I have a Web API application that is authenticated using a combination of userid and an APIKey as part of the RequestMessage. In my authorization filter I check if the combination is valid before proceeding. I then need to use the userid to log some actions in my controllers.
The UserID and key are encoded together. Something like: .../api/v1/Transaction?api_key=YmFyZGFnYWR2ZXJndXI
The problem I am having is how to expose the userid to the controller.
Using the comment from Chips_100 I added CurrentUserId to my Controller and then this code to my AuthFilter:
public class CustomAuthFilter : AuthorizeAttribute
{
private BaseController controller;
public override void OnAuthorization(HttpActionContext actionContext)
{
controller = actionContext.ControllerContext.Controller as BaseController;
//Some code ommitted for clarity
if (controller != null)
controller.CurrentUserId = userAccount[0];
}
}
Seems to work perfectly so far.
UserId) (or one of its base types). In the filter, you can access the controller via the context. If it is of a compatible type, you can just set the property of the controller (e.g. after casting it).