Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Suggested practice for using MediatR and authorization?

See original GitHub issue

Heads Up: this is similar/inspired by issue #433

I’m wondering if there’s a suggested practice for handling Authorization within an ASP.NET Core Web App that is using MediatR.

Authentication -> who are you? This is handled by the [Authorize] attribute on a controller (for example). I personally like using JWT’s as the payload with some JWT middleware deserializing the JWT content into a ClaimsPrincipal.

Authorization -> (now that I know who you are) What are you allowed to do/access? Not sure where this should be handled. In the controller action method? Or in the Handler method?

What are people doing and any sample code for reference, please?

I usually like to think of my controllers as really thin as possible and place logic in the Handlers.

Anyone have some info which they can suggest?

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:4
  • Comments:10 (4 by maintainers)

github_iconTop GitHub Comments

7reactions
damikuncommented, Mar 2, 2021

If you are looking for concrete implementation of authorization behavior follow json sources… https://github.com/jasontaylordev/CleanArchitecture/blob/main/src/Application/Common/Behaviours/AuthorizationBehaviour.cs

2reactions
lilasquaredcommented, Dec 21, 2019

Pipeline behaviors are different now than they were in that blog post, there are some examples of them in the src of this project. Yes they have to be wired up, and yes aspnet core middleware is very similar. The difference is where you want your business logic to reside and what you want it to depend on. In the case of an aspnet core project you may be fine with all the aspnet core dependencies. In some cases people like their business logic to not have these dependencies so creating their own pipeline is preferred. It’s up to you how you use the tools.

Read more comments on GitHub >

github_iconTop Results From Across the Web

CQRS and MediatR in ASP.NET Core
MediatR Requests are very simple request-response style messages, where a single request is synchronously handled by a single handler ( ...
Read more >
Using MediatR in .NET? Maybe replace it with this - YouTube
Give Mediator a star on GitHub: https://github.com/martinothamar/ Mediator This video is sponsored by abp.io. Don't forget to comment, ...
Read more >
Creating a Basic Authorization Pipeline with MediatR and ...
I'm going to name this interface “IAuthorizer” and this interface really is the star of the show here. This interface will not only...
Read more >
MediatR Pipeline Behaviour in ASP.NET Core - Logging ...
It will be as simple as Creating a new LoggingBehaviour class and adding it to the pipeline.
Read more >
CQRS MediatR Create many items commad - is it a good ...
I am here to ask question about: is it good practice to insert many records using CQRS and MediatR? how to structure that...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Pre and Post Processors handled multiple times (version 8)

Next page

IPipelineBehaviour with custom type for TResponse (ie. Result<TResponse>)