@ -0,0 +1,43 @@
+using System;
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace nugethost.Migrations
+{
+    public partial class ApkiKeyCreationDate : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.AddColumn<DateTime>(
+                name: "CreationDate",
+                table: "ApiKeys",
+                nullable: false,
+                defaultValue: new DateTime(1, 1, 1, 0, 0, 0, 0, DateTimeKind.Unspecified));
+
+            migrationBuilder.AddColumn<string>(
+                name: "Name",
+                table: "ApiKeys",
+                nullable: true);
+
+            migrationBuilder.AddColumn<int>(
+                name: "ValidityPeriodInDays",
+                table: "ApiKeys",
+                nullable: false,
+                defaultValue: 0);
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropColumn(
+                name: "CreationDate",
+                table: "ApiKeys");
+
+            migrationBuilder.DropColumn(
+                name: "Name",
+                table: "ApiKeys");
+
+            migrationBuilder.DropColumn(
+                name: "ValidityPeriodInDays",
+                table: "ApiKeys");
+        }
+    }
+}
--- a/src/isnd/Migrations/20210516060430_packages.Designer.cs
+++ b/src/isnd/Migrations/20210516060430_packages.Designer.cs
@ -0,0 +1,316 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20210516060430_packages")]
+    partial class packages
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("CreationDate");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.Property<int>("ValidityPeriodInDays");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Description");
+
+                    b.Property<string>("OwnerId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("OwnerId");
+
+                    b.ToTable("Packages");
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.Property<string>("FullString")
+                        .ValueGeneratedOnAdd()
+                        .HasMaxLength(32);
+
+                    b.Property<bool>("IsPrerelease");
+
+                    b.Property<int>("Major");
+
+                    b.Property<int>("Minor");
+
+                    b.Property<string>("PackageId")
+                        .IsRequired();
+
+                    b.Property<int>("Patch");
+
+                    b.HasKey("FullString");
+
+                    b.HasIndex("PackageId");
+
+                    b.ToTable("PackageVersions");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "Owner")
+                        .WithMany()
+                        .HasForeignKey("OwnerId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.HasOne("isn.Data.Package", "Package")
+                        .WithMany()
+                        .HasForeignKey("PackageId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Migrations/20210516060430_packages.cs
+++ b/src/isnd/Migrations/20210516060430_packages.cs
@ -0,0 +1,70 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace nugethost.Migrations
+{
+    public partial class packages : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "Packages",
+                columns: table => new
+                {
+                    Id = table.Column<string>(nullable: false),
+                    OwnerId = table.Column<string>(nullable: false),
+                    Description = table.Column<string>(nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Packages", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Packages_AspNetUsers_OwnerId",
+                        column: x => x.OwnerId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "PackageVersions",
+                columns: table => new
+                {
+                    FullString = table.Column<string>(maxLength: 32, nullable: false),
+                    PackageId = table.Column<string>(nullable: false),
+                    Major = table.Column<int>(nullable: false),
+                    Minor = table.Column<int>(nullable: false),
+                    Patch = table.Column<int>(nullable: false),
+                    IsPrerelease = table.Column<bool>(nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_PackageVersions", x => x.FullString);
+                    table.ForeignKey(
+                        name: "FK_PackageVersions_Packages_PackageId",
+                        column: x => x.PackageId,
+                        principalTable: "Packages",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Packages_OwnerId",
+                table: "Packages",
+                column: "OwnerId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_PackageVersions_PackageId",
+                table: "PackageVersions",
+                column: "PackageId");
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "PackageVersions");
+
+            migrationBuilder.DropTable(
+                name: "Packages");
+        }
+    }
+}
--- a/src/isnd/Migrations/20210522194803_packageVersionKey.Designer.cs
+++ b/src/isnd/Migrations/20210522194803_packageVersionKey.Designer.cs
@ -0,0 +1,312 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20210522194803_packageVersionKey")]
+    partial class packageVersionKey
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("CreationDate");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.Property<int>("ValidityPeriodInDays");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Description");
+
+                    b.Property<string>("OwnerId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("OwnerId");
+
+                    b.ToTable("Packages");
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.Property<string>("PackageId");
+
+                    b.Property<string>("FullString")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("IsPrerelease");
+
+                    b.Property<int>("Major");
+
+                    b.Property<int>("Minor");
+
+                    b.Property<int>("Patch");
+
+                    b.HasKey("PackageId", "FullString");
+
+                    b.ToTable("PackageVersions");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "Owner")
+                        .WithMany()
+                        .HasForeignKey("OwnerId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.HasOne("isn.Data.Package", "Package")
+                        .WithMany()
+                        .HasForeignKey("PackageId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Migrations/20210522194803_packageVersionKey.cs
+++ b/src/isnd/Migrations/20210522194803_packageVersionKey.cs
@ -0,0 +1,56 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace nugethost.Migrations
+{
+    public partial class packageVersionKey : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions");
+
+            migrationBuilder.DropIndex(
+                name: "IX_PackageVersions_PackageId",
+                table: "PackageVersions");
+
+            migrationBuilder.AlterColumn<string>(
+                name: "FullString",
+                table: "PackageVersions",
+                maxLength: 256,
+                nullable: false,
+                oldClrType: typeof(string),
+                oldMaxLength: 32);
+
+            migrationBuilder.AddPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions",
+                columns: new[] { "PackageId", "FullString" });
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions");
+
+            migrationBuilder.AlterColumn<string>(
+                name: "FullString",
+                table: "PackageVersions",
+                maxLength: 32,
+                nullable: false,
+                oldClrType: typeof(string),
+                oldMaxLength: 256);
+
+            migrationBuilder.AddPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions",
+                column: "FullString");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_PackageVersions_PackageId",
+                table: "PackageVersions",
+                column: "PackageId");
+        }
+    }
+}
--- a/src/isnd/Migrations/20210621214109_version-types.Designer.cs
+++ b/src/isnd/Migrations/20210621214109_version-types.Designer.cs
@ -0,0 +1,316 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("20210621214109_version-types")]
+    partial class versiontypes
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("CreationDate");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.Property<int>("ValidityPeriodInDays");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Description")
+                        .HasMaxLength(1024);
+
+                    b.Property<string>("OwnerId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("OwnerId");
+
+                    b.ToTable("Packages");
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.Property<string>("PackageId");
+
+                    b.Property<string>("FullString")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("Type")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("IsPrerelease");
+
+                    b.Property<int>("Major");
+
+                    b.Property<int>("Minor");
+
+                    b.Property<int>("Patch");
+
+                    b.HasKey("PackageId", "FullString", "Type");
+
+                    b.ToTable("PackageVersions");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "Owner")
+                        .WithMany()
+                        .HasForeignKey("OwnerId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.HasOne("isn.Data.Package", "Package")
+                        .WithMany("Versions")
+                        .HasForeignKey("PackageId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Migrations/20210621214109_version-types.cs
+++ b/src/isnd/Migrations/20210621214109_version-types.cs
@ -0,0 +1,58 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace nugethost.Migrations
+{
+    public partial class versiontypes : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions");
+
+            migrationBuilder.AddColumn<string>(
+                name: "Type",
