正确的方式来注入认证的用户我的仓库类 [英] Proper way to dependency inject authenticated user to my repository class
问题描述
我使用与存储库模式服务层。该控制器具有服务层上的相关性,而业务层对资源库的依赖。
我在用户信息进行授权库层通过记录,并正在试图确定最佳方法用于注入用户信息到考虑到我似乎有一个广泛的注射链库:
控制器 - >服务(S) - GT;库 - >登录的用户信息。
我想简单的方法是将用户信息传递给被调用的服务方法(即 FindById(INT PrimaryKey的,用户的currentUser)等)
但这似乎非常有限和有问题的道路,而不是注入的用户信息。
什么是推荐的方法解决这个问题?
我有点困惑的人在文章中如何似乎是贯彻ICurrentUserFetcher。我认为这是将提供额外的属性是不能从IIdentity的,但文章并没有使这个很清楚。
类GenericRepository< T>:&IRepository LT; T> {
私人只读ICurrentUserFetcher currentUserFetcher;
公共GenericRepository< T>(Func键<&IIdentity的GT; currentUserFetcher){
this.currentUserFetcher = currentUserFetcher;
}
公共无效更新(T实体){
变种的currentUser = currentUserFetcher();
...
}
}
VAR回购=新GenericRepository<&人GT;(()=> HttpContext.Current.User.Identity);
分配用户信息登录后,现任校长。谷歌关于的IPrincipal 和的IIdentity 。这两个类是内置的方式.NET来处理当前登录用户。
要访问用户只需使用 Thread.CurrentPrincipal.Identity 。我不过不会使用该属性在仓库中,但只能在服务类。之所以THA这个资源库不应该负责,说明哪条用户获取信息的。
要指定用户在每次请求你在Global.asax中使用PostAuthenticate事件。
I am using a service layer with repository pattern. The controller has a dependency on the service layer, and the service layer has a dependency on the repository.
I have to pass logged in user information to the repository layer for authorization purposes and am trying to determine the best approach for injecting the user information into the repository considering that I seem to have an extensive injection chain:
controller -> service(s) -> repositories -> logged in user info.
I guess the easy approach would be to pass the user information to the service methods that get called(i.e. FindById(int primaryKey, User currentUser), etc.)
But this seems very limiting and problematic down the road as opposed to injecting the User information.
What is the recommended approach to this problem?
I am a little confused about how the person in the article seems to be implementing the ICurrentUserFetcher. I assume that is would provide the extra properties that are not available from the IIdentity, but the article does not make this very clear.
class GenericRepository<T>: IRepository<T> {
private readonly ICurrentUserFetcher currentUserFetcher;
public GenericRepository<T>(Func<IIdentity> currentUserFetcher) {
this.currentUserFetcher = currentUserFetcher;
}
public void Update(T entity) {
var currentUser = currentUserFetcher();
...
}
}
var repo = new GenericRepository<Person>(() => HttpContext.Current.User.Identity);
Assign the user information to the current principal after the login. Google about IPrincipal and IIdentity. Those two classes are the built in way in .NET to handle the currently logged in user.
To access the user simply use Thread.CurrentPrincipal.Identity. I would however not use that property in the repository, but only in the service class. The reason to tha this that the repository should not be in charge of telling which user to fetch information for.
To assign the user on every request you have to use the PostAuthenticate event in global.asax.
这篇关于正确的方式来注入认证的用户我的仓库类的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
