Metro
Metro

Reputation: 1171

Conditional Attribute Routing

When using attribute routing, is it possible to remove routes based on certain runtime condition - such as licensing?

Something like this:

[LicensedRoute("/api/whatever")]

where '/api/whatever' is only added to the route table if the application is licensed.

Obviously I can explicitly do the check in the action method or use an action filter to validate the requests but ultimately I prefer the route not to be available if the software is not licensed.

Upvotes: 0

Views: 1702

Answers (1)

Petre T
Petre T

Reputation: 472

Seems you need Attribute Routing: http://www.asp.net/web-api/overview/web-api-routing-and-actions/attribute-routing-in-web-api-2

Is it RESTful? How you store the licensing info: is it user logins? tokens? key?

You could do it RESTful and force the client to pass a token every time via token-based authentication, for example: define several "licence" levels/types (eg. Free/Trial/Basic/Pro) and then in a persistent storage (table) map tokens (guids) to a licence type.

Then using a custom attribute, mark each endpoint/controller/action with the minimum required licence type to be accessible (e.g. [MinimumLicence("Basic")]). And then create "routing tables" based on the licence required.

In this case you would deny access to routes rather than "remove" them.

Upvotes: 1

Related Questions