+                table: "PackageVersions",
+                maxLength: 256,
+                nullable: false,
+                defaultValue: "");
+
+            migrationBuilder.AlterColumn<string>(
+                name: "Description",
+                table: "Packages",
+                maxLength: 1024,
+                nullable: true,
+                oldClrType: typeof(string),
+                oldNullable: true);
+
+            migrationBuilder.AddPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions",
+                columns: new[] { "PackageId", "FullString", "Type" });
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions");
+
+            migrationBuilder.DropColumn(
+                name: "Type",
+                table: "PackageVersions");
+
+            migrationBuilder.AlterColumn<string>(
+                name: "Description",
+                table: "Packages",
+                nullable: true,
+                oldClrType: typeof(string),
+                oldMaxLength: 1024,
+                oldNullable: true);
+
+            migrationBuilder.AddPrimaryKey(
+                name: "PK_PackageVersions",
+                table: "PackageVersions",
+                columns: new[] { "PackageId", "FullString" });
+        }
+    }
+}
--- a/src/isnd/Migrations/ApplicationDbContextModelSnapshot.cs
+++ b/src/isnd/Migrations/ApplicationDbContextModelSnapshot.cs
@ -0,0 +1,314 @@
+// <auto-generated />
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+using isn.Data;
+
+namespace nugethost.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    partial class ApplicationDbContextModelSnapshot : ModelSnapshot
+    {
+        protected override void BuildModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.SerialColumn)
+                .HasAnnotation("ProductVersion", "2.2.6-servicing-10079")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("ClaimType");
+
+                    b.Property<string>("ClaimValue");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("ProviderKey");
+
+                    b.Property<string>("ProviderDisplayName");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("RoleId");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId");
+
+                    b.Property<string>("LoginProvider");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("Value");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens");
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<DateTime>("CreationDate");
+
+                    b.Property<string>("Name");
+
+                    b.Property<string>("UserId")
+                        .IsRequired();
+
+                    b.Property<int>("ValidityPeriodInDays");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("ApiKeys");
+                });
+
+            modelBuilder.Entity("isn.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<int>("AccessFailedCount");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken();
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("EmailConfirmed");
+
+                    b.Property<string>("FullName");
+
+                    b.Property<bool>("LockoutEnabled");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("PasswordHash");
+
+                    b.Property<string>("PhoneNumber");
+
+                    b.Property<bool>("PhoneNumberConfirmed");
+
+                    b.Property<string>("SecurityStamp");
+
+                    b.Property<bool>("TwoFactorEnabled");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers");
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.Property<string>("Id")
+                        .ValueGeneratedOnAdd();
+
+                    b.Property<string>("Description")
+                        .HasMaxLength(1024);
+
+                    b.Property<string>("OwnerId")
+                        .IsRequired();
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("OwnerId");
+
+                    b.ToTable("Packages");
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.Property<string>("PackageId");
+
+                    b.Property<string>("FullString")
+                        .HasMaxLength(256);
+
+                    b.Property<string>("Type")
+                        .HasMaxLength(256);
+
+                    b.Property<bool>("IsPrerelease");
+
+                    b.Property<int>("Major");
+
+                    b.Property<int>("Minor");
+
+                    b.Property<int>("Patch");
+
+                    b.HasKey("PackageId", "FullString", "Type");
+
+                    b.ToTable("PackageVersions");
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole")
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade);
+
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.ApiKeys.ApiKey", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.Package", b =>
+                {
+                    b.HasOne("isn.Data.ApplicationUser", "Owner")
+                        .WithMany()
+                        .HasForeignKey("OwnerId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("isn.Data.PackageVersion", b =>
+                {
+                    b.HasOne("isn.Data.Package", "Package")
+                        .WithMany("Versions")
+                        .HasForeignKey("PackageId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
--- a/src/isnd/Program.cs
+++ b/src/isnd/Program.cs
@ -0,0 +1,25 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Logging;
+
+namespace isn
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            BuildWebHost(args).Run();
+        }
+
+        public static IWebHost BuildWebHost(string[] args) =>
+            WebHost.CreateDefaultBuilder(args)
+                .UseStartup<Startup>()
+                .Build();
+    }
+}
--- a/src/isnd/Services/EmailSender.cs
+++ b/src/isnd/Services/EmailSender.cs
@ -0,0 +1,68 @@
+
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity.UI.Services;
+using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Hosting;
+using MailKit.Net.Smtp;
+using MimeKit;
+
+using System;
+using isn.Interfaces;
+using isn.Entities;
+
+namespace isn.Services
+{
+    public class EmailSender : IEmailSender, IMailer
+    {
+        public EmailSender(IOptions<SmtpSettings> smtpSettings,
+         Microsoft.AspNetCore.Hosting.IHostingEnvironment env)
+        {
+            Options = smtpSettings.Value;
+            Env = env;
+        }
+        public SmtpSettings Options { get; } //set only via Secret Manager
+        public Microsoft.AspNetCore.Hosting.IHostingEnvironment Env { get; }
+        public Task SendEmailAsync(string email, string subject, string message)
+        {
+            return Execute(Options.SenderName, subject, message, email);
+        }
+
+        public async Task Execute(string name, string subject, string message, string email)
+        {
+            await SendMailAsync(name, email, subject, message);
+        }
+
+        public async Task SendMailAsync(string name, string email, string subjet, string body)
+        {
+            try {
+                var message = new MimeMessage();
+                message.From.Add(new MailboxAddress(Options.SenderName, Options.SenderEMail));
+                message.To.Add(new MailboxAddress(name??email, email));
+                message.Body = new TextPart("html") { Text = body };
+                using (var client = new SmtpClient())
+                {
+                    client.ServerCertificateValidationCallback = (s,c,h,e)=>true;
+                    if (Env.IsDevelopment() || Options.UserName == null)
+                    {
+                        await client.ConnectAsync(Options.Server, Options.Port, MailKit.Security.SecureSocketOptions.None);
+                    }
+                    else
+                    {
+                        await client.ConnectAsync(Options.Server);
+                    }
+                    if (Options.UserName != null)
+                    {
+                        await client.AuthenticateAsync(Options.UserName, Options.Password);
+                    }
+                    await client.SendAsync(message);
+                    await client.DisconnectAsync(true);
+                }
+            }
+            catch (Exception e)
+            {
+                throw new InvalidOperationException(e.Message);
+            }
+        }
+    }
+}
--- a/src/isnd/Services/PackageManager.cs
+++ b/src/isnd/Services/PackageManager.cs
@ -0,0 +1,140 @@
+using System.Collections.Generic;
+using System.Linq;
+using isn.Controllers;
+using isn.Data;
+using Microsoft.EntityFrameworkCore;
+using NuGet.Versioning;
+using Unleash;
+
+namespace isnd.Services
+{
+    public class PackageManager
+    {
+        ApplicationDbContext dbContext;
+        public PackageManager(ApplicationDbContext dbContext)
+        {
+            this.dbContext = dbContext;
+        }
+        public IndexResult SearchByName(string query, 
+             int skip, int take,bool prerelease = false, 
+             string packageType = null)
+        {
+            var scope = dbContext.Packages
+                .Include(p => p.Versions)
+                .Where(
+                    p => (CamelCaseMatch(p.Id, query) || SeparatedByMinusMatch(p.Id, query))
+                    && (prerelease || p.Versions.Any(v => !v.IsPrerelease))
+                    && (packageType == null || p.Versions.Any(v => v.Type == packageType))
+                );
+            return new IndexResult
+                {
+                    totalHits = scope.Count(),
+                    data = scope.OrderBy(p => p.Id)
+                    .Skip(skip).Take(take).ToArray()
+                };
+        }
+        public AutoCompleteResult AutoComplete (string id, 
+             int skip, int take, bool prerelease = false, 
+             string packageType = null)
+        {
+            var scope = dbContext.PackageVersions.Where(
+                         v => v.PackageId == id
+                            && (prerelease || !v.IsPrerelease)
