Controll access / visability to routed endpoint

[Hantsch]

Is your feature request related to a problem? Please describe. I want to controll access to who is able to see and access certain api's. I want them to be for example, authorized and have a specific role assigned for each endpoint to see.

Describe the solution you'd like A delegate where i can interact with the endpoint and controll if the endpoint gets routed. I made a patch with an example solution. controll_access_delegate.zip

This would allow me to write a delegate like:

(httpContext, swaggerEndpoint) =>
{
    if (!httpContext.User.Identity.IsAuthenticated)
    {
        httpContext.Response.StatusCode = 401;
        httpContext.Response.WriteAsync("please login to access this resource");
        return false;
    }

    if (!httpContext.User.IsInRole($"viewapi_{swaggerEndpoint.Key}"))
    {
        httpContext.Response.StatusCode = 403;
        httpContext.Response.WriteAsync("you are not allowed to access this resource");
        return false;
    }

    return true;
}

[Burgyn]

Hi,

thanks for your issue. Please can you provide Pull Request?

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[stale[bot]]

This issue has been automatically closed because it has not had recent activity. Thank you for your contributions.