Hello, I think that mounting rack middleware at the action level was possible in Hanami 1.3. I wanted to leverage this way of doing so to make some nice integration with rodauth.
Hanami mounts a thin default middleware stack. Additional middleware can be mounted either at application level, in the router, or for an individual action.
But there’s no example how to do it. I tried with use, config.middleware.use but none of the methods were found in hanami action class or action config.
TLDR which should be on the top, probably: so is it steel possible? If so, how? If not: is it planned to support mounting middleware at the action level?
you can try implementing a middleware - on lines of those action-specific middlewares - and maybe that can help you achieve your goal.
I would suggest to see how hanami/hanami/blob/7f957dc44b823a976af5ff74797e2ae6fdf8be69/lib/hanami/middleware/content_security_policy_nonce.rb is implemented and how it is included in the middleware stack when content_security_policy is found enabled for actions (see below)
Please note that this content-security-policy specific options support is only available on main branch code. They are not part of the latest release version 2.2.1.
Thanks, of course mounting on the router level works and we can scope there.
I rather want to confront what the docs say with the reality
So my question is if there are any plans to support mounting inside the actions via any public API or if the docs are misleading a bit, and mounting for individual actions is only possible by scoping in routing.
In this case, it’s our documentation that’s not correct. In Hanami Controller 2.x, we do not provide the ability to mount Rack middleware directly inside actions.
I suspect this mention in the docs was an overlooked carry-over from their 1.x versions. I’ll fix that now.
To help with deciding whether to reintroduce this feature, I’m interested to hear what use case(s) you had in mind for it. Feel free to share whenever you have the time Thanks!
I was just trying to sketch hanami 2 + rodauth, and wanted to use rodauth middleware feature.
Given that, it thought it would be nicer to mount rodauth app in the action and have it there, rather than leverage routing.
It would be then just a kind of „before hook” but on the middleware level, and I wouldn’t have to check the routing to know whether the action is protected with auth or not.
But maybe you already have better recipes for hanami 2 & rodauth?
I am using rodauth with Hanami 2.2 and it works great:
# frozen_string_literal: true
module InhouseGate
class Routes < Hanami::Routes
slice :auth, at: "/auth" do
use Auth::RodauthApp
get "/realms/:realm/userinfo", to: "realms.userinfo"
end
end
end
Never thought about integrating it into the action level.