Open Rohansi opened 3 years ago
Would you prefer a new interface like IAsyncFirewallRule
and an overload on the FirewallMiddleware
to accept the async version as well, or would you prefer a ValueTask<bool> IsAllowedAsync(HttpContext context)
method on the existing interface? The latter case would mean that as soon as one of the two methods returns false
the request gets denied. What are your thoughts on this?
Separate interfaces would be less confusing, or only the ValueTask<bool>
variant with a single interface.
I need to support dynamic rules loaded from a DB. Could we get an
IAsyncFirewallRule
interface whereIsAllowed
returnsValueTask<bool>
?