Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Filter attributes

mythz edited this page · 16 revisions

  1. Getting Started

    1. Creating your first project
      1. Create Service from scratch
    2. Your first webservice explained
    3. ServiceStack's new API Design
    4. Designing a REST-ful service with ServiceStack
    5. Example Projects Overview
    6. Learning Resources
  2. Reference

    1. Order of Operations
    2. The IoC container
    3. Configuration and AppSettings
    4. Metadata page
    5. Rest, SOAP & default endpoints
    6. SOAP support
    7. Routing
    8. Service return types
    9. Customize HTTP Responses
    10. Plugins
    11. Validation
    12. Error Handling
    13. Security
    14. Debugging
    15. JavaScript Client Library (ss-utils.js)
  3. Clients

    1. Overview
    2. C#/.NET client
    3. Add ServiceStack Reference
      1. C# Add Reference
      2. F# Add Reference
      3. VB.NET Add Reference
      4. Swift Add Reference
      5. Java Add Reference
    4. Silverlight client
    5. JavaScript client
      1. Add TypeScript Reference
    6. Dart Client
    7. MQ Clients
  4. Formats

    1. Overview
    2. JSON/JSV and XML
    3. ServiceStack's new HTML5 Report Format
    4. ServiceStack's new CSV Format
    5. MessagePack Format
    6. ProtoBuf Format
  5. View Engines

    1. Razor & Markdown Razor
    2. Markdown Razor
  6. Hosts

    1. IIS
    2. Self-hosting
    3. Messaging
    4. Mono
  7. Security

    1. Authentication/authorization
    2. Sessions
    3. Restricting Services
  8. Advanced

    1. Configuration options
    2. Access HTTP specific features in services
    3. Logging
    4. Serialization/deserialization
    5. Request/response filters
    6. Filter attributes
    7. Concurrency Model
    8. Built-in caching options
    9. Built-in profiling
    10. Form Hijacking Prevention
    11. Auto-Mapping
    12. HTTP Utils
    13. Virtual File System
    14. Config API
    15. Physical Project Structure
    16. Modularizing Services
    17. ServiceStack Integration
    18. Embedded Native Desktop Apps
    19. Auto Batched Requests
  9. Server Events

    1. Overview
    2. JavaScript Client
    3. C# Server Events Client
    4. Redis Server Events
  10. Plugins

    1. Auto Query
    2. Server Sent Events
    3. Swagger API
    4. Postman
    5. Request logger
    6. Sitemaps
  11. Tests

    1. Testing
    2. HowTo write unit/integration tests
  12. ServiceStackVS

    1. Install ServiceStackVS
    2. Add ServiceStack Reference
    3. AngularJS App Template
    4. ReactJS App Template
  13. Other Languages

    1. FSharp
      1. Add ServiceStack Reference
    2. VB.NET
      1. Add ServiceStack Reference
    3. Swift
      1. Swift Add Reference
  14. Deployment

    1. Deploy Multiple Sites to single AWS Instance
      1. Simple Deployments to AWS with WebDeploy
    2. Advanced Deployments with OctopusDeploy
  15. Install 3rd Party Products

    1. Redis on Windows
    2. RabbitMQ on Windows
  16. Use Cases

    1. Single Page Apps
      1. HTML, CSS and JS Minifiers
    2. Azure
      1. Connecting to Azure Redis via SSL
    3. Logging
    4. Bundling and Minification
    5. NHibernate
  17. Performance

    1. Real world performance
  18. How To

    1. Sending stream to ServiceStack
    2. Setting UserAgent in ServiceStack JsonServiceClient
    3. ServiceStack adding to allowed file extensions
    4. Default web service page how to
  19. Future

    1. Roadmap
Clone this wiki locally

ServiceStack also contains interfaces for attributes which can be executed before and after a request like request/response filters. The filter attributes make a great job when the services get bloated more and more, because you can put the new functionality probably into a filter attribute and as result the services stay clean. You can also reuse your custom filter attributes, which is another great advantage, because there would be no duplicate code in the service implementations.

For example, ServiceStack internally uses filter attributes for Authenticate and RequiredPermission to mark that the specific service needs authentication or a specific permission (see Authentication and authorization).