+                            && (packageType == null || v.Type == packageType)
+                     )
+                     .OrderBy(v => v.FullString);
+            return new AutoCompleteResult
+                {
+                    totalHits = scope.Count(),
+                    data = scope.Select(v => v.FullString)
+                     .Skip(skip).Take(take).ToArray()
+                };
+        }
+
+        // TODO stocker MetaData plutôt que FullString en base,
+        // et en profiter pour corriger ce listing
+        public string[] GetVersions(
+            string id,
+            NuGetVersion parsedVersion,
+            bool prerelease = false,
+            string packageType = null,
+            int skip = 0,
+            int take = 25)
+        {
+            return dbContext.PackageVersions.Where(
+                         v => v.PackageId == id
+                            && (prerelease || !v.IsPrerelease)
+                            && (packageType == null || v.Type == packageType)
+                            && (parsedVersion.CompareTo(new SemanticVersion(v.Major, v.Minor, v.Patch)) < 0)
+                     )
+                     .OrderBy(v => v.FullString)
+                     .Select(v => v.FullString)
+                     .Skip(skip).Take(take).ToArray();
+        }
+
+        protected static bool CamelCaseMatch(string id, string q)
+        {
+            // Assert.False (q==null);
+            string query = q;
+            if (query.Length == 0) return false;
+
+            while (id.Length > 0)
+            {
+                int i = 0;
+                while (id.Length > i && char.IsLower(id[i])) i++;
+                if (i == 0) break;
+                id = id.Substring(i);
+                if (id.StartsWith(q, System.StringComparison.OrdinalIgnoreCase)) return true;
+            }
+            return false;
+        }
+        protected static bool SeparatedByMinusMatch(string id, string q)
+        {
+            foreach (var part in id.Split('-'))
+            {
+                if (part.StartsWith(q, System.StringComparison.OrdinalIgnoreCase)) return true;
+            }
+            return false;
+        }
+
+        internal List<Resource> GetResources(IUnleash unleashClient)
+        {
+            var res = new List<Resource>();
+            if (unleashClient.IsEnabled("pkg-push"))
+                res.Add(
+                    new Resource
+                    {
+                        id = "package",
+                        type = "PackagePublish/2.0.0",
+                        comment = "Package Publish service"
+                    });
+            if (unleashClient.IsEnabled("pkg-get"))
+                res.Add(
+                    new Resource
+                    {
+                        id = "package",
+                        type = "PackageBaseAddress/3.0.0",
+                        comment = "Package Base Address service"
+                    });
+            if (unleashClient.IsEnabled("pkg-autocomplete"))
+                res.Add(
+                    new Resource
+                    {
+                        id = "package/index.json",
+                        type = "SearchAutocompleteService/3.5.0",
+                        comment = "Auto complete service"
+                    });
+            if (unleashClient.IsEnabled("pkg-search"))
+                res.Add(
+                    new Resource
+                    {
+                        id = "package/index.json",
+                        type = "SearchQueryService/3.5.0",
+                        comment = "Search Query service"
+                    });
+            return res;
+
+        }
+
+    }
+}
--- a/src/isnd/Services/SearchResult.cs
+++ b/src/isnd/Services/SearchResult.cs
@ -0,0 +1,16 @@
+using isn.Data;
+
+namespace isnd.Services
+{
+    public class IndexResult
+    {
+        public int totalHits { get; set; }
+        public Package[] data  { get; set; }
+    }
+
+    public class AutoCompleteResult
+    {
+        public int totalHits { get; set; }
+        public string[] data  { get; set; }
+    }
+}
--- a/src/isnd/Startup.cs
+++ b/src/isnd/Startup.cs
@ -0,0 +1,122 @@
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
+using Microsoft.Extensions.Hosting;
+using isn.Data;
+using isn.Interfaces;
+using isn.Services;
+using isn.Entities;
+using isn.Authorization;
+using isn.Data.Roles;
+using Microsoft.AspNetCore.Authorization;
+using Unleash;
+using System.Collections.Generic;
+using System;
+using Unleash.ClientFactory;
+using isnd.Entities;
+using Microsoft.Extensions.Options;
+
+namespace isn
+{
+    public class Startup
+    {
+        public Startup(IConfiguration config)
+        {
+            Configuration = config;
+
+        }
+
+        public IConfiguration Configuration { get; }
+
+        // This method gets called by the runtime. Use this method to add services to the container.
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddDbContext<ApplicationDbContext>(options =>
+                options.UseNpgsql(
+                    Configuration.GetConnectionString("DefaultConnection")));
+
+
+            services.AddIdentity<ApplicationUser, IdentityRole>()
+            .AddRoles<IdentityRole>()
+            .AddEntityFrameworkStores<ApplicationDbContext>()
+                .AddSignInManager()
+                .AddDefaultUI()
+                .AddDefaultTokenProviders();
+
+            services.AddMvc();
+
+            services.AddDataProtection();
+
+            services.AddTransient<IMailer, EmailSender>();
+            services.AddTransient<IEmailSender, EmailSender>();
+
+            services.AddAuthorization(options =>
+            {
+                options.AddPolicy(Constants.RequireAdminPolicyName,
+                    policy => policy.RequireRole(Constants.AdministratorRoleName));
+                options.AddPolicy(Constants.RequireValidApiKey, policy =>
+                    policy.Requirements.Add(new ValidApiKeyRequirement()));
+
+            });
+
+            services.AddSingleton<IAuthorizationHandler, ValidApiKeyRequirementHandler>();
+
+            var smtpSettingsconf = Configuration.GetSection("Smtp");
+            services.Configure<SmtpSettings>(smtpSettingsconf);
+            var nugetSettingsconf = Configuration.GetSection("Nuget");
+            services.Configure<NugetSettings>(nugetSettingsconf);
+            var adminStartupListConf = Configuration.GetSection("AdminList");
+            services.Configure<AdminStartupList>(adminStartupListConf);
+            var unleashConf = Configuration.GetSection("Unleash");
+            services.Configure<UnleashClientSettings>(unleashConf);
+            services.Configure<MigrationsEndPointOptions>(o => o.Path = "~/migrate");
+        }
+
+
+        public static IUnleash UnleashĈlient { get; private set; }
+
+
+        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
+        public void Configure(IApplicationBuilder app, 
+        Microsoft.AspNetCore.Hosting.IHostingEnvironment env,
+        IOptions<UnleashClientSettings> unleashClientSettings,
+        ApplicationDbContext dbContext)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+                app.UseMigrationsEndPoint();
+            }
+            else
+            {
+                // app.UseExceptionHandler("/Home/Error");
+                app.UseDeveloperExceptionPage();
+                dbContext.Database.Migrate();
+            }
+
+            var unleashSettings = new UnleashSettings
+            {
+                UnleashApi = new Uri(unleashClientSettings.Value.ApiUrl),
+                AppName = "isnd",
+                Environment = env.EnvironmentName,
+                CustomHttpHeaders = new Dictionary<string, string>
+                {
+                    { "Authorization", unleashClientSettings.Value.ClientApiKey }
+                }
+            };
+            UnleashClientFactory unleashClientFactory = new UnleashClientFactory();
+            UnleashĈlient = unleashClientFactory.CreateClient(unleashSettings);
+
+            app.UseStatusCodePages().UseStaticFiles().UseAuthentication().UseMvc(routes =>
+            {
+                routes.MapRoute(
+                    name: "default",
+                    template: "{controller=PackageVersion}/{action=Index}/{PackageId?}");
+            });
+        }
+    }
+}
--- a/src/isnd/ViewModels/HomeIndexViewModel.cs
+++ b/src/isnd/ViewModels/HomeIndexViewModel.cs
@ -0,0 +1,11 @@
+using Unleash;
+
+namespace isn.ViewModels
+{
+    public class HomeIndexViewModel
+    {
+        public int PkgCount { get; set; }
+        public IUnleash UnleashClient;
+
+    }
+}
--- a/src/isnd/ViewModels/PackageVersionIndexViewModel.cs
+++ b/src/isnd/ViewModels/PackageVersionIndexViewModel.cs
@ -0,0 +1,11 @@
+using System.Collections.Generic;
+using isn.Data;
+
+namespace isn.ViewModels
+{
+    public class PackageVersionIndexViewModel
+    {
+        public List<PackageVersion> Versions {get; set;}
+        public string PackageId { get; set; }
+    }
+}
--- a/src/isnd/Views/Account/AccessDenied.cshtml
+++ b/src/isnd/Views/Account/AccessDenied.cshtml
@ -0,0 +1,7 @@
+
+<div class="container">
+    <div class="lead">
+        <h1>Access Denied</h1>
+        <p>You do not have access to that resource.</p>
+    </div>
+</div>
--- a/src/isnd/Views/Account/LoggedOut.cshtml
+++ b/src/isnd/Views/Account/LoggedOut.cshtml
@ -0,0 +1,34 @@
+@model LoggedOutViewModel
+
+@{ 
+    // set this so the layout rendering sees an anonymous user
+    ViewData["signed-out"] = true;
+}
+
+<div class="logged-out-page">
+    <h1>
+        Logout
+        <small>You are now logged out</small>
+    </h1>
+
+    @if (Model.PostLogoutRedirectUri != null)
+    {
+        <div>
+            Click <a class="PostLogoutRedirectUri" href="@Model.PostLogoutRedirectUri">here</a> to return to the
+            <span>@Model.ClientName</span> application.
