ASP.NET 核心 MVC:使用远程输入验证
ASP.NET Core MVC : use remote input validation
编辑 1:包括与此相关的完整代码,而不仅仅是一部分。
我正在尝试为我的应用程序的管理员角色创建用户名输入验证。
我将从 SQL 服务器中的 table 开始。
Employee table columns in SQL server has [ROWID],[ID],[LAST_NAME],[FIRST_NAME]...
员工数据库模型
public class EmployeeModel
{
public int RowID { get; set; }
[Key]
public int ID { get; set; }
public string First_Name { get; set; }
public string Last_Name { get; set; }
}
数据库上下文
public class ApplicationDbContext : IdentityDbContext
{
public ApplicationDbContext (DbContextOptions<ApplicationDbContext> options) : base(options)
{
}
public DbSet<WorkOrderModel> WorkOrder { get; set; }
public DbSet<CommentModel> Comment { get; set; }
public DbSet<PostModel> Post { get; set; }
public DbSet<ReplyModel> Reply { get; set; }
public DbSet<ApplicationUser> ApplicationUser { get; set; }
public DbSet<EmployeeModel> Employee { get; set; }
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder); //This is necessary if class is IdentityDbContext instead of DbContext
modelBuilder.Entity<WorkOrderModel>().HasKey(c => new { c.Type, c.Base_ID, c.Lot_ID, c.Split_ID, c.Sub_ID });
}
}
我的 InputValidation 控制器是只包含远程验证逻辑的控制器。
我正在尝试构建一个逻辑,该逻辑将仅使用 [ID] 和 [FIRST_NAME].
来验证用户是否在 table“员工”中
我原来的代码如下。
if (_dbContext.Employee.Any(n => (n.First_Name + "." + n.ID.ToString().PadLeft(3, '0')) == userName) != true)
{
return Json(true);
}
return Json($"Employee does not exist.");
然后根据 Tisa 在回复中的建议更改为以下内容。
public class InputValidationController : Controller
{
private readonly ApplicationDbContext _dbContext;
public InputValidationController(ApplicationDbContext dbContext)
{
_dbContext = dbContext;
}
[AcceptVerbs("GET", "POST")]
public IActionResult IdVerification(string userName)
{
var allUserList = (from u in _dbContext.Employee
select new
{
Name = u.First_Name + "." + u.ID.ToString().PadLeft(3, '0')
})
.ToList().Where(x => x.Name == userName);
if (allUserList != null)
{
return Json(true);
}
return Json($"Employee does not exist.");
}
}
输入 class 所在的页面模型。
public class ResetPasswordModel : PageModel
{
private readonly UserManager<IdentityUser> _userManager;
private readonly SignInManager<IdentityUser> _signInManager;
private readonly ILogger<ResetPasswordModel> _logger;
public ResetPasswordModel(UserManager<IdentityUser> userManager, SignInManager<IdentityUser> signInManager, ILogger<ResetPasswordModel> logger)
{
_userManager = userManager;
_signInManager = signInManager;
_logger = logger;
}
[BindProperty]
public InputModel Input { get; set; }
[TempData]
public string StatusMessage { get; set; }
public class InputModel
{
[Required]
[Display(Name = "User Name [ First Name.### (Employee number) ]")]
[Remote(action: "IdVerification", controller: "InputValidation")]
public string UserName { get; set; }
[Required]
[StringLength(20, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 3)]
[DataType(DataType.Password)]
public string Password { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm password")]
[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
//public string Code { get; set; }
}
...
}
最后是查看页面。 SQL_Web_App 是项目的名称并且具有 UserRoles class.
@page
@model ResetPasswordModel
@using SQL_Web_App
@{
ViewData["Title"] = "Reset password";
}
@if (User.IsInRole(UserRoles.AdminRole))
{
<h1>@ViewData["Title"]</h1>
<h4>Reset password for a user.</h4>
<hr />
<div class="row">
<div class="col-md-4">
<form method="post">
<div asp-validation-summary="ModelOnly" class="text-danger"></div>
<div class="form-group">
<label asp-for="Input.UserName"></label>
<input asp-for="Input.UserName" class="form-control" />
<span asp-validation-for="Input.UserName" class="text-danger"></span>
</div>
<div class="form-group">
<label asp-for="Input.Password"></label>
<input asp-for="Input.Password" class="form-control" />
<span asp-validation-for="Input.Password" class="text-danger"></span>
</div>
<div class="form-group">
<label asp-for="Input.ConfirmPassword"></label>
<input asp-for="Input.ConfirmPassword" class="form-control" />
<span asp-validation-for="Input.ConfirmPassword" class="text-danger"></span>
</div>
<button type="submit" class="btn btn-primary">Reset</button>
</form>
</div>
</div>
}
我在这次编辑之前的声明 1
As you can see under the display of the `InputModel` the user name is "FirstName.EmployeeNumber", I am trying to match that input to `_dbContext.Employee.Any(n => n.First_Name + "." + n.ID.ToString().PadLeft(3, '0')` but I do not get any result for both != and ==.
现在我在下面尝试了 == 和 != 结果总是不为空。
if (allUserList != null)
{
Json(true);
}
return Json($"Employee does not exist.");
请大家帮我看看哪里做错了
谢谢。
random name input but no validation message
您可以将逻辑更改为:
要在您的代码中获取 Name,您应该使用 Model 接受它,然后获取
用户名属性.
public IActionResult IdVerification(InputModel input)
{
var username=input.UserName;
var allUserList = (from u in _dbcontext.Employee
select new
{
Name = u.First_Name + "." + u.ID.ToString().PadLeft(3, '0')
})
.ToList();
if (allUserList[0].Name==userName)
{
return Json(true);
}
return Json($"Employee does not exist.");
}
编辑 1:包括与此相关的完整代码,而不仅仅是一部分。
我正在尝试为我的应用程序的管理员角色创建用户名输入验证。 我将从 SQL 服务器中的 table 开始。
Employee table columns in SQL server has [ROWID],[ID],[LAST_NAME],[FIRST_NAME]...