There are two interfaces which you have to implement in your custom attribute:

If you implement this interface, the method RequestFilter will be executed before the service gets called.

public interface IHasRequestFilter 
{
    void RequestFilter(IHttpRequest req, IHttpResponse res, object requestDto);
    int Priority { get; }      // <0 Run before global filters. >=0 Run after
    IHasRequestFilter Copy();  // Optimization: fast creation of new instances
}

If you implement this interface, the method ResponseFilter will be executed after the service was called.

public interface IHasResponseFilter 
{
    void ResponseFilter(IHttpRequest req, IHttpResponse res, object responseDto);
    int Priority { get; }      // <0 Run before global filters. >=0 Run after
    IHasResponseFilter Copy();  // Optimization: fast creation of new instances
}

It's recommended that you create separate attributes for each interface, but of course you can implement both interfaces in one attribute, too.

public class CustomRequestFilterAttribute : RequestFilterAttribute 
{
    public void RequestFilter(IHttpRequest req, IHttpResponse res, object requestDto)
    {
        //This code is executed before the service
        string userAgent = req.UserAgent;
        StatisticManager.SaveUserAgent(userAgent);
    }
}
public class CustomResponseFilterAttribute : ResponseFilterAttribute 
{
    public void ResponseFilter(IHttpRequest req, IHttpResponse res, object responseDto)
    {
        //This code is executed after the service
        res.AddHeader("Cache-Control", "max-age=3600");
    }
}

As you can see, you can access the IHttpRequest, IHttpResponse and the request/response DTO. So you can change the DTO, the http response (eg status code) or look for a specific header in the http request. You can also attach any data to this request via the IHttpRequest.Items dictionary that all subsequent filters and services can access.


These two attributes have to be added to a request/response DTO or to the service implementation to enable them.

//Request DTO
[Route("/aspect")]
[CustomRequestFilter]
public class User
{
    public string Name { get; set; }
    public string Company { get; set; }
    public int Age { get; set; }
    public int Count { get; set; }
}

//Response DTO
[CustomResponseFilter]
public class UserResponse : IHasResponseStatus
{
    public string Car { get; set; }
    public ResponseStatus ResponseStatus { get; set; }
}

...or if you don't want the code-first DTOs messed with attributes:

[CustomRequestFilter]
[CustomResponseFilter]
public class AspectService : Service
{
    public object Get(Aspect request)
    {
        ...
    }
}

That's all, now ServiceStack recognizes the attributes and executes them on every call!


For filter attributes auto-wiring is also supported (like in services and validators):

public class CustomRequestFilterAttribute : RequestFilterAttribute
{
    //This property will be resolved by the IoC container
    public ICacheClient Cache { get; set; }

    public void RequestFilter(IHttpRequest req, IHttpResponse res, object requestDto)
    {
        //Access the property 'Cache' here

        //This code is executed before the service
        string userAgent = req.UserAgent;
        StatisticManager.SaveUserAgent(userAgent);
    }
}

In this case the property Cache will be tried to be resolved by the IoC container.


ServiceStack also has two base classes, which implement the above interfaces, which make it easier to create contextual filters. Contextual filters are only executed on specific HTTP verbs (GET, POST...).

public class StatisticFilterAttribute : RequestFilterAttribute
{
    //This property will be resolved by the IoC container
    public ICacheClient Cache { get; set; }

    public StatisticFilterAttribute() {}

    public StatisticFilterAttribute(ApplyTo applyTo)
        : base(applyTo) {}

    public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
    {
        //This code is executed before the service
        string userAgent = req.UserAgent;
        StatisticManager.SaveUserAgent(userAgent);
    }
}

The base class RequestFilterAttribute has an empty constructor and a constructor which takes the ApplyTo flag. If the empty constructor is called, the method Execute will be called on every HTTP verb (ApplyTo.All), with the other constructor it will be called only on the configured HTTP verbs (eg ApplyTo.Get | ApplyTo.Post).

So you can use the attribute on your request DTO/service like that:

//Filter will be executed on every request
[StatisticFilter]
...

//Filter will be executed only on GET and POST requests
[StatisticFilter(ApplyTo.Get | ApplyTo.Post)]
...

For response filters, there's the base class ResponseFilterAttribute which works the same as RequestFilterAttribute.

Something went wrong with that request. Please try again.