How to intercept HTTP request? asp.net core, IHTTPModule, middleware

Asp.net core is a brand new, open source and cross platform framework for building modern internet applications. Unlike its predecessor Asp.net core is lightweight, robust, fast (Kestrel Web server), and cloud ready.

Asp.net core is designed to integrate seamlessly with varieties of client side frameworks like AngularJS, ReactJS, KnockoutJS …

Modern internet applications communication language is HTTP. So you will came across many scenarios to intercept client’s HTTP request and process it. I will explain a real scenario, “As part of application authentication, you have to make sure user\company employee must be logged into their corporate network/global login before accessing application.”

In Asp.net core Middleware’s replaced IHTTPModule and IHTTPHandler.  Middleware is an application pipeline to handle request and response .

I will quickly walk through you the code snippets:

a 

         First create two class as below

using Microsoft.AspNetCore.Builder;

using Microsoft.AspNetCore.Http;

using System;

using System.Collections.Generic;

using System.Linq;

using System.Threading.Tasks;

namespace WebApplication5.Middleware

{

    public class CustomMiddleware

    {

        private readonly RequestDelegate _next;

        public CustomMiddleware(RequestDelegate next)

        {

            _next = next;

        }

        public async Task Invoke(HttpContext context)

        {

         

            string companyAuthCookie = ApiHelper.GetConfigValue("companyAuthCookie");

            bool securityEnabled = bool.Parse(ApiHelper.GetConfigValue("SecurityEnabled"));

            if (securityEnabled)

            {

                var header = context.Request.Headers;

                var cookies = context.Request.Cookies;

                if (cookies.ContainsKey(companyAuthCookie))

                {

                    //allow other middle to process http request

                    await _next.Invoke(context);

                }

                else

                {

                    //short circuit or terminate http process request because user haven't logged in

                    context.Response.Redirect(ApiHelper.GetConfigValue("RedirectUrl"));

                }

            }

            else

            {

                await _next.Invoke(context);

            }

        }

    }

    public static class CustomMiddlewareExtensions

    {

        public static IApplicationBuilder UseCSPMiddleware(this IApplicationBuilder builder)

        {

            return builder.UseMiddleware<CustomMiddleware>();

        }

    }

}

Then goto Startup class (Startup.cs)

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)

        {

            loggerFactory.AddConsole(Configuration.GetSection("Logging"));

            loggerFactory.AddDebug();

               //in asp.net core order is important. Make sure you call it in early stage

            app.UseCSPMiddleware();

            app.UseMvc();

        }

That’s it, you have created code to intercept http request and process it inside asp.net core.

Reference: 

https://docs.microsoft.com/en-us/aspnet/core/fundamentals/middleware

https://docs.microsoft.com/en-us/aspnet/core/fundamentals/startup