Scribd
Upload
16 views

Core Web API

This document discusses the HttpContextAccessor in ASP.NET Core Web API. It allows accessing the current HTTP request and response context. The document outlines how to add HttpContextAccessor as a dependency and use it to access claims like user ID and company ID. It also describes common uses of HttpContextAccessor like accessing request/response details, authentication, authorization, logging, and integrating with external services. While useful, it notes HttpContextAccessor should only be used carefully due to security and maintenance concerns.

Uploaded by

mathy turing mooh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

Core Web API

This document discusses the HttpContextAccessor in ASP.NET Core Web API. It allows accessing the current HTTP request and response context. The document outlines how to add HttpContextAccessor as a dependency and use it to access claims like user ID and company ID. It also describes common uses of HttpContextAccessor like accessing request/response details, authentication, authorization, logging, and integrating with external services. While useful, it notes HttpContextAccessor should only be used carefully due to security and maintenance concerns.

Uploaded by

mathy turing mooh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/371071377

HttpContextAccessor in Asp.NET Core Web API

Article · May 2023

CITATIONS READS

0 874

1 author:

Sardar Mudassar Ali Khan


Contour Software
152 PUBLICATIONS 4 CITATIONS

SEE PROFILE

All content following this page was uploaded by Sardar Mudassar Ali Khan on 26 May 2023.

The user has requested enhancement of the downloaded file.


HttpContextAccessor in
Asp.NET Core Web API
Published By Medium.com
Link: https://sardarmudassaralikhan.medium.com/httpcontextaccessor-in-asp-net-core-web-api-
7e2638b1f633

Contents
HttpContextAccessor in Asp.NET Core Web API..................................................................................... 1
Step 1: First of all you need to add Dependency to your Program.cs ................................................ 2
Code Example ..................................................................................................................................... 2
Step 2 Use of HttpContextAccessor .................................................................................................... 2
Code Example ..................................................................................................................................... 2
Why’d we Use HttpContextAccessor .................................................................................................. 5
Accessing HTTP Request and Response: ......................................................................................... 5
Authentication and Authorization: ................................................................................................. 5
Logging and Diagnostics: ................................................................................................................. 5
Custom Middleware and Filters: ..................................................................................................... 5
Integration with External Services: ................................................................................................. 5
Conclusion ........................................................................................................................................... 5
In ASP.NET Core Web API, the HttpContextAccessor class is a component that provides access to the
current HTTP request and response context. It allows you to access various aspects of the HTTP
request and response, such as headers, cookies, query parameters, and user claims.

Step 1: First, you need to add Dependency in your Program.cs

Code Example
builder.Services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

Step 2 Use of HttpContextAccessor


In the Give below example, we are getting the User and After that, we are getting the company Id
and User ID From the Auth Microservice.

Code Example
using AC_Projects_API_Domain_Layer.Models;
using AC_Projects_API_Repository_Layer.IRepository;
using AC_Projects_API_Service_Layer.IService;
using AutoMapper;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;

namespace AC_Projects_API_Service_Layer.Services
{
public class ColumsService : ICustomService<Columns>
{
private readonly IRepository<Columns> _statusRepository;
public long LoggedInUserCompanyId;
public long LoggedInUserId;
private readonly IHttpContextAccessor _httpContextAccessor;
public ColumsService(
IRepository<Columns> statusRepository,
IMapper mapper,
IHttpContextAccessor httpContextAccessor
)
{
_statusRepository = statusRepository;
_httpContextAccessor = httpContextAccessor;
ClaimsIdentity user =
(ClaimsIdentity)_httpContextAccessor.HttpContext.User.Identity;
LoggedInUserCompanyId =
Convert.ToUInt32(user.FindFirst("CompanyId").Value.ToString());
LoggedInUserId =
Convert.ToUInt32(user.FindFirst("UserId").Value.ToString());
}
public void Delete(Columns entity)
{
try
{
if (entity != null)
{
entity.ModifiedBy = LoggedInUserId;
entity.ModifiedDate = DateTime.Now;
_statusRepository.Delete(entity);
_statusRepository.SaveChanges();
}
}
catch (Exception)
{
throw;
}
}

public Columns Get(long Id)


{
try
{
var obj = _statusRepository.Get(Id);
if (obj != null)
{
return obj;
}
else
{
return null;
}
}
catch (Exception)
{
throw;
}
}

public IEnumerable<Columns> GetAll()


{
try
{
var obj = _statusRepository.GetAll();
if (obj != null)
{
return obj;
}
else
{
return null;
}
}
catch (Exception)
{
throw;
}
}

public Columns Insert(Columns entity)


{
try
{
if (entity != null)
{
entity.CreatedBy = LoggedInUserId;
entity.CreatedDate = DateTime.Now;
entity.CompanyId = LoggedInUserCompanyId;
_statusRepository.Insert(entity);
_statusRepository.SaveChanges();
return entity;
}
return null;
}
catch (Exception)
{
throw;
}
}

public void Remove(Columns entity)


{
try
{
if (entity != null)
{
_statusRepository.Remove(entity);
_statusRepository.SaveChanges();
}
}
catch (Exception)
{
throw;
}
}

public void Update(Columns entity)


{
try
{
if (entity != null)
{
entity.ModifiedBy = LoggedInUserId;
entity.ModifiedDate = DateTime.Now;
_statusRepository.Update(entity);
_statusRepository.SaveChanges();
}
}
catch (Exception)
{
throw;
}
}
}
}

Why’d we Use HttpContextAccessor


For the following reasons, the `HttpContextAccessor` is frequently utilized in ASP.NET Core Web API
applications:

Accessing HTTP Request and Response:


Access to the current HTTP request and response context is the main goal of the
`HttpContextAccessor` component. You can use it to get details about incoming requests, including
headers, cookies, query parameters, and user claims. By gaining access to the "Response" property,
you can also alter the HTTP response.

Authentication and Authorization:


You can gain access to authentication-related data via the `HttpContextAccessor` including the
claims, identity, and roles of an authenticated user. This can be used to implement authorization
checks inside of your application, figure out the permissions of the current user, or alter behavior
based on authentication status.

Logging and Diagnostics:


You can record information relevant to the current HTTP request using the `HttpContextAccessor’ To
assist with debugging or monitoring, you can use it to record request-specific information, such as
the URL, headers, or user information. It enables you to effectively detect problems by correlating
log entries with requests.

Custom Middleware and Filters:


You can design action filters or middleware components in ASP.NET Core that need access to the
HTTP context. You can access request-specific data and adjust the request or response pipeline by
using the `HttpContextAccessor` which enables you to inject the current context into your custom
components.

Integration with External Services:


To carry out specific tasks, some third-party services or libraries can need access to the HTTP
context. These external components or services can interact with the current request and response
by utilising the "HttpContextAccessor" to give them the necessary context.

Although the "HttpContextAccessor" offers practical access to the HTTP context, it should only be
used sparingly. By exposing the HTTP context too broadly in your application, you run the risk of
creating security holes or adding dependencies that make it harder to maintain your code. The use
of "HttpContextAccessor" in your application should, therefore, be carefully considered in terms of
its scope and objectives.

Conclusion
The ASP.NET Core Web API's `ttpContextAccessor` gives users access to the current HTTP request
and response context. It enables you to carry out actions based on authentication and authorization,
alter the response, and retrieve information about the request. It is frequently employed for logging,
diagnostics, developing unique middleware, interfacing with outside services, and other purposes. It
should be utilized cautiously, considering security issues, and keeping a clean codebase.

View publication stats

You might also like