员工数据库模型
public class EmployeeModel
{
public int RowID { get; set; }
[Key]
public int ID { get; set; }
public string First_Name { get; set; }
public string Last_Name { get; set; }
}
数据库上下文
public class ApplicationDbContext : IdentityDbContext
{
public ApplicationDbContext (DbContextOptions<ApplicationDbContext> options) : base(options)
{
}
public DbSet<WorkOrderModel> WorkOrder { get; set; }
public DbSet<CommentModel> Comment { get; set; }
public DbSet<PostModel> Post { get; set; }
public DbSet<ReplyModel> Reply { get; set; }
public DbSet<ApplicationUser> ApplicationUser { get; set; }
public DbSet<EmployeeModel> Employee { get; set; }
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder); //This is necessary if class is IdentityDbContext instead of DbContext
modelBuilder.Entity<WorkOrderModel>().HasKey(c => new { c.Type, c.Base_ID, c.Lot_ID, c.Split_ID, c.Sub_ID });
}
}
我的 InputValidation 控制器是只包含远程验证逻辑的控制器。 我正在尝试构建一个逻辑,该逻辑将仅使用 [ID] 和 [FIRST_NAME].
来验证用户是否在 table“员工”中我原来的代码如下。
if (_dbContext.Employee.Any(n => (n.First_Name + "." + n.ID.ToString().PadLeft(3, '0')) == userName) != true)
{
return Json(true);
}
return Json($"Employee does not exist.");
然后根据 Tisa 在回复中的建议更改为以下内容。
public class InputValidationController : Controller
{
private readonly ApplicationDbContext _dbContext;
public InputValidationController(ApplicationDbContext dbContext)
{
_dbContext = dbContext;
}
[AcceptVerbs("GET", "POST")]
public IActionResult IdVerification(string userName)
{
var allUserList = (from u in _dbContext.Employee
select new
{
Name = u.First_Name + "." + u.ID.ToString().PadLeft(3, '0')
})
.ToList().Where(x => x.Name == userName);
if (allUserList != null)
{
return Json(true);
}
return Json($"Employee does not exist.");
}
}
输入 class 所在的页面模型。
public class ResetPasswordModel : PageModel
{
private readonly UserManager<IdentityUser> _userManager;
private readonly SignInManager<IdentityUser> _signInManager;
private readonly ILogger<ResetPasswordModel> _logger;
public ResetPasswordModel(UserManager<IdentityUser> userManager, SignInManager<IdentityUser> signInManager, ILogger<ResetPasswordModel> logger)
{
_userManager = userManager;
_signInManager = signInManager;
_logger = logger;
}
[BindProperty]
public InputModel Input { get; set; }
[TempData]
public string StatusMessage { get; set; }
public class InputModel
{
[Required]
[Display(Name = "User Name [ First Name.### (Employee number) ]")]
[Remote(action: "IdVerification", controller: "InputValidation")]
public string UserName { get; set; }
[Required]
[StringLength(20, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 3)]
[DataType(DataType.Password)]
public string Password { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm password")]
[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
//public string Code { get; set; }
}
...
}
最后是查看页面。 SQL_Web_App 是项目的名称并且具有 UserRoles class.
@page
@model ResetPasswordModel
@using SQL_Web_App
@{
ViewData["Title"] = "Reset password";
}
@if (User.IsInRole(UserRoles.AdminRole))
{
<h1>@ViewData["Title"]</h1>
<h4>Reset password for a user.</h4>
<hr />
<div class="row">
<div class="col-md-4">
<form method="post">
<div asp-validation-summary="ModelOnly" class="text-danger"></div>
<div class="form-group">
<label asp-for="Input.UserName"></label>
<input asp-for="Input.UserName" class="form-control" />
<span asp-validation-for="Input.UserName" class="text-danger"></span>
</div>
<div class="form-group">
<label asp-for="Input.Password"></label>
<input asp-for="Input.Password" class="form-control" />
<span asp-validation-for="Input.Password" class="text-danger"></span>
</div>
<div class="form-group">
<label asp-for="Input.ConfirmPassword"></label>
<input asp-for="Input.ConfirmPassword" class="form-control" />
<span asp-validation-for="Input.ConfirmPassword" class="text-danger"></span>
</div>
<button type="submit" class="btn btn-primary">Reset</button>
</form>
</div>
</div>
}
我在这次编辑之前的声明 1
As you can see under the display of the `InputModel` the user name is "FirstName.EmployeeNumber", I am trying to match that input to `_dbContext.Employee.Any(n => n.First_Name + "." + n.ID.ToString().PadLeft(3, '0')` but I do not get any result for both != and ==.
现在我在下面尝试了 == 和 != 结果总是不为空。
if (allUserList != null)
{
Json(true);
}
return Json($"Employee does not exist.");
请大家帮我看看哪里做错了
谢谢。
random name input but no validation message
您可以将逻辑更改为:
要在您的代码中获取 Name,您应该使用 Model 接受它,然后获取
用户名属性.
public IActionResult IdVerification(InputModel input)
{
var username=input.UserName;
var allUserList = (from u in _dbcontext.Employee
select new
{
Name = u.First_Name + "." + u.ID.ToString().PadLeft(3, '0')
})
.ToList();
if (allUserList[0].Name==userName)
{
return Json(true);
}
return Json($"Employee does not exist.");
}