Core2.0知識整理
概述
Commond-Line
ASP.NET結構文件
Startup
配置文件
中間件和依賴注入
依賴注入原理
框架自帶的依賴注入(IServiceCollection)
依賴注入生命週期
依賴注入使用方式
- 經過構造函數
- MVC的ActionAction中能夠使用 [FromServices]來注入對象、
中間件(MiddleWare)
Use:進入中間件http管道模式,git
Map:映射分支 Run:github
執行,並返回Responsesql
public void Configure(IApplicationBuilder app, IHostingEnvironment env) { app.UseMyMiddleware(); } public class MyMiddleware { private readonly RequestDelegate _next; public MyMiddleware(RequestDelegate next) { _next = next; } public Task Invoke(HttpContext context) { //這裏是獲取context信息後處理的代碼 return this._next(context); } } public static class MyMiddlewareExtensions { public static IApplicationBuilder UseMyMiddleware( this IApplicationBuilder builder) { return builder.UseMiddleware<MyMiddlewareMiddleware>(); } }
中間件的執行要注意順序,由於能夠終止http管道的執行數據庫
框架自帶中間件
ORM
Entity Framework Core
官方地址:https://docs.microsoft.com/zh-cn/ef/core/併發
services.AddDbContext<SchoolContext>(options =>options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
Entity Framework Core-Code First
//程序包管理控件臺 Install-Package Microsoft.EntityFrameworkCore.SqlServer Install-Package Microsoft.EntityFrameworkCore.Tools Install-Package Microsoft.VisualStudio.Web.CodeGeneration.Design
從數據庫生成模型
Scaffold-DbContext "Server=(localdb)\mssqllocaldb;Database=Blogging;Trusted_Connection=True;" Microsoft.EntityFrameworkCore.SqlServer -OutputDir Models
併發控制
//特性方式 public class Person { public int PersonId { get; set; } [ConcurrencyCheck] public string LastName { get; set; } public string FirstName { get; set; } } //特性API方式 class MyContext : DbContext { public DbSet<Person> People { get; set; } protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity<Person>() .Property(p => p.LastName) .IsConcurrencyToken(); } } public class Person { public int PersonId { get; set; } public string LastName { get; set; } public string FirstName { get; set; } } //特性時間戳 public class Blog { public int BlogId { get; set; } public string Url { get; set; } [Timestamp] public byte[] Timestamp { get; set; } }
//時間戳 class MyContext : DbContext { public DbSet<Blog> Blogs { get; set; } protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity<Blog>() .Property(p => p.Timestamp) .IsRowVersion(); } } public class Blog { public int BlogId { get; set; } public string Url { get; set; } public byte[] Timestamp { get; set; } }
Dapper
官方地址:https://github.com/StackExchange/Dapperapp
權限驗證
概念
Authentication:認證,經過自定義或三方的方式,肯定用戶有效性,並分配用戶必定身份框架
Authorization:受權,決定用戶能夠作什麼,能夠帶上角色或策略來受權,而且是能過Controller或Action上的特性Authorize來受權的。async
驗證方式
ConfigureServices中ide
//注入驗證 2.0 services.AddAuthentication(options => { options.DefaultChallengeScheme = "MyCookieAuthenticationScheme"; options.DefaultSignInScheme = "MyCookieAuthenticationScheme"; options.DefaultAuthenticateScheme = "MyCookieAuthenticationScheme"; }) .AddCookie("MyCookieAuthenticationScheme", opt => { opt.LoginPath = new PathString("/login"); opt.AccessDeniedPath = new PathString("/login"); opt.LogoutPath = new PathString("/login"); opt.Cookie.Path = "/"; });
Configure中函數
app.UseAuthentication();
登陸驗證
public class UserTestController : Controller { [HttpGet("users")] [Authorize(Roles = "admin,system")] public IActionResult Index() { return View(); } [HttpGet("login")] public IActionResult Login(string returnUrl) { //一、若是登陸用戶已經Authenticated,提示請勿重複登陸 if (HttpContext.User.Identity.IsAuthenticated) { return View("Error", new string[] { "您已經登陸!" }); }else//記錄轉入地址 { ViewBag.returnUrl = returnUrl; return View();} }
[AllowAnonymous] [HttpPost("login")] public IActionResult Login(string username, string returnUrl) { //二、登陸後設置驗證 if (username == "gsw") { var claims = new Claim[]{ new Claim(ClaimTypes.Role, "admin"), new Claim(ClaimTypes.Name,"桂素偉") }; HttpContext.SignInAsync("MyCookieAuthenticationScheme",new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookie"))); //給User賦值 var claPris = new ClaimsPrincipal(); claPris.AddIdentity(new ClaimsIdentity(claims)); HttpContext.User = claPris; return new RedirectResult(returnUrl == null ? "users" : returnUrl); } else { return View(); } }
UI訪問
//三、UI上訪問驗證信息 @if (User.IsInRole("abc")) { <p>你好: @User.Identity.Name</p> <a href="更高權限">更高權限</a> }
