Using RequestFilter to Perform Custom Authentication on a ServiceStack

Question

Using RequestFilter to Perform Custom Authentication on a ServiceStack

Brand new to ServiceStack, so forgive me if this is easy.

I am writing an API that will use its own HTTP header to get authentication information. I added RequestFilter as follows:

RequestFilters.Add((httpReq, httpResp, requestDto) => { if(httpReq.Headers["MyMagicHeader"] != "magic") { throw HttpError.Unauthorized("Unauthorized"); } else { //TODO: Populate a "Client" object accessible by the Service } });

My question is: how can I now provide the service in question to the Client object that I create based on the value in the magic header?

In appearance, my only option is to pass this information through the DTO. So I thought about adding a base class that inherits all my DTOs, and that base class will contain the Client property.

Is this the right approach?

+4

servicestack

RMD Apr 24 '13 at 15:49

source share

1 answer

mythz · Accepted Answer · 2013-04-24T16:37:25+0000

The way to transfer any information available in all filters and services in the same request is to use the httpReq.Items object dictionary, for example. Dictionary<string,object> "

 RequestFilters.Add((httpReq, httpResp, requestDto) => { if(httpReq.Headers["MyMagicHeader"] != "magic") { throw HttpError.Unauthorized("Unauthorized"); } else { //TODO: Populate a "Client" object accessible by the Service httpReq.Items["MagicToken"] = CreateMagicValue(httpReq.Headers["MyMagicHeader"]); } });

Using RequestFilter to Perform Custom Authentication on a ServiceStack

More articles: