创建Manager用户验证表
这一篇主要讲解使用AOP对用户操作进行验证,如果通过验证,则继续执行,反之,则不能执行。其思想和上一篇完全一致。
由于需要用到用户认证,所以我们新建一个Manager实体类,并按照开篇中的方法做Mapper:
Manager实体类代码:
1:
2: namespace BookStore.Data.Entities
3: {
4: public class Manager
5: {
6: public int ID { get; set; }
7: public string UserName { get; set; }
8: public string PassWord { get; set; }
9: }
10: }
ManagerMapper代码:
1: using BookStore.Data.Entities;
2: using System.Data.Entity.ModelConfiguration;
3: using System.ComponentModel.DataAnnotations.Schema;
4:
5: namespace BookStore.Data.Mapper
6: {
7: public class ManagerMapper:EntityTypeConfiguration<Manager>
8: {
9: public ManagerMapper()
10: {
11: this.ToTable("Manager");
12:
13: this.HasKey(c => c.ID);
14: this.Property(c => c.ID).HasDatabaseGeneratedOption(DatabaseGeneratedOption.Identity);
15: this.Property(c => c.ID).IsRequired();
16:
17: this.Property(c => c.UserName).HasMaxLength(50).IsRequired();
18:
19: this.Property(c => c.PassWord).HasMaxLength(50).IsRequired();
20: }
21: }
22: }
将其放倒OnModelCreating方法中,用于向数据库中生成数据表:
1: modelBuilder.Configurations.Add(new ManagerMapper());
建立好以后,运行起来,我们就新增加了一个Manager数据表到数据库中。
AOP用户验证的实现
下面继续进行AOP用户验证的讲解。
首先,新建一个BookStore.BussinessLogic类库项目,并添加IBookOperation接口和BookOperation类,用于提供业务逻辑操作(注意,由于BookStore.Data只提供最基本的数据元操作,所以,业务逻辑部分最好重新组织一个新的模块建立,以便于后期维护方便)。
在IBookOperation接口中,加入如下定义:
1:
2: namespace BookStore.BussinessLogic
3: {
4: public interface IBookOperation
5: {
6: bool UserLogin(string userName, string passWord);
7: }
8: }
在BookOperation类中,加入如下实现:
1: using System.Linq;
2: using BookStore.Data;
3:
4: namespace BookStore.BussinessLogic
5: {
6: public class BookOperation:IBookOperation
7: {
8: public BookOperation()
9: {
10: this.context = new BookContext();
11: }
12:
13: private BookContext context;
14:
15: public bool UserLogin(string userName, string passWord)
16: {
17: var manager = (from p in context.Managers
18: where p.UserName == userName && p.PassWord == passWord
19: select p).FirstOrDefault();
20: if (manager != null) return true;
21: return false;
22: }
23: }
24: }
代码的具体意思我就不讲解了,就是从数据表中取出数据,和用户输入的用户名密码进行比对。
然后,在BookStore.AOP项目中,新建一个AuthAdvice类,继承自IAdvice接口,并提供实现方法:
1: using System;
2: using BookStore.BussinessLogic;
3:
4: namespace BookStore.AOP
5: {
6: public class AuthAdvice:IAdvice
7: {
8: public AuthAdvice()
9: {
10: Initializement();
11: }
12:
13: public void Initializement()
14: {
15: bookOperation = new BookOperation();
16:
17: log4net.Config.XmlConfigurator.Configure();
18: log = log4net.LogManager.GetLogger(typeof(LogAdvice));
19: }
20:
21: private IBookOperation bookOperation;
22: private log4net.ILog log;
23:
24: public void BeforeCall(AopAlliance.Intercept.IMethodInvocation invocation)
25: {
26: log.Info(string.Format("调用验证开始:{0}", invocation.Method.Name));
27: }
28:
29: public void AfterCall(AopAlliance.Intercept.IMethodInvocation invocation)
30: {
31: log.Info(string.Format("调用验证结束:{0}", invocation.Method.Name));
32: }
33:
34: public object Invoke(AopAlliance.Intercept.IMethodInvocation invocation)
35: {
36: try
37: {
38: BeforeCall(invocation);
39: bool flag = bookOperation.UserLogin("admin", "admin888");
40: if (flag)
41: {
42: log.Info(string.Format("用户验证成功,开始执行函数..."));
43: object resultObj = invocation.Proceed();
44: return resultObj;
45: }
46: else
47: {
48: log.Error(string.Format("用户验证失败,准备退出执行..."));
49: return null;
50: }
51: AfterCall(invocation);
52: }
53: catch (Exception ex)
54: {
55: log.Error(string.Format("调用函数错误:{0},{1},{2}", invocation.Method.Name, ex.Message, ex.StackTrace));
56: return null;
57: }
58: }
59:
60: public void Dispose()
61: {
62: throw new NotImplementedException();
63: }
64: }
65: }
上面的验证代码和上一篇没什么区别,但是请注意这段代码:bookOperation.UserLogin("admin", "admin888"),它是在函数执行之前,先从数据库进行用户名密码验证的,如果验证通过,执行函数,否则放弃执行,通过这样的方式,我们就能够实现用户验证了。
接下来就是去BookStore.RestService项目中配置web.cofig代码,使其运行:
1: <!--Spring Config Node-->
2: <spring>
3: <context>
4: <resource uri="config://spring/objects"/>
5: </context>
6: <objects xmlns="http://www.springframework.net">
7: <!--without aop-->
8: <object name="BookRepository" type="BookStore.Data.BookRepository, BookStore.Data" />
9:
10: <!--with aop-->
11: <object name="BookRepositoryAOP" type="Spring.Aop.Framework.ProxyFactoryObject" >
12: <property name="Target">
13: <object type="BookStore.Data.BookRepository, BookStore.Data" />
14: </property>
15: <property name="InterceptorNames">
16: <list>
17: <value>LogTraceAroundAdvice</value>
18: <value>AuthTraceAroundAdvice</value>
19: </list>
20: </property>
21: </object>
22: <!--Advices-->
23: <object id="LogTraceAroundAdvice" type="BookStore.AOP.LogAdvice, BookStore.AOP"></object>
24: <object id="AuthTraceAroundAdvice" type="BookStore.AOP.AuthAdvice, BookStore.AOP"></object>
25: </objects>
26: </spring>
最后来看看运行结果:
这样就达到了我们验证的目的了。
源码下载
最后这里附上源代码下载。