Core2.0知识整理
概述
Commond-Line
ASP.NET结构文件
Startup
配置文件
中间件和依赖注入
依赖注入原理
框架自带的依赖注入(IServiceCollection)
依赖注入生命周期
依赖注入使用方式
- 经过构造函数
- MVC的ActionAction中能够使用 [FromServices]来注入对象、
中间件(MiddleWare)
Use:进入中间件http管道模式,git
Map:映射分支 Run:github
执行,并返回Responsesql
public void Configure(IApplicationBuilder app, IHostingEnvironment env) { app.UseMyMiddleware(); } public class MyMiddleware { private readonly RequestDelegate _next; public MyMiddleware(RequestDelegate next) { _next = next; } public Task Invoke(HttpContext context) { //这里是获取context信息后处理的代码 return this._next(context); } } public static class MyMiddlewareExtensions { public static IApplicationBuilder UseMyMiddleware( this IApplicationBuilder builder) { return builder.UseMiddleware<MyMiddlewareMiddleware>(); } }
中间件的执行要注意顺序,由于能够终止http管道的执行数据库
框架自带中间件
ORM
Entity Framework Core
官方地址:https://docs.microsoft.com/zh-cn/ef/core/并发
services.AddDbContext<SchoolContext>(options =>options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
Entity Framework Core-Code First
//程序包管理控件台 Install-Package Microsoft.EntityFrameworkCore.SqlServer Install-Package Microsoft.EntityFrameworkCore.Tools Install-Package Microsoft.VisualStudio.Web.CodeGeneration.Design
从数据库生成模型
Scaffold-DbContext "Server=(localdb)\mssqllocaldb;Database=Blogging;Trusted_Connection=True;" Microsoft.EntityFrameworkCore.SqlServer -OutputDir Models
并发控制
//特性方式 public class Person { public int PersonId { get; set; } [ConcurrencyCheck] public string LastName { get; set; } public string FirstName { get; set; } } //特性API方式 class MyContext : DbContext { public DbSet<Person> People { get; set; } protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity<Person>() .Property(p => p.LastName) .IsConcurrencyToken(); } } public class Person { public int PersonId { get; set; } public string LastName { get; set; } public string FirstName { get; set; } } //特性时间戳 public class Blog { public int BlogId { get; set; } public string Url { get; set; } [Timestamp] public byte[] Timestamp { get; set; } }
//时间戳 class MyContext : DbContext { public DbSet<Blog> Blogs { get; set; } protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity<Blog>() .Property(p => p.Timestamp) .IsRowVersion(); } } public class Blog { public int BlogId { get; set; } public string Url { get; set; } public byte[] Timestamp { get; set; } }
Dapper
官方地址:https://github.com/StackExchange/Dapperapp
权限验证
概念
Authentication:认证,经过自定义或三方的方式,肯定用户有效性,并分配用户必定身份框架
Authorization:受权,决定用户能够作什么,能够带上角色或策略来受权,而且是能过Controller或Action上的特性Authorize来受权的。async
验证方式
ConfigureServices中ide
//注入验证 2.0 services.AddAuthentication(options => { options.DefaultChallengeScheme = "MyCookieAuthenticationScheme"; options.DefaultSignInScheme = "MyCookieAuthenticationScheme"; options.DefaultAuthenticateScheme = "MyCookieAuthenticationScheme"; }) .AddCookie("MyCookieAuthenticationScheme", opt => { opt.LoginPath = new PathString("/login"); opt.AccessDeniedPath = new PathString("/login"); opt.LogoutPath = new PathString("/login"); opt.Cookie.Path = "/"; });
Configure中函数
app.UseAuthentication();
登陆验证
public class UserTestController : Controller { [HttpGet("users")] [Authorize(Roles = "admin,system")] public IActionResult Index() { return View(); } [HttpGet("login")] public IActionResult Login(string returnUrl) { //一、若是登陆用户已经Authenticated,提示请勿重复登陆 if (HttpContext.User.Identity.IsAuthenticated) { return View("Error", new string[] { "您已经登陆!" }); }else//记录转入地址 { ViewBag.returnUrl = returnUrl; return View();} }
[AllowAnonymous] [HttpPost("login")] public IActionResult Login(string username, string returnUrl) { //二、登陆后设置验证 if (username == "gsw") { var claims = new Claim[]{ new Claim(ClaimTypes.Role, "admin"), new Claim(ClaimTypes.Name,"桂素伟") }; HttpContext.SignInAsync("MyCookieAuthenticationScheme",new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookie"))); //给User赋值 var claPris = new ClaimsPrincipal(); claPris.AddIdentity(new ClaimsIdentity(claims)); HttpContext.User = claPris; return new RedirectResult(returnUrl == null ? "users" : returnUrl); } else { return View(); } }
UI访问
//三、UI上访问验证信息 @if (User.IsInRole("abc")) { <p>你好: @User.Identity.Name</p> <a href="更高权限">更高权限</a> }
权限中间件