+        </div>
+    }
+
+    @if (Model.SignOutIframeUrl != null)
+    {
+        <iframe width="0" height="0" class="signout" src="@Model.SignOutIframeUrl"></iframe>
+    }
+</div>
+
+@section scripts
+{
+    @if (Model.AutomaticRedirectAfterSignOut)
+    {
+        <script src="~/js/signout-redirect.js"></script>
+    }
+}
--- a/src/isnd/Views/Account/Login.cshtml
+++ b/src/isnd/Views/Account/Login.cshtml
@ -0,0 +1,87 @@
+@model LoginViewModel
+
+<div class="login-page">
+    <div class="lead">
+        <h1>Login</h1>
+        <p>Choose how to login</p>
+    </div>
+
+    <partial name="_ValidationSummary" />
+
+    <div class="row">
+
+        @if (Model.EnableLocalLogin)
+        {
+            <div class="col-sm-6">
+                <div class="card">
+                    <div class="card-header">
+                        <h2>Local Account</h2>
+                    </div>
+
+                    <div class="card-body">
+                        <form asp-route="Login">
+                            <input type="hidden" asp-for="ReturnUrl" />
+
+                            <div class="form-group">
+                                <label asp-for="Username"></label>
+                                <input class="form-control" placeholder="Username" asp-for="Username" autofocus>
+                            </div>
+                            <div class="form-group">
+                                <label asp-for="Password"></label>
+                                <input type="password" class="form-control" placeholder="Password" asp-for="Password" autocomplete="off">
+                            </div>
+                            @if (Model.AllowRememberLogin)
+                            {
+                                <div class="form-group">
+                                    <div class="form-check">
+                                        <input class="form-check-input" asp-for="RememberLogin">
+                                        <label class="form-check-label" asp-for="RememberLogin">
+                                            Remember My Login
+                                        </label>
+                                    </div>
+                                </div>
+                            }
+                            <button class="btn btn-primary" name="button" value="login">Login</button>
+                            <button class="btn btn-secondary" name="button" value="cancel">Cancel</button>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        }
+
+        @if (Model.VisibleExternalProviders.Any())
+        {
+            <div class="col-sm-6">
+                <div class="card">
+                    <div class="card-header">
+                        <h2>External Account</h2>
+                    </div>
+                    <div class="card-body">
+                        <ul class="list-inline">
+                            @foreach (var provider in Model.VisibleExternalProviders)
+                            {
+                                <li class="list-inline-item">
+                                    <a class="btn btn-secondary"
+                                       asp-controller="External"
+                                       asp-action="Challenge"
+                                       asp-route-scheme="@provider.AuthenticationScheme"
+                                       asp-route-returnUrl="@Model.ReturnUrl">
+                                        @provider.DisplayName
+                                    </a>
+                                </li>
+                            }
+                        </ul>
+                    </div>
+                </div>
+            </div>
+        }
+
+        @if (!Model.EnableLocalLogin && !Model.VisibleExternalProviders.Any())
+        {
+            <div class="alert alert-warning">
+                <strong>Invalid login request</strong>
+                There are no login schemes configured for this request.
+            </div>
+        }
+    </div>
+</div>
--- a/src/isnd/Views/Account/Logout.cshtml
+++ b/src/isnd/Views/Account/Logout.cshtml
@ -0,0 +1,15 @@
+@model LogoutViewModel
+
+<div class="logout-page">
+    <div class="lead">
+        <h1>Logout</h1>
+        <p>Would you like to logut of IdentityServer?</p>
+    </div>
+
+    <form asp-action="Logout">
+        <input type="hidden" name="logoutId" value="@Model.LogoutId"  />
+        <div class="form-group">
+            <button class="btn btn-primary">Yes</button>
+        </div>
+    </form>
+</div>
--- a/src/isnd/Views/Account/Register.cshtml
+++ b/src/isnd/Views/Account/Register.cshtml
@ -0,0 +1,49 @@
+@model RegisterViewModel
+@{
+    ViewData["Title"] = "Register";
+}
+
+<h1>@ViewData["Title"].</h1>
+
+<form asp-controller="Account" asp-action="Register" asp-route-returnurl="@ViewData["ReturnUrl"]" method="post" class="form-horizontal" role="form">
+    <h4>Create a new account.</h4>
+    <hr />
+    <div asp-validation-summary="All" class="text-danger"></div>
+    <div class="form-group">
+        <label asp-for="FullName" class="col-md-2 control-label"></label>
+        <div class="col-md-10">
+            <input asp-for="FullName" class="form-control" />
+            <span asp-validation-for="FullName" class="text-danger"></span>
+        </div>
+    </div>
+    <div class="form-group">
+        <label asp-for="Email" class="col-md-2 control-label"></label>
+        <div class="col-md-10">
+            <input asp-for="Email" class="form-control" />
+            <span asp-validation-for="Email" class="text-danger"></span>
+        </div>
+    </div>
+    <div class="form-group">
+        <label asp-for="Password" class="col-md-2 control-label"></label>
+        <div class="col-md-10">
+            <input asp-for="Password" class="form-control" />
+            <span asp-validation-for="Password" class="text-danger"></span>
+        </div>
+    </div>
+    <div class="form-group">
+        <label asp-for="ConfirmPassword" class="col-md-2 control-label"></label>
+        <div class="col-md-10">
+            <input asp-for="ConfirmPassword" class="form-control" />
+            <span asp-validation-for="ConfirmPassword" class="text-danger"></span>
+        </div>
+    </div>
+    <div class="form-group">
+        <div class="col-md-offset-2 col-md-10">
+            <button type="submit" class="btn btn-default">Register</button>
+        </div>
+    </div>
+</form>
+
+@section Scripts {
+    @{ await Html.RenderPartialAsync("_ValidationScriptsPartial"); }
+}
--- a/src/isnd/Views/ApiKeys/Create.cshtml
+++ b/src/isnd/Views/ApiKeys/Create.cshtml
@ -0,0 +1,35 @@
+
+@model isn.Data.ApiKeys.CreateModel
+
+@{
+    ViewData["Title"] = "Create";
+}
+
+<h2>Create</h2>
+
+<h4>ApiKey</h4>
+<hr />
+<div class="row">
+    <div class="col-md-4">
+        <form method="post" asp-controller="ApiKeys">
+            <div asp-validation-summary="ModelOnly" class="text-danger"></div>
+            <div class="form-group">
