-
Notifications
You must be signed in to change notification settings - Fork 267
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: Authentication for the new Endpoint Routing #480
Comments
Hi, yes you should still be able to use that handler for an endpoint. |
Hello, would you mind to give an example? Let's imagine this router open Giraffe
open Giraffe.EndpointRouting
module Router =
let endpoints : Endpoint list = [
route "/ping" (text "pong")
route "/" (text "index")
subRoute "/protected" [
GET [
route "/hello" (text "hello")
]
]
] How can I use |
You can compose it into the route list similar to other handlers: let webApp =
choose [
route "/ping" >=> text "pong"
route "/" >=> htmlView indexView
requiresAuthentication (text "failed") >=>
subRoute "/protected"
(choose [
GET >=> choose [
route "/hello" >=> text "hello" ]])] |
@Banashek thank you for the tip. My question is about the latest EndpointRouting. I know that it works this way: subRoute "/restricted" [
route "/test" (requiresAuthentication (text "failed") >=> handler1)
] But I should repeat it for every protected route handler. So I wonder how to do this for subRoute? requiresAuthentication (text "failed") >=>
subRoute "/protected" [
route "/test" handler1
] |
@ilog2000: very sorry, I did misunderstand your question. I think that using let validateApiKey (ctx : HttpContext) =
match ctx.TryGetRequestHeader "X-API-Key" with
| Some key -> "super-sercret-key".Equals key
| None -> false
let accessDenied = setStatusCode 401 >=> text "Access Denied"
let requiresApiKey =
authorizeRequest validateApiKey accessDenied
let protectedByApiKeyList : Endpoint list =
let addApiKeyCheck = applyBefore requiresApiKey
[
route "/test1" (text "test1")
route "/test2" (text "test2")
] |> List.map addApiKeyCheck
let protectedByAuthList : Endpoint list =
let addAuthenticationCheck = applyBefore (requiresAuthentication (text "auth failed"))
[
route "/test1" (text "test1")
route "/test2" (text "test2")
] |> List.map addAuthenticationCheck
let endpoints : Endpoint list =
[
GET [
route "/ping" (text "pong")
route "/" (htmlView <| Views.index { Text = "foo" })
subRoute "/protectedByApiKey" protectedByApiKeyList
subRoute "/protectedByAuth" protectedByAuthList ]] Let me know if that helps, or if there is another aspect of it that I may be missing. |
@Banashek , thank you very much. I really like this solution - it's clear and well separated into specific areas. And I did not know about |
Neither did I til trying to solve this, but it seems to work out pretty well! |
Hey people, I'm considering that @dustinmoris and @Banashek already answered this issue, so I'll close it with this comment. If you think there's still something lacking, please open a new issue so we can investigate it properly. |
Hello guys,
I failed to find any information/documentation about how one could implement the Authentication with ASP.NET Core's Endpoint Routing. Is it possible to use the requiresAuthentication (authFailedHandler : HttpHandler) http handler.
Thanks!
The text was updated successfully, but these errors were encountered: