✅ Decorate class (controller) with item from httpcontext
In
httpContextAccessor.HttpContext?.Items["User"]
I am storing Id of user that performs calls.
The way I am retrieving it
I have two questions.
1) I don't want to in constructor always build profileId
I would prefer that it would be injected into constructor
itself or injected into method. How to achieve this? For example something like this
2) Is there a better approach of finding out what user (id) it's performing request?
The way I set this information is following: I have Middleware that performs call to another service
later I deserialize response
and for final part I am adding UserId to httpContext
9 Replies
1. You can with binders, but don't. You already have the HttpContext. Just get it normally in the method. Make a helper method if you need to.
2. Store it in the claims and use the authentication system
why should I do it with binders? Could you give some link to read about it :)? I am already getting it in constructor, and it's one liner so I don't think helper it's needed
What it's difference between
claims
and Items
? I need to have access to HttpContext
anyway for claimsDoing it in the constructor is fine as long as you don't need to await
for claims read on authentication
I'm saying you should not use binders, they're just confusing
when used for this purpose
if you want to refactor the id extraction, define an extension method for
HttpContext
, problem solved
Or make a service that extracts it, if you need it to be a bit more flexibleoh sorry. I thought I wrote why I shouldn't do it with binders 🙂 I did read it right in first place but just curious why not to
what is advantage using claim instead of adding things to
Items
?
because in the end:
- you need to access IHttpContextAccessor
and read it from it
- you need to define behaviors for given entryauthentication
I've already mentioned it 2 times already
you use a standard system for this
you only need
IHttpContextAccessor
if you move that logic into a service
otherwise you already have the access to HttpContext in the controller
The benefit is that the client would send it to you with the token
you won't have to make further calls for it
you can just send it to the client when you generate the authentication tokenI didn't want that on request userId it's provided. I preferred getting that userId based on Token and then on token I do create claims
but anyway, that's offtopic. There are binders, or just accesting it through
IHttpContextAccessor
there is no other way around it 😉
thanks for helping out ❤️ 🙂why not? if you're the one who generates the token, it's the simplest way imo
because I don't want to expose any data that can be used by malicious intent. The less information the better 😅
but it's embedded into token, so maybe indeed I should just make claims and pair those together
as it is exposed
Was this issue resolved? If so, run
/close
- otherwise I will mark this as stale and this post will be archived until there is new activity.