红花还得绿叶陪衬。vue前端开发离不开数据,这数据正来源于请求web api。为什么采用.net core web api呢?因为考虑到跨平台部署的问题。即使眼下部署到window平台,那以后也可以部署到Linux下。
.net core web api与mvc的web api类似。我把遇到的问题归纳下:
1、部署问题
都说.net core web api,后面我简称api。它有两种部署方式,一个是在iis上部署,另外一个是自托管,类似控制台,通过dotnet run 命令启动的。
1.1 自托管部署
dotnet myapp.dll
网上说,通过hosting.json
{ "server.urls": "http://localhost:60000;http://localhost:60001" }
这种方式有个问题,在配置了urls,并没有走配置。
public static void Main(string[] args) { var config = new ConfigurationBuilder() .SetBasePath(Directory.GetCurrentDirectory()) .AddJsonFile("hosting.json", optional: true) .Build(); var host = new WebHostBuilder() .UseKestrel() .UseConfiguration(config) .UseContentRoot(Directory.GetCurrentDirectory()) .UseIISIntegration() .UseStartup<Startup>() .Build(); host.Run(); }
不过人家是说在Linux环境下的部署,我在window下测试是不行的,不知道是哪的问题,后面可以再研究。
1.2、iis上部署
必须首先安装AspNetCoreModule,搜索这个模块,它的描述如下:
The ASP.NET Core Module allows ASP.NET Core apps to run in an IIS worker process (in-process) or behind IIS in a reverse proxy configuration (out-of-process). IIS provides advanced web app security and manageability features.
这句话大意:api有两种运行模式,一种是运行在iis工作进程中(In-process hosting model),另外一种是通过反向代理配置,运行在外(Out-of-process hosting model)。具体,可参考官方文档。
这是文档中 In-process hosting model图,我们可以看出,http请求首先到达kernel-mode HTTP.sys driver,http监听器,监听器把请求给iis,首先是Asp.NET Core Module接受,然后传递给IISHttpServer,它把请求转换为托管代码,进入.net core middelware pipline,最后才是我们的api代码。换句话说,Asp.NET Core Module类似中间件的作用,它先处理的一部分事情。这是我们项目中采取的部署方案,另外一种模式可能比较复杂,大家阅读官方文档。
2、全局异常处理
我们知道mvc中,有两种异常处理:
使用Global.asax的Application_Error事件进行全局异常处理以及使用HandleErrorAttribute特性捕获全局异常
.net core api中可以编写异常处理的中间件,如下:
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Logging; using Newtonsoft.Json; using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Net; using System.Threading.Tasks; using System.Xml.Serialization; namespace ElectronInfoApi.Business { public class GlobalExceptionMiddleware { private readonly RequestDelegate next; public GlobalExceptionMiddleware(RequestDelegate next) { this.next = next; } public async Task Invoke(HttpContext context) { try { await next(context); } catch (Exception ex) { await HandleExceptionAsync(context, ex); } } private async Task HandleExceptionAsync(HttpContext context, Exception exception) { if (exception == null)return; await WriteExceptionAsync(context, exception).ConfigureAwait(false); } private async Task WriteExceptionAsync(HttpContext context, Exception exception) { //记录日志 this.Log().Error($"系统发生了异常:{exception.Message}, {exception.StackTrace}"); //返回友好的提示 var response = context.Response; //状态码 if (exception is UnauthorizedAccessException) response.StatusCode = (int)HttpStatusCode.Unauthorized; else if (exception is Exception) response.StatusCode = (int)HttpStatusCode.BadRequest; response.ContentType = context.Request.Headers["Accept"]; response.ContentType = "application/json"; await response.WriteAsync(JsonConvert.SerializeObject(new {state=400,message="出现未知异常"})).ConfigureAwait(false); } } public static class VisitLogMiddlewareExtensions { public static IApplicationBuilder UseGlobalException(this IApplicationBuilder builder) { return builder.UseMiddleware<GlobalExceptionMiddleware>(); } } }
在startup>Configure中添加
app.UseGlobalException();
官网有文档,是这么定义中间件的:
Middleware is software that\'s assembled into an app pipeline to handle requests and responses
3、安全验证
接口验证,是为了安全性考虑,采用Jwt(Json web token)。
第一步,添加包引用:
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="2.1.2" />
第二步,配置:
"Issuer": "ElectronInfo", "Audience": "ElectronInfo", "SecretKey": "ElectronInfo is a web of shanxi dianzi qingbao weiyuanhui"
第三步,在Startup>ConfigureServices中添加授权服务:
var jwtSettings = new JwtSettings(){ Issuer=AppSetting.GetConfig("Issuer"), Audience=AppSetting.GetConfig("Audience"), SecretKey=AppSetting.GetConfig("SecretKey"), }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(o => { o.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidIssuer = jwtSettings.Issuer, ValidAudience = jwtSettings.Audience, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.SecretKey)), ValidateIssuerSigningKey = true, ValidateIssuer = true, ValidateLifetime = true, ClockSkew = TimeSpan.Zero }; });
第四步:在Startup>Configure中添加
app.UseAuthentication();
第五步:给整个Controller或者需要接口验证的action中添加
[Authorize]
附:AppSetting类,读取appsettings.json,如下:
