在领域驱动设计的上下文中,我在哪里可以找到关于身份验证和授权的信息?

时间:2021-07-20 15:10:34

I'm trying to do things the DDD (domain driven design) way. And boy do I struggle. In all books I read, Authentication is of no concern and not mentioned!

我正在尝试用DDD(领域驱动设计)的方式做事情。我挣扎着。在我读过的所有书中,认证是无关紧要的,也没有被提及!

I've written my own Authentication and Membership Service which are responsible for registering and logging in users, creating salted passwords etc. I do not use .NET's Membership Provider but do rely on Forms Authentication.

我已经编写了自己的身份验证和成员资格服务,它们负责注册和登录用户,创建安全的密码等等。

I've implemented a User model that holds the Username, E-Mail, PasswordHash, ApprovalStatus etc.

我实现了一个用户模型,其中包含用户名、电子邮件、PasswordHash、ApprovalStatus等等。

Now I guess the rest of the domain model shouldn't concern itself with the Users. I have a class Person that is used to model Persons and their associated data. As such it can be used to model personal data from users and from non-users. An object of type Company works with Persons, not Users. And an Activity is assigned to a Person, not a User.

现在,我认为域模型的其余部分不应该与用户相关。我有一个类Person用于建模人员及其相关数据。因此,它可以用来模拟用户和非用户的个人数据。类型公司的对象与人员而不是用户一起工作。一个活动被分配给一个人,而不是一个用户。

The question, how do I relate the Person model to the User model? I don't really want a reference to each other in either of the two models. Should I create some Relationship model called PersonUser and create an additional service that retrieves the person object for the currently authenticated user?

问题是,我如何将Person模型与用户模型联系起来?我不想在这两个模型中互相引用。我是否应该创建一个名为PersonUser的关系模型,并创建一个额外的服务来为当前认证的用户检索person对象?

1 个解决方案

#1


2  

Judging from what you've presented, you've got a couple of known facts:

从你的陈述来看,你有几个已知的事实:

  1. Every User is a Person
  2. 每个用户都是一个人。
  3. Not every Person is a User
  4. 并不是每个人都是用户

That being the case, I would expand the person model to include a nullable UserId field so that you can relate the User to the Person for those Persons that are also users.

在这种情况下,我将扩展person模型以包含一个nullable UserId字段,以便您可以将用户与那些也是用户的人关联起来。

Now I'm also going to assume that you have several "Fetch" methods in the person model.. to retrieve a person by ID, Name, Department, etc...

现在我还假设在person模型中有几个“Fetch”方法。通过ID、姓名、部门等检索一个人。

I would overload (or create a different) fetch method to also retrieve the person object from a User as well (this can be either an id, or the foll user object).

我将重载(或创建一个不同的)fetch方法,以便也从用户那里检索person对象(可以是id,也可以是foll User对象)。

public IPerson Fetch(IUser user) {}

Of course, since you have the known fact that every user is also a person, I personally see no harm nor foul in expanding the user object to include a person property...

当然,既然你知道每个用户都是一个人,我个人认为扩展用户对象以包含一个person属性不会有任何伤害或不公平……

public interface IUser 
{
   ...
   IPerson Person { get; set; }
}

Then, you can return the user object as always.. and perhaps do some funky lazy loading of the person field in the user... or populate both when you fetch the user object.

然后,您可以像往常一样返回user对象。而且可能会在用户中做一些奇怪的延迟加载。或者在获取用户对象时填充这两个对象。

I'm not sure if creating a "mapping" table of User <-> Person is going to garner you much of anything beyond what I've outlined above (although you will get kudo's from the hardcore DBA's for denormalizing your data).. to me it's just an extra table to join to to get the same effect.

我不确定是否创建一个用户<->人的“映射”表会让您获得超出我上面所描述的任何东西(尽管您将从hardcore DBA的数据库中得到kudo的数据)。对我来说,它只是一个额外的表来加入以获得相同的效果。

#1


2  

Judging from what you've presented, you've got a couple of known facts:

从你的陈述来看,你有几个已知的事实:

  1. Every User is a Person
  2. 每个用户都是一个人。
  3. Not every Person is a User
  4. 并不是每个人都是用户

That being the case, I would expand the person model to include a nullable UserId field so that you can relate the User to the Person for those Persons that are also users.

在这种情况下,我将扩展person模型以包含一个nullable UserId字段,以便您可以将用户与那些也是用户的人关联起来。

Now I'm also going to assume that you have several "Fetch" methods in the person model.. to retrieve a person by ID, Name, Department, etc...

现在我还假设在person模型中有几个“Fetch”方法。通过ID、姓名、部门等检索一个人。

I would overload (or create a different) fetch method to also retrieve the person object from a User as well (this can be either an id, or the foll user object).

我将重载(或创建一个不同的)fetch方法,以便也从用户那里检索person对象(可以是id,也可以是foll User对象)。

public IPerson Fetch(IUser user) {}

Of course, since you have the known fact that every user is also a person, I personally see no harm nor foul in expanding the user object to include a person property...

当然,既然你知道每个用户都是一个人,我个人认为扩展用户对象以包含一个person属性不会有任何伤害或不公平……

public interface IUser 
{
   ...
   IPerson Person { get; set; }
}

Then, you can return the user object as always.. and perhaps do some funky lazy loading of the person field in the user... or populate both when you fetch the user object.

然后,您可以像往常一样返回user对象。而且可能会在用户中做一些奇怪的延迟加载。或者在获取用户对象时填充这两个对象。

I'm not sure if creating a "mapping" table of User <-> Person is going to garner you much of anything beyond what I've outlined above (although you will get kudo's from the hardcore DBA's for denormalizing your data).. to me it's just an extra table to join to to get the same effect.

我不确定是否创建一个用户<->人的“映射”表会让您获得超出我上面所描述的任何东西(尽管您将从hardcore DBA的数据库中得到kudo的数据)。对我来说,它只是一个额外的表来加入以获得相同的效果。