WillowBear
❔ What is the appropriate way to confirm User ID for API
Hi everyone, thank you for respnding! So the Controller does infact have the attribute. I put it on the Service also as I wasn't sure if it had to be everywhere that I wanted only authorised users to have access. I'll remove it from the service!
The service is registered Scoped. I'm not sure where i saw it but i thought that was the default way but appreciate I need to look more into DI.
Not really sure what gRPC means, so definetly not that. Just a "normal" service which performs CRUD actions to the DB when called by my Controller.
What would be a better way to retrieve the current userId? Should that be a seperate service?
25 replies