9
Answers

Middleware should ignore specific routes in .net core

Photo of Dharmraj Thakur

Dharmraj Thakur
7y
13.1k
1
I have a web api in asp.net core 2.0. I have functionality that every request will pass the APIKey in header and my api server will read that apikey check it and allow the request if apikey is valid. I implemented it by using middleware.
 
Now this middleware executing before every request of whole api server. When request is coming for registration or login, API key will not there and server should allow them request without executing middleware...
  1. app.UseMiddleware<VerifyClientMiddleware>();  
 I did temporary solution which I don't want... I wrote a condition in middleware which allow login and registration api.
  1. if (context.Request.Path.Value.Contains("/user/authenticate") || context.Request.Path.Value.Contains("/user/register"))  
  2. {  
  3.     await _next.Invoke(context); // call next middleware  
  4. }  
 Thanks in advance.

Answers (9)

5
Photo of Sagar Pandurang Kap
NA 11.6k 68.9k 7y
Hi,
Refer below link :-
 
https://stackoverflow.com/questions/39517816/how-to-ignore-routes-in-asp-net-core-1-0-1?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
 
Hope it helps....
3
Photo of Dharmraj Thakur
251 7.7k 718.8k 6y
Thanks for replay @Jignesh Trivedi... I am not talking about authenticating.. There is a custom middleware which is not related to authentication... So sadly AllowAnonymous will not work here...
3
Photo of Jignesh Trivedi
NA 62.3k 46.3m 6y
I am not sure but "AllowAnonymous" attribute can help you. Basically it ignore the Authentication for the route.
2
Photo of Naimish Makwana
134 13.8k 203.2k 2y

Hi,

Please refer below link. It may be helpful to you. 

https://www.devtrends.co.uk/blog/conditional-middleware-based-on-request-in-asp.net-core

Thanks

Naimish

2
Photo of adhar jain
NA 97 849 2y

Probably you are looking for below with some regex

app.UseWhen(context=>!context.Request.Path.Value.ToLower().Trim().Contains(@"/route"), applicationBuilder =>
{
    applicationBuilder.UseMiddleware<YourMiddleware>();
});

2
Photo of Dharmraj Thakur
251 7.7k 718.8k 7y
Thanks for replay Mr. Sagar... Provided link showing how to use middleware. Not helpful sorry!
1
Photo of Tuhin Paul
39 34.6k 314.4k 1y

Modify your VerifyClientMiddleware to check the request path before performing the API key validation

public class VerifyClientMiddleware
{
    private readonly RequestDelegate _next;

    public VerifyClientMiddleware(RequestDelegate next)
    {
        _next = next;
    }

    public async Task Invoke(HttpContext context)
    {
        // Check if current path is allowed without API key
        if (!_allowedPaths.Contains(context.Request.Path.Value))
        {
            // Perform your existing API key validation logic here (read and check API key)
            // If key is invalid, throw an exception or return appropriate error response
        }

        // Call the next middleware in the pipeline
        await _next(context);
    }
}
1
Photo of Tuhin Paul
39 34.6k 314.4k 1y 
private readonly string[] _allowedPaths = new string[] { "/user/authenticate", "/user/register" };

Create a string array or list to store the paths for unrestricted access (login and registration)

1
Photo of Sudhesh Gnanasekaran
NA 53 1 1y

Check out this article on how to ignore routes conditionally  

https://codetrojan.com/csharp/asp-net-core-how-to-restrict-specific-routes-from-middleware/

Next Recommended Forum