Marco Garofalo
03/07/2024, 2:07 PMdave
03/07/2024, 2:11 PMMarco Garofalo
03/07/2024, 2:14 PMdave
03/07/2024, 2:17 PMAndrew O'Hara
03/07/2024, 7:59 PMRequestContextKey
and then inject it into all of your routes.
Step 2: In a route, use the RequestContextKey
to extract the principal from the Request
and then either authorize it there or pass the principal deeper into your service layer
Step 3: In this case, I passed the principal into the service layer, and authorized it there
In this case, my RequestContextKey
merely verifies a JWT and returns the hashed email address as the principal. It doesn't always matter if there's a saved user record; I let my service layer care about that.