Can I start the MVC Mini Profiler in the PostAuthorizeRequest method?_问答_开发者

Can I start the MVC Mini Profiler in the PostAuthorizeRequest method?

开发者 https://www.devze.com 2023-04-01 09:42 出处：网络

I\'m using the MVC Mini Profiler and I\'m only showing the profiler for authenticated users who are in the \"Profiler\" role. The example shipping in MiniProfiler.cs was using the AuthenticateReques开

I'm using the MVC Mini Profiler and I'm only showing the profiler for authenticated users who are in the "Profiler" role. The example shipping in MiniProfiler.cs was using the AuthenticateReques开发者_运维问答t method to determine if it should stop profiling, but I switched mine to use the PostAuthorizeRequest (after reading this question) so that I could get access to the IPrincipal and IsInRole method. Can I just start the profiler in the PostAuthorizeRequest method, or should I continue to Stop and discard the results in the PostAuthorizeRequest? What is the overhead to starting and stopping the profiler for every request?

Current Code:

public void Init(HttpApplication context)
{
    context.BeginRequest += (sender, e) =>
    {
        MiniProfiler.Start();
    };

    context.PostAuthorizeRequest += (sender, e) =>
    {
        var user = ((HttpApplication)sender).Context.User;

        if (user == null || !user.Identity.IsAuthenticated || !user.IsInRole("Profiler"))
        {
            MvcMiniProfiler.MiniProfiler.Stop(discardResults: true);
        }
    };

    context.EndRequest += (sender, e) =>
    {
        MiniProfiler.Stop();
    };
}

Proposed Code:

public void Init(HttpApplication context)
{
    context.PostAuthorizeRequest += (sender, e) =>
    {
        var user = ((HttpApplication)sender).Context.User;

        if (user != null && user.Identity.IsAuthenticated && user.IsInRole("Profiler"))
        {
            MiniProfiler.Start();
        }
    };

    context.EndRequest += (sender, e) =>
    {
        MiniProfiler.Stop();
    };
}

You can abandon your profiling results at any time using the call:

MiniProfiler.Stop(discardResults: true);

At StackOverflow our "high performance" pattern is:

Write a "secretish" cookie for all authorized authenticated users.
If you find the cookie in Application_BeginRequest - MiniProfiler.Start();
After PostAuthorizeRequest:


if (MiniProfiler.Current != null && !userReallyAuthenticated) 
    MiniProfiler.Stop(discardResults: true);

Your goal is always to start profiling as early as possible, and stop profiling as late as possible. If you only start in the middle of the pipeline, portions of the pipeline where bottlenecks may reside will not be profiled.

I think starting the profiler as early as possible is important (otherwise you could be missing some key information, such as if the authentication process it self takes a while, or if some HTTP module has issues).

Since the BeginRequest event occurs prior to anything else occurring with the request, this makes it the ideal place to begin profiling, then decide if you want to keep the profiled data at a later step (PostAuthorize, in your case).