简体繁体 English

分开处理用户和身份验证逻辑还是一起处理更好？

[英]Is it better to handle user and authentication logic separated or together?

原文 2022-12-27 04:19:02 5 2 oop/ architecture/ software-design

I am currently developing a codebase for all mobile projects developed by our team.我目前正在为我们团队开发的所有移动项目开发代码库。

One of the main services I'm working on is the authentication service, but I am unsure about whether to treat authentication and the user together or separated, understanding authentication as all the process of obtaining and storing the authentication token (sign in, sign up and sign out), and user as the instance of that user, all its data and all the methods linked to it (CRUD of the user and related content).我正在做的主要服务之一是身份验证服务，但我不确定是将身份验证和用户放在一起还是分开，将身份验证理解为获取和存储身份验证令牌的所有过程（登录，注册并注销），用户作为该用户的实例，它的所有数据和所有链接到它的方法（用户和相关内容的 CRUD）。

2 个解决方案

You really want to think about authentication and authorization separately if you can.如果可以的话，您确实希望分别考虑身份验证和授权。 For small enough project's it's worth consolidating, but the more separation you can include the better for the future.对于足够小的项目来说，合并是值得的，但是你可以包含的分离越多，对未来越好。

Just to baseline: Authentication => Who are you?只是基线：身份验证=>你是谁？ Authorization => What can you do?授权 => 你能做什么？

Authentication paradigms are almost always (these days) external, from SAML, to FIDO2, to whatever comes next... It's going to be a moving target, and you DON'T want your authorization scheme tightly tied to it.身份验证范例几乎总是（这些天）外部的，从 SAML 到 FIDO2，再到接下来发生的任何事情……这将是一个移动的目标，您不希望您的授权方案与它紧密相关。 Authorization is almost always an internal concern, and should not be tied to the flavor of the week that is authentication.授权几乎总是一个内部问题，不应与身份验证这一周的风格挂钩。 Not to mention the fact that it is a near certainty that you will soon be supporting multiple authentication protocols simultaneously (you aren't already?), and embedding roles based on that auth is a messy thing at best.更不用说几乎可以肯定的是，您很快就会同时支持多种身份验证协议（您还没有？），并且基于该身份验证的嵌入角色充其量是一件混乱的事情。

Also, you are at some point going to need to do something horrible, like dumping your user database and moving to a new provider.此外，在某些时候您需要做一些可怕的事情，例如转储您的用户数据库并转移到新的提供商。 Don't make that even messier by putting all your authorization logic in there.不要通过将所有授权逻辑放在那里而使事情变得更加混乱。

Finally, testing is immensely easier when you can mock authorization without authentication.最后，当您无需身份验证即可模拟授权时，测试会变得非常容易。 Test cases will dramatically simplify if you can "impersonate" a different role on demand.如果您可以按需“模拟”不同的角色，测试用例将大大简化。

In any reasonably large/complex product you will have multiple domain views onto a user.在任何相当大/复杂的产品中，您将对用户有多个域视图。

Each of these views will translate into separately stored data and logic/services for each view.这些视图中的每一个都将转化为每个视图的单独存储的数据和逻辑/服务。 The key being separation of concerns.关键是关注点分离。

In order to make sure the different views can be connected it is useful to have a common identifier for a user that you may want to pass between services.为了确保可以连接不同的视图，为您可能希望在服务之间传递的用户提供一个公共标识符是很有用的。 But you may not need to pass a lot of additional information across the services.但是您可能不需要跨服务传递大量附加信息。 For example the domain services do not need to know about passwords etc.例如域服务不需要知道密码等。

Even in your question an authentication service may be separate from an authorization service may be separate from anything else, etc.即使在您的问题中，身份验证服务也可能与授权服务分开，而授权服务可能与其他任何东西分开，等等。