Identity Server 4,EF Core在API和IS4之间共享DbContext [英] Identity Server 4, EF Core, share DbContext between API and IS4
问题描述
我正在使用Identity Server 4,Asp Identity,EF Core和一个数据库. 目前我有3个项目
I'm using Identity Server 4, Asp Identity, EF Core and one database. I have 3 projects at the moment
- IdentityServer -包含所有数据上下文以及与我的应用程序表有关的所有迁移
- Api -没有上下文,没有迁移,但是我需要从这里以某种方式访问数据库
- Clinet -javascript
- IdentityServer - Contains all data contexts and all migrations with my app tables
- Api - no context, no migrations however I need to access database somehow from here
- Clinet - javascript
问题: 我如何从IdentityServer项目访问数据上下文,并且仍然将所有设置(数据库连接等)放在一个位置.我知道我可以从API引用IdentityServer并使用数据上下文,但是这似乎不合适.首选的方法是什么?
The question: How do I access data context from IdentityServer project and still have all settings (db connection, etc) in one place. I understand I can reference IdentityServer from API and use data context but it seems not right to me. What is the preferred way to do this ?
推荐答案
由于您对此选项感兴趣,因此我决定将我的评论移至该答案.
Since you are interested in this option, I've decided to move my comments to this answer.
首先,IdentityServer不是您的应用程序表的位置.这些是单独的上下文和单独的迁移.首选方式是保持关注点分离.
First of all, IdentityServer is not the place for your app tables. These are seperate contexts and separate migrations. The preferred way is to maintain the separation of concerns.
正如我在答案的此处所述,不需要登录用户和您的业务上下文之间的关系.而是在业务环境中创建用户.登录用户的目的不同于业务用户.
As I explained in my answer here, you don't need a relation between the login user and your business context. Instead create a user in the business context. The login user has a different purpose than the business user.
我没有适合您的代码,但是您可以从IdentityServer中获取其中一个示例应用程序.调整API以使用您的业务环境.在该上下文中,添加用户表(链接到sub声明)和业务上下文所需的字段.顺便说一句,这些表是否在同一个数据库中并不重要,只是不要混用上下文.
I don't have code for you, but you can take one of the sample apps from IdentityServer. Adjust the API to use your business context. In that context add a user table (which links to the sub claim) and the fields you need for the business context. BTW it doesn't matter if the tables are in the same database, just don't mix the contexts.
在IdentityServer中:如果用户可以注册一个网站,则可以在可用网站的下拉菜单中扩展注册表格.或列表(如果用户可以注册多个网站).
In IdentityServer: if the user may register for one website then you can extend the registration form with a drop-down of available websites. Or a list if the user can register for multiple websites.
现在,它取决于所选择的策略.您可以等待在API中注册用户,但是我认为直接注册用户要容易得多.还有其他选项,但这是IdentityServer配置的一部分(不向IdentityServer添加业务逻辑):
Now it depends on the chosen strategy. You can wait to register the user in the API, but I think it is far more easy to register the user straight away. There are other options, but here's one where it is part of the IdentityServer configuration (without adding business logic to IdentityServer):
扩展IdentityServer以在注册用户后调用API.为此,我将在IdentityServer上下文中添加一个带有URL的表,以每个网站进行注册.创建登录用户后,调用已配置的API来注册业务用户.
Extend IdentityServer to call the API after registering the user. For this I would add a table in the IdentityServer context with URLs to register per website. When the login user is created, call the configured API(s) to register the business user.
在API中,您需要添加IdentityServer可以调用以创建用户的方法,该方法链接到sub声明并包括所需的用户信息.这样,您就可以使用sub声明来确定登录用户并将其链接到业务用户.
In the API you need to add the method that IdentityServer can call to create the user, linked to the sub claim and including the required user information. This way you can suffice with the sub claim to identify the login user and link this to the business user.
您可以对客户端应用程序使用类似的策略.使用API方法扩展IdentityServer,以允许客户端应用注册用户.
You can use a similar strategy for client apps. Extend IdentityServer with an API method to allow client apps to register users.
如果要撤消访问权限,则可以删除登录用户,而不必删除业务用户.如果您不想破坏历史信息,则不需要.您还可以使用声明来指定用户是否有权访问网站,而不必删除登录用户.
If you want to withdraw access, you can delete the login user without having to delete the business user. Which you don't want if you don't want to destroy historical information. You can also use claims to specify if the user has access to the website without having to delete the login user.
这篇关于Identity Server 4,EF Core在API和IS4之间共享DbContext的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