+                <label asp-for="UserId" class="control-label"></label>
+                <select asp-for="UserId" class ="form-control" asp-items="ViewBag.UserId"></select>
+            </div>
+            <div class="form-group">
+                <label asp-for="Name" class="control-label"></label>
+                <input asp-for="Name" class="form-control" />
+                <span asp-validation-for="Name" class="text-danger"></span>
+            </div>
+            <div class="form-group">
+                <input type="submit" value="Create" class="btn btn-default" />
+            </div>
+        </form>
+    </div>
+</div>
+
+<div>
+    <a asp-action="Index">Back to List</a>
+</div>
+
--- a/src/isnd/Views/ApiKeys/Delete.cshtml
+++ b/src/isnd/Views/ApiKeys/Delete.cshtml
@ -0,0 +1,46 @@
+
+@model isn.Data.ApiKeys.DeleteModel
+
+@{
+    ViewData["Title"] = "Delete";
+}
+
+<h2>Delete</h2>
+
+<h3>Are you sure you want to delete this?</h3>
+<div>
+    <h4>ApiKey</h4>
+    <hr />
+    <dl class="dl-horizontal">
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.User)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.User.Id)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.Name)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.Name)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.CreationDate)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.CreationDate)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.ValidityPeriodInDays)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.ValidityPeriodInDays)
+        </dd>
+    </dl>
+    
+    <form method="post">
+        <input type="hidden" asp-for="ApiKey.Id" />
+        <input type="submit" value="Delete" class="btn btn-default" /> |
+        <a asp-action="Index">Back to List</a>
+    </form>
+</div>
--- a/src/isnd/Views/ApiKeys/Details.cshtml
+++ b/src/isnd/Views/ApiKeys/Details.cshtml
@ -0,0 +1,49 @@
+
+@model isn.Data.ApiKeys.DetailModel
+
+@{
+    ViewData["Title"] = "Details";
+}
+
+<h2>Details</h2>
+
+<div>
+    <h4>ApiKey</h4>
+    <hr />
+    <dl class="dl-horizontal">
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.User)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.User.Id)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.Name)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.Name)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.CreationDate)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.CreationDate)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ApiKey.ValidityPeriodInDays)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ApiKey.ValidityPeriodInDays)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.ProtectedValue)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.ProtectedValue)
+        </dd>
+    </dl>
+</div>
+<div>
+    <a asp-controller="ApiKeys" asp-action="Edit" asp-route-id="@Model.ApiKey.Id">Edit</a> |
+    <a asp-controller="ApiKeys" asp-action="Index">Back to List</a>
+</div>
--- a/src/isnd/Views/ApiKeys/Edit.cshtml
+++ b/src/isnd/Views/ApiKeys/Edit.cshtml
@ -0,0 +1,42 @@
+
+@model isn.Data.ApiKeys.EditModel
+
+@{
+    ViewData["Title"] = "Edit";
+}
+
+<h2>Edit</h2>
+
+<h4>ApiKey</h4>
+<hr />
+<div class="row">
+    <div class="col-md-4">
+        <form method="post">
+            <div asp-validation-summary="ModelOnly" class="text-danger"></div>
+            <input type="hidden" asp-for="ApiKey.Id" />
+            <div class="form-group">
+                <label asp-for="ApiKey.UserId" class="control-label"></label>
+                <select asp-for="ApiKey.UserId" class="form-control" asp-items="ViewBag.UserId"></select>
+                <span asp-validation-for="ApiKey.UserId" class="text-danger"></span>
+            </div>
+            <div class="form-group">
+                <label asp-for="ApiKey.Name" class="control-label"></label>
+                <input asp-for="ApiKey.Name" class="form-control" />
+                <span asp-validation-for="ApiKey.Name" class="text-danger"></span>
+            </div>
+            <div class="form-group">
+                <label asp-for="ApiKey.ValidityPeriodInDays" class="control-label"></label>
+                <input asp-for="ApiKey.ValidityPeriodInDays" class="form-control" />
+                <span asp-validation-for="ApiKey.ValidityPeriodInDays" class="text-danger"></span>
+            </div>
+            <div class="form-group">
+                <input type="submit" value="Save" class="btn btn-default" />
+            </div>
+        </form>
+    </div>
+</div>
+
+<div>
+    <a asp-action="Index">Back to List</a>
+</div>
+
--- a/src/isnd/Views/ApiKeys/Index.cshtml
+++ b/src/isnd/Views/ApiKeys/Index.cshtml
@ -0,0 +1,54 @@
+
+@model isn.Data.ApiKeys.IndexModel
+
+@{
+    ViewData["Title"] = "Index";
+}
+
+<h2>Index</h2>
+
+<p>
+    <a asp-controller="ApiKeys" asp-action="Create">Create New</a>
+</p>
+<table class="table">
+    <thead>
+        <tr>
+            <th>
+                @Html.DisplayNameFor(model => model.ApiKey[0].User)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.ApiKey[0].Name)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.ApiKey[0].CreationDate)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.ApiKey[0].ValidityPeriodInDays)
+            </th>
+            <th></th>
+        </tr>
+    </thead>
+    <tbody>
+@foreach (var item in Model.ApiKey) {
+        <tr>
+            <td>
+                @Html.DisplayFor(modelItem => item.User.Id)
+            </td>
+            <td>
+                @Html.DisplayFor(modelItem => item.Name)
+            </td>
+            <td>
+                @Html.DisplayFor(modelItem => item.CreationDate)
+            </td>
+            <td>
+                @Html.DisplayFor(modelItem => item.ValidityPeriodInDays)
+            </td>
+            <td>
+                <a asp-controller="ApiKeys"  asp-action="Edit" asp-route-id="@item.Id">Edit</a> |
+                <a asp-controller="ApiKeys"  asp-action="Details" asp-route-id="@item.Id">Details</a> |
+                <a asp-controller="ApiKeys"  asp-action="Delete" asp-route-id="@item.Id">Delete</a>
+            </td>
+        </tr>
+}
+    </tbody>
+</table>
--- a/src/isnd/Views/Home/About.cshtml
+++ b/src/isnd/Views/Home/About.cshtml
@ -0,0 +1,7 @@
+@{
+    ViewData["Title"] = "About";
+}
+<h2>@ViewData["Title"]</h2>
+<h3>@ViewData["Message"]</h3>
+
+<p>Use this area to provide additional information.</p>
--- a/src/isnd/Views/Home/Contact.cshtml
+++ b/src/isnd/Views/Home/Contact.cshtml
@ -0,0 +1,17 @@
+@{
+    ViewData["Title"] = "Contact";
+}
+<h2>@ViewData["Title"]</h2>
+<h3>@ViewData["Message"]</h3>
+
+<address>
+    One Microsoft Way<br />
+    Redmond, WA 98052-6399<br />
+    <abbr title="Phone">P:</abbr>
+    425.555.0100
+</address>
+
+<address>
+    <strong>Support:</strong> <a href="mailto:Support@example.com">Support@example.com</a><br />
+    <strong>Marketing:</strong> <a href="mailto:Marketing@example.com">Marketing@example.com</a>
+</address>
