Kevin Rich
Restricting Access to Routes without [Authorize] Filter
Locking down Swagger, Elmah, and other "magic" endpoints
Create a Delegating Handler
In this example, I want to lock down the \swagger
endpoint from an ASP.NET 4.6.1 MVC web application.
public class SwaggerAccessMessageHandler : DelegatingHandler
{
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) . . .
December 05, 2016
Adding User Claims via API keys in WebApi 2
Adding a Custom Authentication Filter
Update
Please for the love of all that is holy, don't do this. There are many great solutions out there now. I recommend Azure AD (cheap), Auth0(freeish), or Identity Server(open sou). This was a pretty terrible implementation that was meant as a stopgap.
Scenario
I have an API that I wish to lock down via an . . .
Posted in: asp.netauthenticationfiltersmvc5webapi
July 19, 2016
Cover image credit: http://whoiskevinrich.com