using System.IO; using Microsoft.Extensions.Configuration; namespace ElectronInfoApi.Business { public class AppSetting { private static readonly object objLock = new object(); private static AppSetting instance = null; private IConfigurationRoot Config {get; } private AppSetting() { var builder = new ConfigurationBuilder() .SetBasePath(Directory.GetCurrentDirectory()) .AddJsonFile("appsettings.json", optional:false, reloadOnChange:true); Config = builder.Build(); } public static AppSetting GetInstance() { if (instance == null) { lock (objLock) { if (instance == null) { instance = new AppSetting(); } } } return instance; } public static string GetConfig(string name) { return GetInstance().Config.GetSection(name).Value; } }}
4、日志log4
.net core中本来就支持console输出日志。不过今天我要说的是log4,在传统的.net中普遍使用。
第一步,添加包引用:
<PackageReference Include="log4net" Version="2.0.8" />
第二步,添加配置文件log4net.config:
<?xml version="1.0" encoding="utf-8" ?> <configuration> <!-- This section contains the log4net configuration settings --> <log4net> <appender name="ConsoleAppender" type="log4net.Appender.ConsoleAppender"> <layout type="log4net.Layout.PatternLayout" value="%date [%thread] %-5level %logger - %message%newline" /> </appender> <!--<appender name="FileAppender" type="log4net.Appender.FileAppender"> <file value="log-file.log" /> <appendToFile value="true" /> <layout type="log4net.Layout.PatternLayout"> <conversionPattern value="%date [%thread] %-5level %logger [%property{NDC}] - %message%newline" /> </layout> </appender> --> <appender name="RollingLogFileAppender" type="log4net.Appender.RollingFileAppender"> <file value="logfile/" /> <appendToFile value="true" /> <rollingStyle value="Composite" /> <staticLogFileName value="false" /> <datePattern value="yyyyMMdd\'.log\'" /> <maxSizeRollBackups value="10" /> <maximumFileSize value="1MB" /> <layout type="log4net.Layout.PatternLayout"> <conversionPattern value="%date [%thread] %-5level %logger [%property{NDC}] - %message%newline" /> </layout> </appender> <!-- Setup the root category, add the appenders and set the default level --> <root> <level value="ALL" /> <appender-ref ref="ConsoleAppender" /> <!--<appender-ref ref="FileAppender" />--> <appender-ref ref="RollingLogFileAppender" /> </root> </log4net> </configuration>
第三步,包装以及扩展log4,为了更方便使用:
首先定义一个接口IMLog:
using System; namespace ElectronInfoApi.Business { public interface IMLog { // Methods void Debug(string message); void Error(string message, Exception exception); void Error(string message); void Fatal(string message); void Info(string message); void Warn(string message); } public interface IMLog < T > { }
再定义包装器Log4NetWapper:
using System; using log4net; using log4net.Core; namespace ElectronInfoApi.Business { public class Log4NetWapper:IMLog, IMLog < Log4NetWapper > { private ILog _logger; public Log4NetWapper(string loggerName) { this._logger = LogManager.GetLogger(Startup.repository.Name, loggerName); } public void Debug(string message) { _logger.Debug(message); } public void Error(string message, Exception exception) { _logger.Error(message, exception); } public void Error(string message) { _logger.Error(message); } public void Fatal(string message) { _logger.Fatal(message); } public void Info(string message) { _logger.Info(message); } public void Warn(string message) { _logger.Warn(message); } } }
最后定义扩展方法 LogExtensions:
using System.Collections.Concurrent; namespace ElectronInfoApi.Business { public static class LogExtensions { // Fields private static readonly ConcurrentDictionary < string, IMLog > _dictionary = new ConcurrentDictionary < string, IMLog > (); // Methods public static IMLog Log(this string objectName) { if ( ! _dictionary.ContainsKey(objectName)) { IMLog log = new Log4NetWapper(objectName); _dictionary.TryAdd(objectName, log); } return _dictionary[objectName]; } public static IMLog Log < T > (this T type) { return typeof(T).FullName.Log(); } }}
第四步,在Startup中使用:
public static ILoggerRepository repository {get; set; } public Startup(IConfiguration configuration) { repository = LogManager.CreateRepository("NETCoreRepository"); XmlConfigurator.Configure(repository, new FileInfo("log4net.config")); Configuration = configuration; } public IConfiguration Configuration {get; }
5、.对net core中startup理解,见官方文档
好了,关于.net core api也是第一次正式使用,就总结到这里。