I was using ASP.NET MVC
framework. In this framework, we checked every incoming request (url) for some key and assigned it to a property. We created a custom class which derived from Controller
class & we override OnActionExecuting()
to provide our custom logic.
How can we achieve the same in ASP.NET WEB API?
//Implementation from ASP.NET MVC
public class ApplicationController : Controller
{
public string UserID { get; set; }
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!string.IsNullOrEmpty(Request.Params["uid"]))
UserID = Request.Params["uid"];
base.OnActionExecuting(filterContext);
}
}
What I have tried in ASP.NET WEB API: — Though this is working, I wonder if this is the correct approach?
Created a base controller
public class BaseApiController : ApiController
{
public string UserID { get; set; }
}
Created another class which inherits ActionFilterAttribute class & I override OnActionExecuting()
public class TokenFilterAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
{
var queryString = actionContext.Request.RequestUri.Query;
var items = HttpUtility.ParseQueryString(queryString);
var userId = items["uid"];
((MyApi.Data.Controllers.BaseApiController)(actionContext.ControllerContext.Controller)).UserID = userId;
}
}
Now register this class
public static void Register(HttpConfiguration config)
{
config.Filters.Add(new TokenFilterAttribute());
}
Best Answer
You can use message handlers from ASP.NET Web API. It is a typical security scenation, when you need to get some user token from query string, URL or HTTP Header
http://www.asp.net/web-api/overview/advanced/http-message-handlers
1.When you need simply to extract userId from URL, then use it as parameter for your Api method and ASP.NET WebAPI will do work for you, like
It work for such request
2.If it is security scenario, please refer to http://www.asp.net/web-api/overview/security/authentication-and-authorization-in-aspnet-web-api Basically you will need some MessageHandler or you can use filter attributes as well, it is mechanism in ASP.NET Web API to intercept each call.
If you need to process each request then MessageHandler is your way. You need implement MessageHanler and then register it.
To say easily, typical MessageHandler is class derived from MessageHandler or DelegatingHandler with SendAsync method overriden:
and call it from Global.asax.cs
WebApiConfig.Register(GlobalConfiguration.Configuration);
Some example dummy hypotetical implementation of such handler (here you need to imeplement your UidPrincipal from IPrincipal and UidIdentity from IIdentity)
And lets access it from some ASP.NET WebApi method or some property in WebAPI class