业务逻辑层-获取当前用户 [英] Business Logic Layer - Getting the Current User
问题描述
我有一个业务逻辑层和两个使用它的应用程序,一个MVC UI和一个Web API项目.
I have a business logic layer and 2 applications which use this, a MVC UI and a Web API project.
我类的属性之一是CreatedBy和UpdatedBy,它们应该包含用户ID.
One of the properties on my classes is CreatedBy and UpdatedBy, which should hold the userid.
public Nullable<System.DateTime> CreatedTS { get; set; }
public string CreatedBy { get; set; }
public Nullable<System.DateTime> UpdatedTS { get; set; }
public string UpdatedBy { get; set; }
鉴于BLL有多个使用者,捕获用户ID的最佳方法是什么?
Given there are multiple consumers of the BLL what is the best way to capture the userId?
A)-使用Environment.UserName
在BLL中设置它吗?
A) - Set this within the BLL using Environment.UserName
?
B)-要求客户进行设置并使用模型数据注释将其设置为必需
B) - Ask the client to set it and use model data annotation to make this Required
C)-要求客户端将其传递给BLL中的任何Create或Update方法.
C) - Ask the client to pass this into any Create or Update methods in the BLL.
推荐答案
如果同时在MVC和WebApi中使用FormsAuthentication,则可以访问属性User.Identity.Name
.
If you're using FormsAuthentication in both MVC and WebApi, you can access properties User.Identity.Name
.
int userId = db.Users.Single(r=>r.Name == User.Identity.Name);
在WebApi中,它将为HttpContext.Current.User.Identity.Name
In WebApi it will be HttpContext.Current.User.Identity.Name
这种方法非常安全.如果您将userId
存储在客户端,则用户将可以对其进行修改.
This approach is quite secure. If you store userId
on client-side, user will be able to modify it.
这篇关于业务逻辑层-获取当前用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!