Answer the question
In order to leave comments, you need to log in
What is the name of this architectural decision/pattern?
Good day.
Preface:
For example, you need to implement a REST Api. When it comes to security (authorization, authentication), as a solution, the client sends the necessary information to the server, usually some kind of auth token. The server has a function that checks the received token, compares it with the user in the database, gets the user's roles and returns the result of the execution of the called method, or returns an error if the user does not have privileges (roles) to call this method.
Question:
It turns out that, according to the DRY principle, you should not call such a check in each service method, but take it to a lower level, before executing the method called by the user. What is the name of this pattern?
ps I'll ask another close question regarding practice. Given: .NET/ASMX. I think to implement the above with the help of a custom attribute that will be added to each WebMethod. In this custom attribute, the auth token will be checked, the privileges (the availability of the called web method) will be checked. Or is there a more elegant solution? (WCF do not offer)
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question