在我的服务层中传递http servlet响应是不好的做法？ [英] Is it a bad practise to pass the http servlet response in my service layer?

问题描述

在我的authenticationService的登录方法中，我需要创建一个cookie并在cookie中设置会话ID。

In my login method of my authenticationService, I need to create a cookie and set the session ID in the cookie.

传递请求对象是不好的做法到控制器操作中的服务层？

Is it bad practise to pass the request object to my service layer inside of a controllers action?

public void login(String email, String password) {

   User user = someService.validate(email, password);

   if(user != null) {
      // create session
      // set cookie ????
   }

}

我的控制器操作将调用登录上面的方法，混淆了我应该创建和设置我的cookie的会话ID。

My controller action will call the login method above, confused where I should be creating and setting the session id for my cookie.

我有理由在服务层中有这个，但我的登录然后将方法绑定到Web应用程序。

It makes sense to me to have this in the service layer, but then my login method is then tightly bound to a web application.

我这样做了吗？

推荐答案

是（对不良做法），否（对做这个权利）。

Yes (to "bad practice"), no (to "doing this right").

服务层应该与任何拥有的东西完全分离与网络有关。单独的Web层应该负责管理Web层工件，包括cookie。

The service layer should be completely decoupled from anything having to do with the web. The web layer alone should be responsible for managing web-layer artifacts, including cookies.

这样即使不存在cookie，也可以使用服务，例如桌面或CLI应用程序。它还允许在不考虑Web层的情况下测试服务，这是有道理的 - 服务并不关心如何身份验证发生，或之后发生的事情 - 仅使用用户名和密码工作。

This way the service can be used even when cookies don't exist, like a desktop or CLI app. It also allows testing the service without considering the web-layer at all, which makes sense--the service doesn't care how authentication happens, or what happens after--only that using a username and password works.

这篇关于在我的服务层中传递http servlet响应是不好的做法？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！