如何处理System.InvalidOperationException在实体框架? [英] How to handle System.InvalidOperationException in entity framework?
问题描述
我是新来asp.net的Web API。我已经提出,应该验证前端发送数据的用户的功能,然后我搜索的数据库中的数据。但是,当帐户中没有找到我一直有一个例外,我应该如何处理这个异常发送到前端信息
还我应该返回什么,如果语句不是真正的为空剂量不工作的时候第一个。
公开的UserData ByPassword(EMAILADDRESS字符串,字符串密码)
{
如果(EMAILADDRESS = NULL&放大器;!&放大器;密码!= NULL)
{
帐户帐户= db.Accounts.Where(ACC => acc.AccMail == EMAILADDRESS和放大器;&安培; acc.AccPassword == password.ToLower())单()。
字符串标记= OurAuthorizationAttribute.CreateTicket(account.AccID,FALSE);
数据的UserData =新的UserData();
data.Id = account.AccID;
data.Token =记号。
返回的数据; }
她我也有加试和catch块,但仍是同样的问题。
公开的UserData ByPassword(EMAILADDRESS字符串,字符串密码)
{
如果(EMAILADDRESS = NULL&放大器;!&放大器;密码!= NULL)
{
尝试
{
帐户帐户= db.Accounts.Where(ACC => acc.AccMail == EMAILADDRESS和放大器;&安培; acc.AccPassword == password.ToLower())单()。
字符串标记= OurAuthorizationAttribute.CreateTicket(account.AccID,FALSE);
数据的UserData =新的UserData();
data.Id = account.AccID;
data.Token =记号。
返回的数据;
}
抓住
{
抛出新OurException(OurExceptionType.InvalidCredentials);
}
}
抛出新OurException(OurExceptionType.InvalidCredentials);
}
System.InvalidOperationException 表示编程错误。您可以通过固定的code处理。
在这种特殊情况下的错误是在这条线:
帐户的帐户= db.Accounts.Where(ACC => acc.AccMail == EMAILADDRESS和放大器;&安培; acc.AccPassword == password.ToLower())。单() ;
您code做一个假设,即帐户的必须的包含任何记录 {EMAILADDRESS,密码} 对,这是不正确的。更换单与的SingleOrDefault 将异常消失。当然,你需要为null检查的结果,看是否记录在那里或没有。
下面是你可以改变你的code:
公开的UserData ByPassword(EMAILADDRESS字符串,字符串密码){
//空检查您的参数检测的上游code编程错误
如果(EMAILADDRESS == NULL)抛出新的ArgumentNullException(EMAILADDRESS);
如果(密码== NULL)抛出新的ArgumentNullException(密码);
//现在你的参数是消毒,解决单()调用
帐户帐户= db.Accounts.Where(ACC => acc.AccMail == EMAILADDRESS和放大器;&安培; acc.AccPassword == password.ToLower())。的SingleOrDefault();
//缺少凭据不是一个编程错误 - 在这里把你的具体情况除外:
如果(帐户== NULL){
抛出新OurException(OurExceptionType.InvalidCredentials);
}
字符串标记= OurAuthorizationAttribute.CreateTicket(account.AccID,FALSE);
数据的UserData =新的UserData();
data.Id = account.AccID;
data.Token =记号。
返回的数据;
}
注意:尽管上述变化将修复编码错误,不会解决明文存储密码的主要设计缺陷。请参见一个深入讨论这个问题在数据库中存储的密码。
I am new to asp.net web API. i have made a functions that should validate the user the front end sends data and then i search for data in database. But when the account is not found i always got a exception how should i handle that exception to send to the front end information also what should i return when the first if statement is not true as null dose not work.
public UserData ByPassword(string emailAddress, string password)
{
if (emailAddress != null && password != null)
{
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).Single();
string token = OurAuthorizationAttribute.CreateTicket(account.AccID, false);
UserData data = new UserData();
data.Id = account.AccID;
data.Token = token;
return data;
}
her also i have add try and catch block but still the same issue.
public UserData ByPassword(string emailAddress, string password)
{
if (emailAddress != null && password != null)
{
try
{
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).Single();
string token = OurAuthorizationAttribute.CreateTicket(account.AccID, false);
UserData data = new UserData();
data.Id = account.AccID;
data.Token = token;
return data;
}
catch
{
throw new OurException(OurExceptionType.InvalidCredentials);
}
}
throw new OurException(OurExceptionType.InvalidCredentials);
}
System.InvalidOperationException indicates a programming error. You handle it by fixing your code.
In this particular case the error is on this line:
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).Single();
Your code makes an assumption that Accounts must contain a record for any {emailAddress, password} pair, which is not true. Replacing Single with SingleOrDefault will make the exception go away. Of course you would need to null-check the result to see if the record was there or not.
Here is how you can change your code:
public UserData ByPassword(string emailAddress, string password) {
// null-check your arguments to detect programming errors in the "upstream" code
if (emailAddress == null) throw new ArgumentNullException("emailAddress");
if (password == null) throw new ArgumentNullException("password");
// Now that your arguments are "sanitized", fix the Single() call
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).SingleOrDefault();
// Missing credentials is not a programming error - throw your specific exception here:
if (account == null) {
throw new OurException(OurExceptionType.InvalidCredentials);
}
string token = OurAuthorizationAttribute.CreateTicket(account.AccID, false);
UserData data = new UserData();
data.Id = account.AccID;
data.Token = token;
return data;
}
NOTE : Although the above change would fix the coding error, it would not address a major design flaw of storing passwords in plain text. See this question for an in-depth discussion on storing passwords in databases.
这篇关于如何处理System.InvalidOperationException在实体框架?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
