ASP.NET 核心 MVC:使用远程输入验证

ASP.NET Core MVC : use remote input validation

编辑 1:包括与此相关的完整代码,而不仅仅是一部分。

我正在尝试为我的应用程序的管理员角色创建用户名输入验证。 我将从 SQL 服务器中的 table 开始。

Employee table columns in SQL server has [ROWID],[ID],[LAST_NAME],[FIRST_NAME]...

员工数据库模型

public class EmployeeModel
    {
        public int RowID { get; set; }
        [Key]
        public int ID { get; set; }
        public string First_Name { get; set; }
        public string Last_Name { get; set; }
    }

数据库上下文

public class ApplicationDbContext : IdentityDbContext
    {
        public ApplicationDbContext (DbContextOptions<ApplicationDbContext> options) : base(options)
        { 
        }

        public DbSet<WorkOrderModel> WorkOrder { get; set; }
        public DbSet<CommentModel> Comment { get; set; }
        public DbSet<PostModel> Post { get; set; }
        public DbSet<ReplyModel> Reply { get; set; }
        public DbSet<ApplicationUser> ApplicationUser { get; set; }
        public DbSet<EmployeeModel> Employee { get; set; }

        protected override void OnModelCreating(ModelBuilder modelBuilder)
        {
            base.OnModelCreating(modelBuilder); //This is necessary if class is IdentityDbContext instead of DbContext
            modelBuilder.Entity<WorkOrderModel>().HasKey(c => new { c.Type, c.Base_ID, c.Lot_ID, c.Split_ID, c.Sub_ID });
        }
    }

我的 InputValidation 控制器是只包含远程验证逻辑的控制器。 我正在尝试构建一个逻辑,该逻辑将仅使用 [ID] 和 [FIRST_NAME].

来验证用户是否在 table“员工”中

我原来的代码如下。

if (_dbContext.Employee.Any(n => (n.First_Name + "." + n.ID.ToString().PadLeft(3, '0')) == userName) != true)
            {
                return Json(true);
            }

            return Json($"Employee does not exist.");

然后根据 Tisa 在回复中的建议更改为以下内容。

public class InputValidationController : Controller
    {
        private readonly ApplicationDbContext _dbContext;

        public InputValidationController(ApplicationDbContext dbContext)
        {
            _dbContext = dbContext;
        }

        [AcceptVerbs("GET", "POST")]
        public IActionResult IdVerification(string userName)
        {
            var allUserList = (from u in _dbContext.Employee
                               select new
                               {
                                   Name = u.First_Name + "." + u.ID.ToString().PadLeft(3, '0')
                               })
                               .ToList().Where(x => x.Name == userName);

            if (allUserList != null)
            {
                return Json(true);
            }
            return Json($"Employee does not exist.");
        }
    }

输入 class 所在的页面模型。

public class ResetPasswordModel : PageModel
    {
        private readonly UserManager<IdentityUser> _userManager;
        private readonly SignInManager<IdentityUser> _signInManager;
        private readonly ILogger<ResetPasswordModel> _logger;


        public ResetPasswordModel(UserManager<IdentityUser> userManager, SignInManager<IdentityUser> signInManager, ILogger<ResetPasswordModel> logger)
        {
            _userManager = userManager;
            _signInManager = signInManager;
            _logger = logger;
        }

        [BindProperty]
        public InputModel Input { get; set; }

        [TempData]
        public string StatusMessage { get; set; }

        public class InputModel
        {
            [Required]
            [Display(Name = "User Name [ First Name.### (Employee number) ]")]
            [Remote(action: "IdVerification", controller: "InputValidation")]
            public string UserName { get; set; }

            [Required]
            [StringLength(20, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 3)]
            [DataType(DataType.Password)]
            public string Password { get; set; }

            [DataType(DataType.Password)]
            [Display(Name = "Confirm password")]
            [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
            public string ConfirmPassword { get; set; }

            //public string Code { get; set; }
        }
    ...
    }

最后是查看页面。 SQL_Web_App 是项目的名称并且具有 UserRoles class.

@page
@model ResetPasswordModel
@using SQL_Web_App

@{
    ViewData["Title"] = "Reset password";
}

@if (User.IsInRole(UserRoles.AdminRole))
{
    <h1>@ViewData["Title"]</h1>
        <h4>Reset password for a user.</h4>
    <hr />
    <div class="row">
        <div class="col-md-4">
            <form method="post">
            <div asp-validation-summary="ModelOnly" class="text-danger"></div>
            <div class="form-group">
                <label asp-for="Input.UserName"></label>
                <input asp-for="Input.UserName" class="form-control" />
                <span asp-validation-for="Input.UserName" class="text-danger"></span>
            </div>
            <div class="form-group">
                <label asp-for="Input.Password"></label>
                <input asp-for="Input.Password" class="form-control" />
                <span asp-validation-for="Input.Password" class="text-danger"></span>
            </div>
            <div class="form-group">
                <label asp-for="Input.ConfirmPassword"></label>
                <input asp-for="Input.ConfirmPassword" class="form-control" />
                <span asp-validation-for="Input.ConfirmPassword" class="text-danger"></span>
            </div>
            <button type="submit" class="btn btn-primary">Reset</button>
            </form>
        </div>
    </div>
}

我在这次编辑之前的声明 1

As you can see under the display of the `InputModel` the user name is "FirstName.EmployeeNumber", I am trying to match that input to `_dbContext.Employee.Any(n => n.First_Name + "." + n.ID.ToString().PadLeft(3, '0')` but I do not get any result for both != and ==.

现在我在下面尝试了 == 和 != 结果总是不为空。

if (allUserList != null)
{
    Json(true);
}
return Json($"Employee does not exist.");

请大家帮我看看哪里做错了

谢谢。

random name input but no validation message

您可以将逻辑更改为:

要在您的代码中获取 Name,您应该使用 Model 接受它,然后获取

用户名属性.

public IActionResult IdVerification(InputModel input)
    {
        var username=input.UserName;
        var allUserList = (from u in _dbcontext.Employee
                           select new
                           {
                               Name = u.First_Name + "." + u.ID.ToString().PadLeft(3, '0')
                           })
                           .ToList();

        if (allUserList[0].Name==userName)
        {
            return Json(true);
        }
        return Json($"Employee does not exist.");
    }