Open jaap34 opened 12 years ago
What about an API method that would allow you to hook into the auth pipeline. Something like this in your application start:
RequestReduce.Api.Registry.RegisterAuthHandler(context => context.User.IsInRole("Administrator"));
I'm trying to not add more properties to the config if I can help it since having so many config properties gets unwieldy and giving people access via the api like above ultimately provides more control.
The registration of a custom auth handler sounds great, that is probably the most extensible way to do it.
It would be nice if we could have a configuration property authorizedRoleList. We have an application which deploys to different clients with the same web.config, but the admin names can differ. However the role will always be Administrator.
Overall requestreduce is awesome! I like the clean approach and not having to create bundles and sorting scripts etc. Good job.