--- a/src/isnd/Views/Home/Error.cshtml
+++ b/src/isnd/Views/Home/Error.cshtml
@ -0,0 +1,4 @@
+@{
+    ViewData["Title"] = "Error";
+}
+
--- a/src/isnd/Views/Home/Index.cshtml
+++ b/src/isnd/Views/Home/Index.cshtml
@ -0,0 +1,27 @@
+@model HomeIndexViewModel
+@{
+    ViewData["Title"] = "Home Page";
+
+}
+
+<div class="text-center">
+    <h1 class="display-4">Welcome</h1>
+    <h1>
+        <img src="~/icon.jpg">
+        Welcome to isn
+    </h1>
+    <strong>@Model.PkgCount identifiant(s) de paquet dans le SI</strong>
+
+    @{
+       if (Model.UnleashClient.IsEnabled("Demo"))
+{
+  //do some magic
+  <p>Demo</p>
+}
+else
+{
+  //do old boring stuff
+  <p>No demo (disabled)</p>
+}
+    }
+</div>
--- a/src/isnd/Views/Home/Privacy.cshtml
+++ b/src/isnd/Views/Home/Privacy.cshtml
@ -0,0 +1,6 @@
+@{
+    ViewData["Title"] = "Privacy Policy";
+}
+<h1>@ViewData["Title"]</h1>
+
+<p>Use this page to detail your site's privacy policy.</p>
--- a/src/isnd/Views/PackageVersion/Delete.cshtml
+++ b/src/isnd/Views/PackageVersion/Delete.cshtml
@ -0,0 +1,52 @@
+@model isn.Data.PackageVersion
+
+@{
+    ViewData["Title"] = "Delete";
+}
+
+<h2>Delete</h2>
+
+<h3>Are you sure you want to delete this?</h3>
+<div>
+    <h4>PackageVersion</h4>
+    <hr />
+    <dl class="dl-horizontal">
+        <dt>
+            @Html.DisplayNameFor(model => model.Major)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Major)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.Minor)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Minor)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.Patch)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Patch)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.IsPrerelease)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.IsPrerelease)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.Package)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Package.Id)
+        </dd>
+    </dl>
+    
+    <form asp-action="Delete">
+        <input type="hidden" asp-for="PackageId" />
+        <input type="hidden" asp-for="FullString" />
+        <input type="submit" value="Delete" class="btn btn-default" /> |
+        <a asp-action="Index">Back to List</a>
+    </form>
+</div>
--- a/src/isnd/Views/PackageVersion/Details.cshtml
+++ b/src/isnd/Views/PackageVersion/Details.cshtml
@ -0,0 +1,48 @@
+@model isn.Data.PackageVersion
+
+@{
+    ViewData["Title"] = "Details";
+}
+
+<h2>Details</h2>
+
+<div>
+    <h4>PackageVersion</h4>
+    <hr />
+    <dl class="dl-horizontal">
+        <dt>
+            @Html.DisplayNameFor(model => model.Major)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Major)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.Minor)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Minor)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.Patch)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Patch)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.IsPrerelease)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.IsPrerelease)
+        </dd>
+        <dt>
+            @Html.DisplayNameFor(model => model.Package)
+        </dt>
+        <dd>
+            @Html.DisplayFor(model => model.Package.Id)
+        </dd>
+    </dl>
+</div>
+<div>
+    @Html.ActionLink("Edit", "Edit", new { /* id = Model.PrimaryKey */ }) |
+    <a asp-action="Index">Back to List</a>
+</div>
--- a/src/isnd/Views/PackageVersion/Index.cshtml
+++ b/src/isnd/Views/PackageVersion/Index.cshtml
@ -0,0 +1,66 @@
+@model PackageVersionIndexViewModel
+
+@{
+    ViewData["Title"] = "Index";
+}
+
+<h2>Index</h2>
+
+<p>
+    <form method="get">
+        <div asp-validation-summary="ModelOnly" class="text-danger"></div>
+        
+        <div class="form-group">
+            <label asp-for="PackageId" class="control-label"></label>
+            <input asp-for="PackageId" class="form-control" />
+        </div>
+        <div class="form-group">
+            <input type="submit" value="Find" class="btn btn-default" />
+        </div>
+    </form>
+</p>
+
+<table class="table">
+    <thead>
+        <tr>
+            <th>
+                @Html.DisplayNameFor(model => model.Versions[0].Major)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.Versions[0].Minor)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.Versions[0].Patch)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.Versions[0].IsPrerelease)
+            </th>
+            <th>
+                @Html.DisplayNameFor(model => model.Versions[0].Package)
+            </th>
+            <th></th>
+        </tr>
+    </thead>
+    <tbody>
+@foreach (var item in Model.Versions) {
+        <tr>
+            <td>
+                @Html.DisplayFor(modelItem => item.Major)
+            </td>
+            <td>
+                @Html.DisplayFor(modelItem => item.Minor)
+            </td>
+            <td>
+                @Html.DisplayFor(modelItem => item.Patch)
+            </td>
+            <td>
+                @Html.DisplayFor(modelItem => item.IsPrerelease)
+            </td>
+            <td>
+                @Html.ActionLink("Details", "Details", new { pkgid = Model.PackageId, version = item.FullString }) |
+                @Html.ActionLink("Delete", "Delete", new { pkgid = Model.PackageId, version = item.FullString })
+            </td>
+        </tr>
+}
+    </tbody>
+</table>
--- a/src/isnd/Views/Shared/Redirect.cshtml
+++ b/src/isnd/Views/Shared/Redirect.cshtml
@ -0,0 +1,11 @@
+@model RedirectViewModel
+
+<div class="redirect-page">
+    <div class="lead">
+        <h1>You are now being returned to the application</h1>
+        <p>Once complete, you may close this tab.</p>
+    </div>
+</div>
+
+<meta http-equiv="refresh" content="0;url=@Model.RedirectUrl" data-url="@Model.RedirectUrl">
+<script src="~/js/signin-redirect.js"></script>
--- a/src/isnd/Views/Shared/_Layout.cshtml
+++ b/src/isnd/Views/Shared/_Layout.cshtml
@ -0,0 +1,49 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>@ViewData["Title"] - nuget host</title>
+    <link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.min.css" />
+    <link rel="stylesheet" href="~/css/site.css" />
+</head>
+<body>
+    <header>
+        <nav class="navbar navbar-expand-sm navbar-toggleable-sm navbar-light bg-white border-bottom box-shadow mb-3">
+            <div class="container">
+                <a class="navbar-brand" asp-area="" asp-controller="Home" asp-action="Index">mvc_ident</a>
+                <button class="navbar-toggler" type="button" data-toggle="collapse" data-target=".navbar-collapse" aria-controls="navbarSupportedContent"
+                        aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="navbar-collapse collapse d-sm-inline-flex justify-content-between">
+                    <ul class="navbar-nav flex-grow-1">
+                        <li class="nav-item">
+                            <a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Index">Home</a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Privacy">Privacy</a>
