清洁架构中的数据库登录?
[英]Database Login in Clean Architecture?
问题描述
I'm pretty new to Clean Architecture and like the principals.
我对清洁架构很陌生,并且喜欢校长。 If we define data access interfaces and the implementation comes later that's all good.如果我们定义数据访问接口并且稍后实现,那一切都很好。
In my case my application will have data from several sources.就我而言,我的应用程序将包含来自多个来源的数据。 Now if I have a database instead of using the file system for the implementation, I will need a database login and therefore prompt a user.现在,如果我有一个数据库而不是使用文件系统来实现,我将需要一个数据库登录,因此会提示一个用户。 How does this fit in with Clean Architecture since the domain and application layers shouldn't know about implementation?Only implementing with a database brings a requirement for a login.由于域和应用程序层不应该知道实现,这如何与 Clean Architecture 相适应?只有使用数据库实现才会需要登录。
Cheers, Alan干杯,艾伦
1 个解决方案
解决方案1
0 2021-12-12 06:16:51
A good question, but sadly there is no simple answer to most good questions.一个好问题,但遗憾的是,大多数好问题都没有简单的答案。
A naive approach would be to ask the user for the credentials in the UI and then pass them as a user case request object to the use case.一种天真的方法是在 UI 中向用户询问凭据,然后将它们作为用户案例请求 object 传递给用例。 The use case can then pass them to the repository.然后,用例可以将它们传递给存储库。
But like any simple solutions for complex problems it has pitfalls.但就像任何针对复杂问题的简单解决方案一样,它也存在缺陷。
The simple solution means that the credentials must be passed to the use case (and forwarded to the repository) on every use case invokation.简单的解决方案意味着必须在每个用例调用时将凭据传递给用例(并转发到存储库)。 Since you don't want the user to enter the password on every use case, you must store the password in the application state in a secure manner.由于您不希望用户在每个用例中都输入密码,因此您必须以安全的方式将密码存储在应用程序 state 中。 This strongly depends on the kind of application you develop.这在很大程度上取决于您开发的应用程序类型。 Is it a desktop app, a mobile, a web or even cloud application.它是桌面应用程序、移动应用程序、web 还是云应用程序。
If you have a desktop app you might want to use repository instances that are session scoped.如果您有桌面应用程序,您可能希望使用 session 范围的存储库实例。 Thus you must introduce some kind of session in your application state.因此,您必须在应用程序 state 中引入某种 session。 Maybe it is a simple map, maybe more.也许它是一个简单的 map,也许更多。 You can then either create use cases by passing them the repository from the session (if already logged in) or you can use a singleton use case instance that refers to a repository proxy (also a singleton) that delegates to the actual (logged in) repository.然后,您可以通过将 session(如果已登录)中的存储库传递给用例来创建用例,也可以使用 singleton 用例实例,该用例实例引用委托给实际(登录)的存储库代理(也是单例)存储库。
If you have a web application you might have multiple server nodes.如果您有 web 应用程序,您可能有多个服务器节点。 Thus there is no single session.因此没有单一的 session。 Every web request might be processed on a different node.每个 web 请求可能在不同的节点上处理。 You can use sticky sessions to prevent this, but on the cost of scalability.您可以使用粘性会话来防止这种情况,但会以可伸缩性为代价。 Otherwise you must find a way to also distribute the credentials in a secure manner.否则,您必须找到一种方法以安全的方式分发凭证。 Maybe you can use some kind of token.也许您可以使用某种令牌。
Sadly I can't give you a oneline answer since a good answer depends on much more and there dozens of solutions based on other requirements.可悲的是,我不能给你一个单一的答案,因为一个好的答案取决于更多,并且有几十个基于其他要求的解决方案。 I hope I could give you a feeling of the complexity and it helps you to narrow your question.我希望我能给你一个复杂的感觉,它可以帮助你缩小你的问题。
解决方案2
0 2021-12-19 07:48:53
Accepting login data from user does not mean you expose domain to implementation details, it only means you get that input from presentation layer (and of course should save it in a secured way for later use) rather than save it ahead somewhere in your infrastructure layer.接受来自用户的登录数据并不意味着您将域暴露给实现细节,它仅意味着您从表示层获得该输入(当然应该以安全的方式将其保存以供以后使用),而不是将其保存在基础设施层的某个地方.
In a way, ui client and infrastructure are similar, they are both considered as implementation details.在某种程度上,ui 客户端和基础设施是相似的,它们都被视为实现细节。 That is why they are both presented in the same outer circle of the CA diagram.这就是为什么它们都出现在 CA 图的同一个外圈中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.