Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Route Level security

See original GitHub issue

Was thinking of something like this.

Thoughts?

this.Get("/", async ctx => await this.RequiresAuthentication(async innerctx => await innerctx.WriteAsync("authed")));

Issue Analytics

State:
Created 5 years ago
Reactions:2
Comments:32 (18 by maintainers)

Top GitHub Comments

5reactions

RagingKorecommented, May 24, 2018

that looks more atractive and doable. I would go with full pipeline composition as an alternative.

Here are some examples:

public class PlayersModule : CarterModule {
  public PlayersModule() {
    Route("/players/{:id}")
      .Authorize()
      .Get(ctx => // do something authorized );
 
    Route("/players/{:id}")
      .AuthorizeWithClaims(x => x.Type == "Admin")
      .Post(ctx => // do something authorized );
      
    Route("/players/{:id}")
      .Anonymous()
      .Put(ctx => // do something);
      
    Route("/players/{:id}")
      .Pipe(ctx => // do whatever my heart desires)
      .Delete(ctx => // do something authorized );
  }
}

1reaction

JoeSteadcommented, May 24, 2018

It will require some sort of Carter pipeline intertwined with the ASP.NET one (I don’t think the details of which need to be exposed), so will require a bit more upfront thought, but it avoids specific CarterRequest and CarterResponse objects, whilst taking the extensibility up to 11.