Replies: 1 comment 2 replies
-
Thanks for your question - this one is tough to be solved without changing the framework itself because the Regarding the Regarding the role check, adding concerns to the |
Beta Was this translation helpful? Give feedback.
-
Hello again, 😄
with the build-in functionality I was able to implement user authentication quite easily.
Now I'm after role based authorization. I haven't seen anything related to authorization in GenHTTP, hence my ask.
I was able to provide my custom authenticated user object which contains set of effective roles and in particular endpoints I want to do a pre-check that the user has a particular role granted. Ideally this could happen before the request is routed to a handling method and before the payload is parsed to save some compute time (but not required). I'm using webservice approach. So I was thinking about some custom attribute to decorate my methods with the required role, but I don't know how or if this can be plugged to the existing functionality. Could you please steer me in the right direction?
This is what I have at the moment, particularly I don't like that I have to add a reference to the full
IRequest
in each method, I would like to avoid this.Under the hoods my
Authorize
method is quite simple:This is what I would like to have instead:
Thank you in advance for any suggestions.
Beta Was this translation helpful? Give feedback.
All reactions