Allow Anonymous

The AllowAnonymous attribute can be used on controller/method level. When applied the method can be called without a IPrincipal set on the ConnectionContext.

In the sample below we have the Authorize attribute on controller level. That will require a IPrincipal on the ConnectionContext to call any method on the controller. However, we also added the AllowAnonymous attribute on one method. That method can now be called without authentication.

using XSockets.Core.XSocket;
using XSockets.Core.XSocket.Helpers;
using XSockets.Core.Common.Socket.Attributes;
using XSockets.Plugin.Framework;
using System.Threading.Tasks;
using XSockets.Core.Common.Utility.Logging;
using XSockets.Core.Common.Socket.Event.Interface;

[Authorize]
public class Sample : XSocketController
{    
    public async Task Secure(IMessage m)
    {
        await this.InvokeToAll(m);
    }

    [AllowAnonymous]
    public async Task UnSecure(IMessage m)
    {
        await this.InvokeToAll(m);
    }

    public override Task<bool> OnAuthorization(IAuthorizeAttribute authorizeAttribute)
    {
        Composable.GetExport<IXLogger>().Information("OnAuthorization: {@a}", authorizeAttribute);
        return base.OnAuthorization(authorizeAttribute);
    }

    public override Task OnAuthorizationFailure(string methodName)
    {
        Composable.GetExport<IXLogger>().Information("OnAuthorizationFailure: {m}", methodName);
        return base.OnAuthorizationFailure(methodName);
    }
}