The latest work on Middleware and reading about implementation in different frameworks made me think about the following:
How about us being able to attach middleware on a per route basis
The idea is not groundbreaking science, it’s seen in many different cases and the concept is implemented elsewhere. So we have a lot of examples to lean up against and get smarter around.
We have a defined set of middlewares at the moment. All “ending” in the dispatcher middleware, passing on the final response. And the dispatcher is being set (package, controller and action), based on a
RoutingResults from the
RoutingMiddleware being defined in Routes.yaml. This leading down to the MVC stack.
Here, we do all the rendering stuff. We check privileges based on Policy.yaml, firewall, and so on.
How about this.
I will like to disable the privilege/Policy part of the security framework in favor of my own middleware checking for a specific cookie or similar, to avoid a already registered user to call the “signup” endpoint of a api. But only on that particular route.
How? (I have ideas and no conclusion)
- A seperate property in
middlewares: similar to
- Your idea?