On Global.asax.cs:
Method Application_Start
protected void Application_Start()
{
MiniProfiler.Settings.Results_Authorize = IsUserAuthorized; //We'll create this method soon
MiniProfiler.Settings.Results_List_Authorize = IsUserAuthorized;
/*whatever you already do in Application_Start method, like Bundles, Register Filters...*/
}
Then start the MiniProfiler in Application_BeginRequest method, like this:
protected void Application_BeginRequest()
{
MiniProfiler.Start();
}
Stop MiniProfiler at Application_EndRequest method:
protected void Application_EndRequest()
{
MiniProfiler.Stop();
}
Now, here is the trick: the IsUserAuthorized method
private Boolean IsUserAuthorized(System.Web.HttpRequest request)
{
return true; //this will allow you (and everyone on your application) access the MiniProfiler UI and the Results.
/*
//If you want to allow only certain people can see the MiniProfiler (or see the results directly), just do a validation, that returns true or false
//for example, check if a cookie exists and it's value is a string 1, then allow the access or not:
var cookie = request.Cookies["IsUserAllowedToSeeMiniProfiler"];
return cookie != null && cookie.Value == "1";
//You could do a database check, a Cookie check, a remote host (user IP) check, user agent check...or whatever in HttpRequest class.
//Remember that results live in http://yourapplication/mini-profiler-results/results, and in web.config, the path mini-profiler-results has a custom Handler setted, so Sessions won't be accessible and if you check for a session value here, the last requests (the requests for MiniProfiler's .js files and results) will always return false and Mini Profiler will never show up. You probably can expose your session to the MiniProfiler's handler, but I don't know how.
*/
}