业务逻辑层-获取当前用户 [英] Business Logic Layer - Getting the Current User

问题描述

我有一个业务逻辑层和两个使用它的应用程序，一个MVC UI和一个Web API项目.

I have a business logic layer and 2 applications which use this, a MVC UI and a Web API project.

我类的属性之一是CreatedBy和UpdatedBy，它们应该包含用户ID.

One of the properties on my classes is CreatedBy and UpdatedBy, which should hold the userid.

    public Nullable<System.DateTime> CreatedTS { get; set; }
    public string CreatedBy { get; set; }
    public Nullable<System.DateTime> UpdatedTS { get; set; }
    public string UpdatedBy { get; set; }

鉴于BLL有多个使用者，捕获用户ID的最佳方法是什么?

Given there are multiple consumers of the BLL what is the best way to capture the userId?

A)-使用Environment.UserName在BLL中设置它吗?

A) - Set this within the BLL using Environment.UserName?

B)-要求客户进行设置并使用模型数据注释将其设置为必需

B) - Ask the client to set it and use model data annotation to make this Required

C)-要求客户端将其传递给BLL中的任何Create或Update方法.

C) - Ask the client to pass this into any Create or Update methods in the BLL.

推荐答案

如果同时在MVC和WebApi中使用FormsAuthentication，则可以访问属性User.Identity.Name.

If you're using FormsAuthentication in both MVC and WebApi, you can access properties User.Identity.Name.

int userId = db.Users.Single(r=>r.Name == User.Identity.Name);

在WebApi中，它将为HttpContext.Current.User.Identity.Name

In WebApi it will be HttpContext.Current.User.Identity.Name

这种方法非常安全.如果您将userId存储在客户端，则用户将可以对其进行修改.

This approach is quite secure. If you store userId on client-side, user will be able to modify it.

这篇关于业务逻辑层-获取当前用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！