+                        </li>
+                    </ul>
+                    <partial name="_LoginPartial" />
+                </div>
+            </div>
+        </nav>
+    </header>
+    <div class="container">
+        <main role="main" class="pb-3">
+            @RenderBody()
+        </main>
+    </div>
+
+    <footer class="border-top footer text-muted">
+        <div class="container">
+            &copy; 2021 - mvc_ident - <a asp-area="" asp-controller="Home" asp-action="Privacy">Privacy</a>
+        </div>
+    </footer>
+    <script src="~/lib/jquery/dist/jquery.min.js"></script>
+    <script src="~/lib/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
+    <script src="~/js/site.js" asp-append-version="true"></script>
+    @await RenderSectionAsync("Scripts", required: false)
+</body>
+</html>
--- a/src/isnd/Views/Shared/_LoginPartial.cshtml
+++ b/src/isnd/Views/Shared/_LoginPartial.cshtml
@ -0,0 +1,26 @@
+@using Microsoft.AspNetCore.Identity
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserManager<ApplicationUser> UserManager
+
+<ul class="navbar-nav">
+@if (SignInManager.IsSignedIn(User))
+{
+    <li class="nav-item">
+        <a  class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Manage/Index" title="Manage">Hello @User.Identity.Name!</a>
+    </li>
+    <li class="nav-item">
+        <form  class="form-inline" asp-area="Identity" asp-page="/Account/Logout" asp-route-returnUrl="@Url.Action("Index", "Home", new { area = "" })">
+            <button  type="submit" class="nav-link btn btn-link text-dark">Logout</button>
+        </form>
+    </li>
+}
+else
+{
+    <li class="nav-item">
+        <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Register">Register</a>
+    </li>
+    <li class="nav-item">
+        <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Login">Login</a>
+    </li>
+}
+</ul>
--- a/src/isnd/Views/Shared/_Nav.cshtml
+++ b/src/isnd/Views/Shared/_Nav.cshtml
@ -0,0 +1,32 @@
+
+@{
+    string name = null;
+    if (!true.Equals(ViewData["signed-out"]))
+    {
+        name = User.Identity.Name;
+    }
+}
+
+<div class="nav-page">
+    <nav class="navbar navbar-expand-lg navbar-dark bg-dark">
+
+        <a href="~/" class="navbar-brand">
+            <img src="~/icon.png" class="icon-banner">
+            Nuget host
+        </a>
+
+        @if (!string.IsNullOrWhiteSpace(name))
+        {
+            <ul class="navbar-nav mr-auto">
+                <li class="nav-item dropdown">
+                    <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">@name <b class="caret"></b></a>
+                    
+                    <div class="dropdown-menu">
+                        <a class="dropdown-item" asp-action="Logout" asp-controller="Account">Logout</a>
+                    </div>
+              </li>
+            </ul>
+        }
+    
+    </nav>
+</div>
--- a/src/isnd/Views/Shared/_ValidationScriptsPartial.cshtml
+++ b/src/isnd/Views/Shared/_ValidationScriptsPartial.cshtml
@ -0,0 +1,18 @@
+<environment include="Development">
+    <script src="~/lib/jquery-validation/dist/jquery.validate.js"></script>
+    <script src="~/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js"></script>
+</environment>
+<environment exclude="Development">
+    <script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js"
+            asp-fallback-src="~/lib/jquery-validation/dist/jquery.validate.min.js"
+            asp-fallback-test="window.jQuery && window.jQuery.validator"
+            crossorigin="anonymous"
+            integrity="sha384-Fnqn3nxp3506LP/7Y3j/25BlWeA3PXTyT1l78LjECcPaKCV12TsZP7yyMxOe/G/k">
+    </script>
+    <script src="https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js"
+            asp-fallback-src="~/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js"
+            asp-fallback-test="window.jQuery && window.jQuery.validator && window.jQuery.validator.unobtrusive"
+            crossorigin="anonymous"
+            integrity="sha384-JrXK+k53HACyavUKOsL+NkmSesD2P+73eDMrbTtTk0h4RmOF8hF8apPlkp26JlyH">
+    </script>
+</environment>
--- a/src/isnd/Views/Shared/_ValidationSummary.cshtml
+++ b/src/isnd/Views/Shared/_ValidationSummary.cshtml
@ -0,0 +1,7 @@
+@if (ViewContext.ModelState.IsValid == false)
+{
+    <div class="alert alert-danger">
+        <strong>Error</strong>
+        <div asp-validation-summary="All" class="danger"></div>
+    </div>
+}
--- a/src/isnd/Views/_ViewImports.cshtml
+++ b/src/isnd/Views/_ViewImports.cshtml
@ -0,0 +1,3 @@
+@using isn.Data
+@using isn.ViewModels
+@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
--- a/src/isnd/Views/_ViewStart.cshtml
+++ b/src/isnd/Views/_ViewStart.cshtml
@ -0,0 +1,3 @@
+@{
+    Layout = "_Layout";
+}
--- a/src/isnd/appsettings.Development.json
+++ b/src/isnd/appsettings.Development.json
@ -0,0 +1,22 @@
+{
+  "AdminStartupList": {
+    "Users": [
+      "paul@pschneider.fr"
+    ]
+  },
+  "Nuget": {
+    "PackagesRootDir" : "packages",
+    "ProtectionTitle": "protected-data-v1",
+    "MaxUserKeyCount": 5
+  },
+  "Smtp": {
+    "Server": "localhost",
+    "Port": 25,
+    "SenderName": "Paul Schneider",
+    "SenderEmail": "paul@pschneider.fr"
+  },
+  "Unleash":
+  {
+    "ClientApiKey": "6f08a4b280ec4d4fd58b8a471fee4d0ceeb9b665ffd45dc957f8e695e0a0dfa6"
+  }
+}
--- a/src/isnd/appsettings.json
+++ b/src/isnd/appsettings.json
@ -0,0 +1,32 @@
+{
+  "AdminStartupList": {
+    "Users": [
+      "happy-new-root"
+    ]
+  },
+  "Nuget": {
+    "PackagesRootDir" : "<your-Source-dir>",
+    "ProtectionTitle": "protected-data-v1",
+    "MaxUserKeyCount": 1
+  },
+  "ConnectionStrings": {
+    "DefaultConnection": "Server=<pgserver>;Port=<pgport>;Database=<dbname>;Username=<dbusername>;Password=<dbpass>;"
+  },
+  "AllowedHosts": "*",
+  "Smtp": {
+    "Server": "<smtp.server.address>",
+    "Port": 25,
+    "SenderName": "<from-name>",
+    "SenderEmail": "<from-email>"
+  },
+  "Unleash":
+  {
+    "ClientApiKey": "lame-unleash-client-api-key",
+    "ApiUrl": "http://localhost:4242/api/"
+  },
+  "Logging": {
+    "LogLevel": {
+      "Default": "Warning"
+    }
+  }
+}
--- a/src/isnd/isnd.csproj
+++ b/src/isnd/isnd.csproj
@ -0,0 +1,39 @@
+
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <UserSecretsId>85fd766d-5d23-4476-aed1-463b2942e86a</UserSecretsId>
+    <PackageVersion>1.0.1</PackageVersion>
+    <IsPackable>true</IsPackable>
+    <PackageLicenseExpression>WTFPL</PackageLicenseExpression>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="2.1.1" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="2.1.1" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="2.1.1" />
+    <PackageReference Include="Microsoft.AspNetCore.All" />
+    <PackageReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="NuGet.Packaging.Core" Version="5.9.0"/>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="2.1.1" />
+    
+    <PackageReference Include="MailKit" Version="2.11.1" />
