Hi Adam,

You could have a loot at our Permissions layer [1]. It can be used for
all kinds of checks, not only those specific to authentication. I
think we should generalize the concept in a future version of BaseX
and introduce additional post-hooks.

Hope this helps?
Christian

[1] https://docs.basex.org/wiki/Permissions



On Mon, Jan 18, 2021 at 3:19 AM Adam Law <adamjameslaw@gmail.com> wrote:
>
> Golang has great middleware functionality for endpoints that allows a person to readily secure all of them.  I was wondering there would be anyway doing similar in BaseX for restxq & websockets.  For example by requiring all requests to have a particular query parameter (very basic example). ... to protect say against browser / javascript port scanning.
>
> Eg https://stackoverflow.com/questions/26204485/gorilla-mux-custom-middleware and check that request contains a particular parameter (very basic security)
>
> It seems that I have to secure each endpoint individually.
>
> Adam