如何在Startup.cs之外设置数据库连接字符串用户名和密码?
[英]How to set DB connection string username & password outside of Startup.cs?
问题描述
I want to be able to restrict CRUD access for non-logged in users of a web application. 
我希望能够限制Web应用程序的未登录用户的CRUD访问。 This means I need to set the connection string after I have validated if they are a currently logged in user or not. 这意味着我需要在验证它们是否是当前登录用户之后设置连接字符串。
I have CRUD restrictions in my code, but want to put the account permissions in place to ensure users cannot access tables they are not supposed to access, or perform actions they are not supposed to perform. 我的代码中有CRUD限制,但希望将帐户权限放在适当的位置,以确保用户无法访问他们不应访问的表,或执行他们不应执行的操作。
Right now my connection string is set in my Startup.cs file: 现在我的连接字符串在我的Startup.cs文件中设置:
services.AddDbContext<WorldContext>(options => options
.UseMySql(_config["ConnectionStrings:Database"]));
How can I set the connection string, or at least the username & password for the DB account outside of startup? 如何在启动之外设置连接字符串,或者至少设置数据库帐户的用户名和密码? Sometime after I have validated that the user is logged in? 在我确认用户已登录后的某个时间?
I am using ASP.Net Core , Entity Framework Core , and Asp.NET Core Identity . 我正在使用ASP.Net Core , Entity Framework Core和Asp.NET Core Identity 。
I want to grant only the necessary permissions that the user will need. 我只想授予用户所需的必要权限。 As quoted from here: https://msdn.microsoft.com/en-us/library/cc716760(v=vs.110).aspx 引用自: https : //msdn.microsoft.com/en-us/library/cc716760(v = vs1010).aspx
Grant users only the necessary permissions in the data source.
1 个解决方案
解决方案1
0 2017-01-19 05:55:54
There are multiple ways to do this but I would like to do it like this. 有多种方法可以做到这一点,但我想这样做。
Create two DbContext one for user authentications and reading users database login details. 创建两个DbContext用于用户身份验证和读取用户数据库登录详细信息。 Second for users which used to do CRUD operations on rest of the tables. 其次是用于在其余表上执行CRUD操作的用户。
Question is how we register these two DbContext and where??? 问题是我们如何注册这两个DbContext以及???
Here Asp.net Core Dependence Injection will did lots of work for us. 在这里Asp.net Core Dependence Injection将为我们做很多工作。
We can register the LoginDbContext in Startup.cs (as sample project did) which will used to validate the users and get there DB users login details.Also need to Inject IServiceCollection where we validate the users, So we can register the CRUDDbContext while creating connection string with user detail which we get from database. 我们可以在Startup.cs注册LoginDbContext (作为示例项目),用于验证用户并获取DB用户登录详细信息。还需要Inject IServiceCollection我们验证用户,因此我们可以在创建连接时注册CRUDDbContext我们从数据库中获取的用户详细信息的字符串 After that we can Inject the CRUDDbContext in controller or repository classes. 之后,我们可以在控制器或存储库类中注入CRUDDbContext 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.