问题
I have an angular project and i am using .net core 2.o Web API. I stored my user info in Jwt and i want log every database operation. I can access user info by sending jwt and taking from request.header in server side. But the problem is, where can be stored? In my old mvc projects, i could stored in session. But this project is API . And we work with JWT not session. How can i achieve that store UserInfo during the request start to end. And i want to access UserInfo from everywhere. This is my actionFilter:
public class TestFilterAttribute : System.Web.Http.Filters.FilterAttribute, IActionFilter
{
public void OnActionExecuting(ActionExecutingContext context)
{
var requestedUserInfo= context.HttpContext.Request.Headers["Authorization"];
??????????????? = requestedUserInfo;
}
public void OnActionExecuted(ActionExecutedContext context)
{
}
}
My architecture is like that:
Contoller => Service => Repository.
So, i have to send parameters as UserInfo in all methods. So, i dont want add all methods parameter as UserInfo. So, i want to learn get rid of this problem.
MyController.cs
[HttpGet("GetAllStudents")]
public async Task<ServiceResult>GetAllStudents()
{
var requestedUserId= context.HttpContext.Request.Headers["Authorization"];
return await (studentService.GetAllStudents(requestedUserId));
}
My service.cs
public async Task<ServiceResult> GetAllStudents(int requestedUserId)
{
return await unitOfWork.studentRepo.GetAllStudents(requestedUserId);
}
My repository.cs
public async Task<List<Student>> GetAllStudents(int requestedUserId)
{
LogOperation(requestedUserId);
return context.Students.ToList();
}
You can see that every method sending requestedUserId. How can i get rid of this?
回答1:
you don't store it, Angular has to send the JWT in every request and Asp.Net Core webapi has to open it, validate it, and then read the user that made the request from it.
回答2:
I found the solution. Our user info already stored in HttpContext. "HttpContextAccessor" is what i was looking for. You can inject by dependency injection and then you can use from everywhere (forexample dbcontext class or repo class)
public class StudentService : IStudentService
{
private readonly IHttpContextAccessor _httpContextAccessor;
public StudentService(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
public async Task<List<Student>> GetAllStudents()
{
var requestedUserId= _httpContextAccessor.HttpContext.Headers["Authorization"];
LogOperation(requestedUserId);
return context.Students.ToList();
}
}
来源:https://stackoverflow.com/questions/52352498/where-can-be-stored-user-info-in-net-core-api-project-with-angular