權限中間件
/// <summary> /// 權限中間件 /// </summary> public class PermissionMiddleware { /// <summary> /// 管道代理對象 /// </summary> private readonly RequestDelegate _next; /// <summary> /// 權限中間件構造 /// </summary> /// <param name="next">管道代理對象</param> /// <param name="permissionResitory">權限倉儲對象</param> /// <param name="option">權限中間件配置選項</param> public PermissionMiddleware(RequestDelegate next) { _next = next; } /// <summary> /// 調用管道 /// </summary> /// <param name="context"></param> /// <returns></returns> public Task Invoke(HttpContext context) { return this._next(context); } }
自定義策略
/// <summary> /// 權限受權Handler /// </summary> public class PermissionHandler : AuthorizationHandler<PermissionRequirement> { /// <summary> /// 用戶權限 /// </summary> public List<Permission> Permissions { get; set; } protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { //賦值用戶權限 Permissions = requirement.Permissions; //從AuthorizationHandlerContext轉成HttpContext,以便取出表求信息 var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext; //請求Url var questUrl = httpContext.Request.Path.Value.ToLower(); //是否通過驗證 var isAuthenticated = httpContext.User.Identity.IsAuthenticated; if (isAuthenticated) { //權限中是否存在請求的url if (Permissions.GroupBy(g => g.Url).Where(w => w.Key.ToLower() == questUrl).Count() > 0) { var name = httpContext.User.Claims.SingleOrDefault(s => s.Type == requirement.ClaimType).Value; //驗證權限 if (Permissions.Where(w => w.Name == name && w.Url.ToLower() == questUrl).Count() > 0) { context.Succeed(requirement); } else { //無權限跳轉到拒絕頁面 httpContext.Response.Redirect(requirement.DeniedAction); } } else { context.Succeed(requirement); } } return Task.CompletedTask; } }
自定義策略-JWT
/// <summary> /// 權限受權Handler /// </summary> public class PermissionHandler : AuthorizationHandler<PermissionRequirement> { /// <summary> /// 驗證方案提供對象 /// </summary> public IAuthenticationSchemeProvider Schemes { get; set; } /// <summary> /// 自定義策略參數 /// </summary> public PermissionRequirement Requirement { get; set; } /// <summary> /// 構造 /// </summary> /// <param name="schemes"></param> public PermissionHandler(IAuthenticationSchemeProvider schemes) { Schemes = schemes; } protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { ////賦值用戶權限 Requirement = requirement; //從AuthorizationHandlerContext轉成HttpContext,以便取出表求信息 var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext; //請求Url var questUrl = httpContext.Request.Path.Value.ToLower(); //判斷請求是否中止 var handlers = httpContext.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>(); foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync()) { var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler; if (handler != null && await handler.HandleRequestAsync()) { context.Fail(); return; } } //判斷請求是否擁有憑據,即有沒有登陸 var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync(); if (defaultAuthenticate != null) { var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name); //result?.Principal不爲空即登陸成功 if (result?.Principal != null) { httpContext.User = result.Principal; //權限中是否存在請求的url if (Requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key.ToLower() == questUrl).Count() > 0) { var name = httpContext.User.Claims.SingleOrDefault(s => s.Type == requirement.ClaimType).Value; //驗證權限 if (Requirement.Permissions.Where(w => w.Name == name && w.Url.ToLower() == questUrl).Count() <= 0) { //無權限跳轉到拒絕頁面 httpContext.Response.Redirect(requirement.DeniedAction); } } context.Succeed(requirement); return; } } //判斷沒有登陸時,是否訪問登陸的url,而且是Post請求,而且是form表單提交類型,不然爲失敗 if (!questUrl.Equals(Requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType)) { context.Fail(); return; } context.Succeed(requirement); } }
相關文章
- 1. Core2.0知識整理
- 2. jstorm知識整理
- 3. Redis 知識 整理
- 4. Java知識整理
- 5. Core知識整理
- 6. Redis知識整理
- 7. UML 知識整理
- 8. Spring知識整理
- 9. 知識點整理
- 10. react 知識整理
- 更多相關文章...
- • 與傳輸層有關的基本知識 - TCP/IP教程
- • Spring通知類型及使用ProxyFactoryBean創建AOP代理 - Spring教程
- • Docker 清理命令
- • ☆技術問答集錦(13)Java Instrument原理
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. Core2.0知識整理
- 2. jstorm知識整理
- 3. Redis 知識 整理
- 4. Java知識整理
- 5. Core知識整理
- 6. Redis知識整理
- 7. UML 知識整理
- 8. Spring知識整理
- 9. 知識點整理
- 10. react 知識整理