Current User¶

Technical introduction¶

In order to properly design the requests and operations available on the suite, the concept of a Current User needs to be introduced. In the context of this feature we can identify 3 layers, the Backend for Frontend layer, the Application Services layer and the Microservices layer.

Overview¶

Initial status

The Backend for Frontend layer¶

At this level the current user is identified using the standard mechanisms provided by OpenID Connect and its corresponding implementation over Asp.Net. Usually the Backend for Frontend will forward the request to the corresponding Application Service, when doing so it will automatically populate the X-ITS-SUITE-USER header with the ID of the logged in user. This header will then be used by the Application Services to identify the current user.

Important

Notice how we are using a custom header to send the current user ID down the line, this is intentional as we do not want Application Services to be aware of the Oauth Tokens, or any other implementation specific details regarding authentication.

The Application Services Layer¶

At this level, the current user ID, if present, is received through the HTTP request on the X-ITS-SUITE-USER header, and it can be read from the HttpContext provided by Asp.Net. That being said, for most use cases accessing the header directly should not be necessary, as the MvcModule provides a mechanism to read the current user ID using the ISuiteContext. The current user ID obtained can then be use to set the corresponding values when publishing messages, for example a CreatedBy field on a CreatePosition message.

Important

As mentioned, for most use cases accessing the HTTP Header directly should not be necessary, as the current user ID can be accessed through the SuiteContext as explained here.

The Microservices layer¶

At this level there is no specific mechanism for getting the current user ID. This is intentional, as we want the messages to be self contained and also we want them to use an explicit semantic. This means that if we want to send the user ID of the user that created an entity, this information has to be explicitly set on the message. Continuing with the example on the previous section, the Positions Microservice would receive the ID of the user on the CreatedBy field of the CreatePosition message.

Getting the Current User ID from the Suite Context¶

The ISuiteContext allows us to share contextual information on a service. The MvcModule takes advantage of this to provide a handy way of accessing the current user ID through the extension method GetCurrentUserId. This is intended to be use on Application Services to properly compose and publish the messages that require the ID of the logged in user.

C#
    if (suiteContext.GetCurrentUserId() is Guid userCorrelationId)
    {
        this.publishEndpoint.Publish<CreatePosition>(new {
            CreatedBy = userCorrelationId,
            // ...
        });
    }
    else
    {
        throw new InvalidOperationException("...");
    }