/// <summary> /// 权限中间件 /// </summary> public class PermissionMiddleware { /// <summary> /// 管道代理对象 /// </summary> private readonly RequestDelegate _next; /// <summary> /// 权限中间件构造 /// </summary> /// <param name="next">管道代理对象</param> /// <param name="permissionResitory">权限仓储对象</param> /// <param name="option">权限中间件配置选项</param> public PermissionMiddleware(RequestDelegate next) { _next = next; } /// <summary> /// 调用管道 /// </summary> /// <param name="context"></param> /// <returns></returns> public Task Invoke(HttpContext context) { return this._next(context); } }
自定义策略
/// <summary> /// 权限受权Handler /// </summary> public class PermissionHandler : AuthorizationHandler<PermissionRequirement> { /// <summary> /// 用户权限 /// </summary> public List<Permission> Permissions { get; set; } protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { //赋值用户权限 Permissions = requirement.Permissions; //从AuthorizationHandlerContext转成HttpContext,以便取出表求信息 var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext; //请求Url var questUrl = httpContext.Request.Path.Value.ToLower(); //是否通过验证 var isAuthenticated = httpContext.User.Identity.IsAuthenticated; if (isAuthenticated) { //权限中是否存在请求的url if (Permissions.GroupBy(g => g.Url).Where(w => w.Key.ToLower() == questUrl).Count() > 0) { var name = httpContext.User.Claims.SingleOrDefault(s => s.Type == requirement.ClaimType).Value; //验证权限 if (Permissions.Where(w => w.Name == name && w.Url.ToLower() == questUrl).Count() > 0) { context.Succeed(requirement); } else { //无权限跳转到拒绝页面 httpContext.Response.Redirect(requirement.DeniedAction); } } else { context.Succeed(requirement); } } return Task.CompletedTask; } }
自定义策略-JWT
/// <summary> /// 权限受权Handler /// </summary> public class PermissionHandler : AuthorizationHandler<PermissionRequirement> { /// <summary> /// 验证方案提供对象 /// </summary> public IAuthenticationSchemeProvider Schemes { get; set; } /// <summary> /// 自定义策略参数 /// </summary> public PermissionRequirement Requirement { get; set; } /// <summary> /// 构造 /// </summary> /// <param name="schemes"></param> public PermissionHandler(IAuthenticationSchemeProvider schemes) { Schemes = schemes; } protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { ////赋值用户权限 Requirement = requirement; //从AuthorizationHandlerContext转成HttpContext,以便取出表求信息 var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext; //请求Url var questUrl = httpContext.Request.Path.Value.ToLower(); //判断请求是否中止 var handlers = httpContext.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>(); foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync()) { var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler; if (handler != null && await handler.HandleRequestAsync()) { context.Fail(); return; } } //判断请求是否拥有凭据,即有没有登陆 var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync(); if (defaultAuthenticate != null) { var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name); //result?.Principal不为空即登陆成功 if (result?.Principal != null) { httpContext.User = result.Principal; //权限中是否存在请求的url if (Requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key.ToLower() == questUrl).Count() > 0) { var name = httpContext.User.Claims.SingleOrDefault(s => s.Type == requirement.ClaimType).Value; //验证权限 if (Requirement.Permissions.Where(w => w.Name == name && w.Url.ToLower() == questUrl).Count() <= 0) { //无权限跳转到拒绝页面 httpContext.Response.Redirect(requirement.DeniedAction); } } context.Succeed(requirement); return; } } //判断没有登陆时,是否访问登陆的url,而且是Post请求,而且是form表单提交类型,不然为失败 if (!questUrl.Equals(Requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType)) { context.Fail(); return; } context.Succeed(requirement); } }
相关文章
- 1. Core2.0知识整理
- 2. jstorm知识整理
- 3. Redis 知识 整理
- 4. Java知识整理
- 5. Core知识整理
- 6. Redis知识整理
- 7. UML 知识整理
- 8. Spring知识整理
- 9. 知识点整理
- 10. react 知识整理
- 更多相关文章...
- • 与传输层有关的基本知识 - TCP/IP教程
- • Spring通知类型及使用ProxyFactoryBean创建AOP代理 - Spring教程
- • Docker 清理命令
- • ☆技术问答集锦(13)Java Instrument原理
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 在windows下的虚拟机中,安装华为电脑的deepin操作系统
- 2. 强烈推荐款下载不限速解析神器
- 3. 【区块链技术】孙宇晨:区块链技术带来金融服务的信任变革
- 4. 搜索引起的链接分析-计算网页的重要性
- 5. TiDB x 微众银行 | 耗时降低 58%,分布式架构助力实现普惠金融
- 6. 《数字孪生体技术白皮书》重磅发布(附完整版下载)
- 7. 双十一“避坑”指南:区块链电子合同为电商交易保驾护航!
- 8. 区块链产业,怎样“链”住未来?
- 9. OpenglRipper使用教程
- 10. springcloud请求一次好用一次不好用zuul Name or service not known
欢迎关注本站公众号,获取更多信息
相关文章
- 1. Core2.0知识整理
- 2. jstorm知识整理
- 3. Redis 知识 整理
- 4. Java知识整理
- 5. Core知识整理
- 6. Redis知识整理
- 7. UML 知识整理
- 8. Spring知识整理
- 9. 知识点整理
- 10. react 知识整理