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="2.1.1" IncludeAssets="All"  />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="2.1.1" IncludeAssets="All" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="2.1.1" IncludeAssets="All" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="2.1.1" />
+    <PackageReference Include="unleash.client" Version="1.6.1" />
+
+  </ItemGroup>
+
+  <ItemGroup>
+    <DotNetCliToolReference Include="Microsoft.EntityFrameworkCore.Tools" Version="2.1.1" />
+    <DotNetCliToolReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Tools" Version="2.1.0-preview1-final" />   
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Include="..\..\LICENSE" Pack="true" PackagePath="LICENSE"/>
+    </ItemGroup>
+
+</Project>
--- a/src/isnd/tempkey.rsa
+++ b/src/isnd/tempkey.rsa
@ -0,0 +1 @@
+{"KeyId":"65c27d7a881c77b89291317039e9efba","Parameters":{"D":"w7RqM/G0KX2TP3lTq+6fatOFl6xgL86QYsoEW/ZYU/rPwkx4Xqul6tPuqvoDCqjxC4Z81/Ndsn7+blTBTHdaxnGi4RUGpJm0FE7TKoB9Nz3XGjpflKoRKh0lREYywkPGU/4BOI7Zcuc/t0M6Ce2lIqczI/lGp+bP6ZFxkn/HcvpVNxk0f59lHEnccsx1fFy1KKC5vzL1AzMKNmKmACcD4b1Zd+g/ytZS8L/kgUqzlwmuLGDCqONC6/tQH6XwztyO8yBz7A12gu0AyOiz4RPlXJC4QOHMP/SjISlFAW3leMWEJ0Jj8sVkyesHqHbOOI9H4XLZkBFh2VFDp3fNdA89AQ==","DP":"fwFy35AWTV09vod6xiQ5rdlMLvMI+5EGasbKNWmgcDknwDuzwOzB+GkD5/qwNtgsd//ZN7p3nCGIOlA1AfQow85RUtpxIGo6+pTfVkn4sAxTBXDda+Gg2SOnEim4I0MA7FDcN7e8+6cbHo8K4hDx4HTfzvjuy3XBPDLRWWakfyE=","DQ":"bkCDsIxyeN0UcDyhHj9omor8dkss6hd7EkYZ2eEWcnuHX4QCRlDc7w2jQS9Iar9IVCWFhW7ahWNFp3A5id5HNuAhghtq+lJxhNiBnTRd+HiG3V52x9RsmUQ/1k+A0ge/v4+hEM0IOX2Tzf7CTuToKVRSMXAkhK08hUKP7EZ0Pss=","Exponent":"AQAB","InverseQ":"hWwWmOoMustOZ2bU5hxAUYCwkWyr2lsEmtFlFAa/JcLMBy5wb/zohWXKeNOjA3+ljwg/O5oF/yCK8YITFiyOfP+jutqWosOAatJnZfK49eVK9YhlUBana9F4FWUQew3N0MXq8DZUfSNO04S7lrnhHgt9dIdun+1yVIhsPjbGjQo=","Modulus":"yphkMFBjv061wvEuKxEcQ23H2owCYOHugRXZTS5sUQQ8nJ9VXhsH1rJh+6r6DOQtkQnR1J6qihZ8ogVFgil4J4RVBrZSf58M6msTXeCvLEh08dpaJ6rhAnfJ6rpUsY/gyBGN/lm2zK4Na0zJl6NpQFAOibLS9Sszz0ll7xYmu96OdYWw75mmAfWNWioJ6f1zOj0n7U4ZdtCbT5vnWcQFvr5BzQ4uvisVTgQ7y9PCXT8IExt9rjmuVkLq5LyGIhp5M2MgncLF8J/L/bNvtdEnN+djpGgsV6849iVzx+PWuzwTmxomfmcOTox0Q1Dl7S2Ul2TLXLCybSURJ/tKfXjpsw==","P":"9jVejI0K3LtdV9tMhCVYf8i05Cpf5sDxzN18IsVtJ6swYBrOYgF9sBqBevj/O01oS8G0GzKZ76rb01N+5FELk/M58f1CNkJIvyBLr/RcbcbxSPltFgVaBNXBVFb6k/kn7JFNnSZMhaNpHCH3LdG7czweh96anby3ihVChnC07uE=","Q":"0qb/znHHXPAH3HuDcYOMNqDqxr77HvflYkdOQMJJv9/zi0TNjsZTPtaO8aq8X/nu0KyBUSMCm0QJPrLYBQOVQMT5rin3jK/lESS7A6Ju9M0eEasNquWmcAfzAMdarv1dIT6ZhitPWL6+JdQSs1aTPQ+pd98G0fTywZtq/kOMDxM="}}
--- a/src/isnd/wwwroot/css/site.css
+++ b/src/isnd/wwwroot/css/site.css
@ -0,0 +1,24 @@
+.body-container {
+  margin-top: 60px;
+  padding-bottom: 40px; }
+
+.welcome-page li {
+  list-style: none;
+  padding: 4px; }
+
+.logged-out-page iframe {
+  display: none;
+  width: 0;
+  height: 0; }
+
+.grants-page .card {
+  margin-top: 20px;
+  border-bottom: 1px solid lightgray; }
+  .grants-page .card .card-title {
+    font-size: 120%;
+    font-weight: bold; }
+    .grants-page .card .card-title img {
+      width: 100px;
+      height: 100px; }
+  .grants-page .card label {
+    font-weight: bold; }
--- a/src/isnd/wwwroot/css/site.min.css
+++ b/src/isnd/wwwroot/css/site.min.css
@ -0,0 +1 @@
+.body-container{margin-top:60px;padding-bottom:40px;}.welcome-page li{list-style:none;padding:4px;}.logged-out-page iframe{display:none;width:0;height:0;}.grants-page .card{margin-top:20px;border-bottom:1px solid #d3d3d3;}.grants-page .card .card-title{font-size:120%;font-weight:bold;}.grants-page .card .card-title img{width:100px;height:100px;}.grants-page .card label{font-weight:bold;}
--- a/src/isnd/wwwroot/css/site.scss
+++ b/src/isnd/wwwroot/css/site.scss
@ -0,0 +1,42 @@
+.body-container {
+    margin-top: 60px;
+    padding-bottom:40px;
+}
+
+.welcome-page {
+    li {
+        list-style: none;
+        padding: 4px;
+    }
+}
+
+.logged-out-page {
+    iframe {
+        display: none;
+        width: 0;
+        height: 0;
+    }
+}
+
+.grants-page {
+    .card {
+        margin-top: 20px;
+        border-bottom: 1px solid lightgray;
+
+        .card-title {
+            img {
+                width: 100px;
+                height: 100px;
+            }
+
+            font-size: 120%;
+            font-weight: bold;
+        }
+
+        label {
+            font-weight: bold;
+        }
+    }
+}
+
+
--- a/src/isnd/wwwroot/favicon.ico
+++ b/src/isnd/wwwroot/favicon.ico
--- a/src/isnd/wwwroot/icon.jpg
+++ b/src/isnd/wwwroot/icon.jpg
--- a/src/isnd/wwwroot/icon.png
+++ b/src/isnd/wwwroot/icon.png
--- a/src/isnd/wwwroot/images/banner1.svg
+++ b/src/isnd/wwwroot/images/banner1.svg
--- a/src/isnd/wwwroot/images/banner2.svg
+++ b/src/isnd/wwwroot/images/banner2.svg
--- a/src/isnd/wwwroot/images/banner3.svg
+++ b/src/isnd/wwwroot/images/banner3.svg
--- a/src/isnd/wwwroot/images/banner4.svg
+++ b/src/isnd/wwwroot/images/banner4.svg
--- a/Show More
+++ b/Show More
				`@ -0,0 +1 @@`
				{"KeyId":"65c27d7a881c77b89291317039e9efba","Parameters":{"D":"w7RqM/G0KX2TP3lTq+6fatOFl6xgL86QYsoEW/ZYU/rPwkx4Xqul6tPuqvoDCqjxC4Z81/Ndsn7+blTBTHdaxnGi4RUGpJm0FE7TKoB9Nz3XGjpflKoRKh0lREYywkPGU/4BOI7Zcuc/t0M6Ce2lIqczI/lGp+bP6ZFxkn/HcvpVNxk0f59lHEnccsx1fFy1KKC5vzL1AzMKNmKmACcD4b1Zd+g/ytZS8L/kgUqzlwmuLGDCqONC6/tQH6XwztyO8yBz7A12gu0AyOiz4RPlXJC4QOHMP/SjISlFAW3leMWEJ0Jj8sVkyesHqHbOOI9H4XLZkBFh2VFDp3fNdA89AQ==","DP":"fwFy35AWTV09vod6xiQ5rdlMLvMI+5EGasbKNWmgcDknwDuzwOzB+GkD5/qwNtgsd//ZN7p3nCGIOlA1AfQow85RUtpxIGo6+pTfVkn4sAxTBXDda+Gg2SOnEim4I0MA7FDcN7e8+6cbHo8K4hDx4HTfzvjuy3XBPDLRWWakfyE=","DQ":"bkCDsIxyeN0UcDyhHj9omor8dkss6hd7EkYZ2eEWcnuHX4QCRlDc7w2jQS9Iar9IVCWFhW7ahWNFp3A5id5HNuAhghtq+lJxhNiBnTRd+HiG3V52x9RsmUQ/1k+A0ge/v4+hEM0IOX2Tzf7CTuToKVRSMXAkhK08hUKP7EZ0Pss=","Exponent":"AQAB","InverseQ":"hWwWmOoMustOZ2bU5hxAUYCwkWyr2lsEmtFlFAa/JcLMBy5wb/zohWXKeNOjA3+ljwg/O5oF/yCK8YITFiyOfP+jutqWosOAatJnZfK49eVK9YhlUBana9F4FWUQew3N0MXq8DZUfSNO04S7lrnhHgt9dIdun+1yVIhsPjbGjQo=","Modulus":"yphkMFBjv061wvEuKxEcQ23H2owCYOHugRXZTS5sUQQ8nJ9VXhsH1rJh+6r6DOQtkQnR1J6qihZ8ogVFgil4J4RVBrZSf58M6msTXeCvLEh08dpaJ6rhAnfJ6rpUsY/gyBGN/lm2zK4Na0zJl6NpQFAOibLS9Sszz0ll7xYmu96OdYWw75mmAfWNWioJ6f1zOj0n7U4ZdtCbT5vnWcQFvr5BzQ4uvisVTgQ7y9PCXT8IExt9rjmuVkLq5LyGIhp5M2MgncLF8J/L/bNvtdEnN+djpGgsV6849iVzx+PWuzwTmxomfmcOTox0Q1Dl7S2Ul2TLXLCybSURJ/tKfXjpsw==","P":"9jVejI0K3LtdV9tMhCVYf8i05Cpf5sDxzN18IsVtJ6swYBrOYgF9sBqBevj/O01oS8G0GzKZ76rb01N+5FELk/M58f1CNkJIvyBLr/RcbcbxSPltFgVaBNXBVFb6k/kn7JFNnSZMhaNpHCH3LdG7czweh96anby3ihVChnC07uE=","Q":"0qb/znHHXPAH3HuDcYOMNqDqxr77HvflYkdOQMJJv9/zi0TNjsZTPtaO8aq8X/nu0KyBUSMCm0QJPrLYBQOVQMT5rin3jK/lESS7A6Ju9M0eEasNquWmcAfzAMdarv1dIT6ZhitPWL6+JdQSs1aTPQ+pd98G0fTywZtq/kOMDxM="}}
				`@ -0,0 +1 @@`
				`.body-container{margin-top:60px;padding-bottom:40px;}.welcome-page li{list-style:none;padding:4px;}.logged-out-page iframe{display:none;width:0;height:0;}.grants-page .card{margin-top:20px;border-bottom:1px solid #d3d3d3;}.grants-page .card .card-title{font-size:120%;font-weight:bold;}.grants-page .card .card-title img{width:100px;height:100px;}.grants-page .card label{font-weight:bold;}`