English 中文(简体)
ASP.Net MVC存储会话中的用户实体
原标题:ASP.Net MVC Store User Entity In Session

我正在用实体框架4开发一个ASP.Net MVC 3 Web应用程序。当用户登录到我的应用程序时,我想将他们的用户实体(firstName、lastName等)存储在会话中,然后可以在整个应用程序中访问该会话。

我知道这可能不是一个好主意,因为当ObjectContext关闭/处置时,用户实体就会分离,用户详细信息可能会丢失。

我认为另一种方法可以是,当用户登录时,将userID(主键)分配给会话变量,即:

HttpContext.Current.Session["currentUserID"] = user.userID;

然后在UserService类中创建一个类,如下所示:

public static User CurrentUser
    {

        get
        {
            return Data.DBEntities.Users.Where(u => u.userID == HttpContext.Current.Session["currentUserID"]).FirstOrDefault();
        }

    }

它应该返回一个基于currentUserID会话变量的用户实体。然而,这对我不起作用,我犯了几个错误

Cannot convert lambda expression to type  string  because it is not a delegate type
Delegate  System.Func<Asset.Model.User,int,bool>  does not take 1 arguments

我采取的这种方法是正确的,还是有更好的方法?

如有任何反馈,我们将不胜感激。

最佳回答

首先,不要将安全敏感信息存储在Session中。谷歌“ASP.NET会话劫持”了解原因。

也就是说,这个代码是可以工作的。您只是有一个强制转换错误。此外,您没有考虑到Session在登录过程中可以并且确实过期的事实。你可以这样做:

public static User CurrentUser
{
    get
    {
        object userID = HttpContext.Current.Session["currentUserID"];
        if (userID == null)
        {
            throw new InvalidOperationException("Oops!");
        }
        return Data.DBEntities.Users.Where(u => u.userID == (int)userId ).FirstOrDefault();
    }
}

…它至少可以编译,但不安全,有时还会抛出。

最好将用户ID存储在自定义主体,它是安全的并且不会过期。

时间:2011-02-14 13:05:13
问题回答

您可以将整个实体存储在会话中。它将被分离,但这并不意味着它将丢失值——只有在延迟加载的情况下,您才能延迟加载导航属性。

在当前代码中,尝试将currentUserId获取到临时变量,并在查询中使用该变量。

时间:2011-02-14 13:05:53


上一篇:
下一篇:


相关问题
How to return TEntity

How to create a property that return TEntity object for dataContext.GetTable parameter. The example code shown below. Thank You. public IQueryable<Order> FetchAll() { dataContext.GetTable&...

时间:2009-12-10 09:42:45 回答:1 展示:1
Entity Framework and Load Testing

I am having a tough time to understand why this code is failing I have a test method IUnitOfWork unitofwork = EFUnitOfWork.CreateInstance(); IRepository<InformationRequest> ...

时间:2009-12-04 18:49:25 回答:1 展示:1
implementing core data to an existing iPhone-project

I´ve some trouble with implementing Core Data to my existing iPhone-Project. First I wanna give you a more detailed view on it: Some of my classes are nested into each other: The class "Game" has an ...

时间:2009-12-01 07:37:06 回答:2 展示:1
linqpad 4.0 and code only

How can I use linqpad with code only in ef 4. I mean how to reference metadata when there is no edmx file?

时间:2009-11-23 09:33:46 回答:2 展示:1
Database visualization tool

I just watched a session of PDC09 about new features of Entity framework in .NET 4. Video page: http://microsoftpdc.com/Sessions/FT10 in the video, (seek to minute 7) presenter used a database ...

时间:2009-11-20 19:44:21 回答:1 展示:1
Entity Framework CreatedBy fields not updating

Using Entity Framework I have the fields: o CreatedOn (datetime) o CreatedBy (nvarchar(50)) o ModifiedOn (datetime) o ModifiedBy (nvarchar(50)) When I add data to my table it is not adding/...

时间:2009-11-18 14:11:42 回答:1 展示:1
Entity Framework - Many to many question

I have a table called ASB and a table called PeopleInvolved. There is a junction table called PeopleInvolved_ASB which simply contains an ASBID and a PeopleInvolvedID column. The columns act as a ...

时间:2009-11-13 11:08:41 回答:3 展示:1
How to fluent-map this (using fluent nhibernate)?

I have two tables in my database "Styles" and "BannedStyles". They have a reference via the ItemNo. Now styles can be banned per store. So if style x is banned at store Y then its very possible that ...

时间:2009-11-06 14:55:30 回答:1 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全