You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe your use case.
Currently when a parameter is defined for injection, the injection happens before anything else. This makes it hard for usecases such as ratelimiting or authentication middlewares, as these are executed after the injection. In cases where handlers should be ratelimited to reduce load (on a database, for example) this makes ratelimiting useless, as the database is always hit before the user has a chance to stop the request. Another usecase would be checking for a valid authentication before injecting any parameters.
Describe the solution you'd like
A few possibilities considered:
Ability to determine signal at which parameters are injected (new signals?)
Add a configuration value to determine whether injection should happen automatically or not (+@no_auto_inject and @inject decorators to determine where injection should occur)
Some other solution that you (the reader) can come up with? 🙃
Additional context
N/A
The text was updated successfully, but these errors were encountered:
I think option 1 makes the most sense. We would need to add a new signal to the core handle_request, but that should be doable. Then the API for this would be something like this:
defadd_injection(
app: Sanic,
injection_registry: InjectionRegistry,
signal: Event.HTTP_ROUTING_AFTER, # << This being a new argument
) ->None:
...
add_injection(..., Event.HTTP_LIFECYCLE_RUN_HANDLER) # or some better named event
Is your feature request related to a problem? Please describe your use case.
Currently when a parameter is defined for injection, the injection happens before anything else. This makes it hard for usecases such as ratelimiting or authentication middlewares, as these are executed after the injection. In cases where handlers should be ratelimited to reduce load (on a database, for example) this makes ratelimiting useless, as the database is always hit before the user has a chance to stop the request. Another usecase would be checking for a valid authentication before injecting any parameters.
Describe the solution you'd like
A few possibilities considered:
@no_auto_inject
and@inject
decorators to determine where injection should occur)Additional context
N/A
The text was updated successfully, but these errors were encountered: