用户类负责身份验证吗?
[英]Is user class responsible for authentication?
问题描述
I have class named User , it has fields like username, password, firstName... . 
我有一个名为User类,它具有诸如用户名,密码,firstName ...的字段。 is it good to place authenticate(username, password) method in it? 在其中放置authenticate(username, password)方法好吗?
4 个解决方案
解决方案1
3 已采纳 2014-12-30 16:44:12
Ideally no, that should be the job of the controller. 理想情况下,不应该,这应该是控制器的工作。 User class should be just a data class, which is used by the controller (the business logic class) to evaluate things like Authenticate etc. 用户类应该只是一个数据类,控制器(业务逻辑类)使用它来评估诸如Authenticate等之类的东西。
Explanation: 说明:
You need to modularize your code(break it into components) and each component should be an independent entity but requires other components to give the whole picture of the system. 您需要对代码进行模块化(将其分解为组件),每个组件应该是一个独立的实体,但是需要其他组件来提供系统的整体情况。
It appears by your question that you want to perform some business layer operation in your DO(data object) class. 您的问题似乎表明您想在DO(数据对象)类中执行一些业务层操作。 It can be done but is never recommended as it kills the idea of separation of concerns. 可以做到,但绝不建议这样做,因为它会消除关注点分离的想法。
As for controllers, you could do something like 对于控制器,您可以执行以下操作
Have object/entity level managers, ie, for every entity you have a manager to handle its business logic stuff.
具有对象/实体级别的管理器,即,对于每个实体,您都有一个管理器来处理其业务逻辑。 Say for a User class you have a UserManager. 说一个User类,您有一个UserManager。 Have conceptual level controllers.
有概念级别的控制器。 This means that you have controllers that handle a specific module of your system(an entire concept). 这意味着您拥有处理系统特定模块(整个概念)的控制器。 For example, if you have a website that needs to authenticate users, you can have an AuthenticationController. 例如,如果您有一个需要对用户进行身份验证的网站,则可以有一个AuthenticationController。 Now, Authentication must not necessarily map to just one table/object, though it appears that its sole target is(logically) your User table/class etc, it could be doing other stuff and accessing other entities(depending on the requirement) etc. So by having entity level managers that are used by conceptual level controllers, you could ease your development. 现在,身份验证不一定必须仅映射到一个表/对象,尽管它的唯一目标似乎(在逻辑上)是您的用户表/类等,它可能正在做其他事情并访问其他实体(取决于需求)等。因此,通过使用概念性级别控制器使用的实体级别管理器,可以简化您的开发。
解决方案2
1 2014-12-31 14:19:39
I would say no. 我会说不。 Better is to have a Connection and create a user using login method with username and password: 最好是建立一个Connection并使用具有用户名和密码的登录方法创建一个用户:
class Connection{
public:
Connection(string connectionString);
User login(string userName, string Password);
};
解决方案3
1 2014-12-31 14:28:29
That would break the MVC (Model View Controller) structure. 这将破坏MVC(模型视图控制器)结构。 It is best to keep these three separated for code elegance, readability, and maintainability. 最好将这三个部分分开以提高代码的优美性,可读性和可维护性。 A quick example would be, in Java: 一个简单的例子是在Java中:
Model: 模型:
public class User {
private String username;
private String password;
(...)
}
Controller: 控制器:
import yourmodelpackage;
public class MyController {
public static boolean authenticate(String username, String password) {
//your logic
}
}
View: 视图:
//call your authenticate() method through the controller
MyController control = new MyController();
boolean b = control.authenticate(username, password);
There are a few design patterns that maximize the use of inheritance for this structure. 有一些设计模式可以最大限度地利用此结构的继承。 I'd recommend looking into the Decorator Design Pattern . 我建议您查看“ 装饰器设计模式” 。
解决方案4
0
如果您绝对希望将验证封装在该类中,则可以在User类上User hasPassword(string password)方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.