Title: Add authorization pipeline behaviors for command/query access control
Labels: enhancement, mediator, new-package
Body:
Problem
CQRS architectures commonly need authorization checks before handler execution. Currently, consumers must implement this themselves as a custom pipeline behavior or embed authorization logic in each handler.
Proposed Solution
Create a Cortex.Mediator.Behaviors.Authorization package:
IAuthorizationRequirement<TRequest> interface that handlers implement to define requirementsAuthorizationCommandBehavior<TCommand, TResult> -- resolves and checks all IAuthorizationRequirement<TCommand> before executionAuthorizationQueryBehavior<TQuery, TResult> -- same for queries- Integration with
Microsoft.AspNetCore.Authorization.IAuthorizationService for policy-based auth
UnauthorizedException thrown when authorization fails
public class CreateOrderAuthorizationRequirement : IAuthorizationRequirement<CreateOrderCommand>
{
public Task<AuthorizationResult> CheckAsync(
CreateOrderCommand command,
IServiceProvider services,
CancellationToken cancellationToken)
{
// Check if current user can create orders
}
}
Title: Add authorization pipeline behaviors for command/query access control
Labels:
enhancement,mediator,new-packageBody:
Problem
CQRS architectures commonly need authorization checks before handler execution. Currently, consumers must implement this themselves as a custom pipeline behavior or embed authorization logic in each handler.
Proposed Solution
Create a
Cortex.Mediator.Behaviors.Authorizationpackage:IAuthorizationRequirement<TRequest>interface that handlers implement to define requirementsAuthorizationCommandBehavior<TCommand, TResult>-- resolves and checks allIAuthorizationRequirement<TCommand>before executionAuthorizationQueryBehavior<TQuery, TResult>-- same for queriesMicrosoft.AspNetCore.Authorization.IAuthorizationServicefor policy-based authUnauthorizedExceptionthrown when authorization fails