asp.netasp.net-mvcasp.net-coreowin-middleware

Exclude Controller from Middleware


I have wrote a Middleware which checks if Authorization Token is included in the header and based on that request are executed or returns error if token is missing. Now it is working fine for other Controllers. But What should I do for Login/Registration Controller which don't required Authorization headers. How can I configure my Middleware to ignore these.

Current Implementation of MiddleWare to Check Headers for Authorization Token.

public class AuthorizationHeaderValidator
{
    private readonly RequestDelegate _next;
    private readonly ILogger<AuthorizationHeaderValidator> _logger;
    public AuthorizationHeaderValidator(RequestDelegate next, ILogger<AuthorizationHeaderValidator> logger)
    {
        _next = next;
        _logger = logger;
    }

    public async Task InvokeAsync(HttpContext context)
    {
        StringValues authorizationHeader;
        Console.WriteLine(context.Request.Path.Value);
       if (context.Request.Headers.TryGetValue("Authorization", out authorizationHeader))
        {
            await _next(context);
        }
       else
        {
            _logger.LogError("Request Failed: Authorization Header missing!!!");
            context.Response.StatusCode = 403;
            var failureResponse = new FailureResponseModel()
            {
                Result = false,
                ResultDetails = "Authorization header not present in request",
                Uri = context.Request.Path.ToUriComponent().ToString(),
                Timestamp = DateTime.Now.ToString("s", CultureInfo.InvariantCulture),
                Error = new Error()
                {
                    Code = 108,
                    Description = "Authorization header not present in request",
                    Resolve = "Send Request with authorization header to avoid this error."
                }
            };
            string responseString = JsonConvert.SerializeObject(failureResponse);
            context.Response.ContentType = "application/json";
            await context.Response.WriteAsync(responseString);
            return;

        }

    }
}

Solution

  • I have solved my problem by Implementing PipeLine

    public class AuthorizationMiddlewarePipeline
    {
        public void Configure(IApplicationBuilder applicationBuilder)
        {
            applicationBuilder.UseMiddleware<AuthorizationHeaderValidator>();
        }
    }
    

    And than I am using it like this on either Controller Scope or Method scope

    [MiddlewareFilter(typeof(AuthorizationMiddlewarePipeline))]