This is on top of the original ApiTemplate project, add a user login access control module for verification ApiTemplate project in the face of a few simple questions, how to abstract and to support future expansion. User login access control module looks very simple, but because of his spare time is always limited. With this opportunity so once users agile development practices. First split module, this only implement user login and logout.
apitemplate Project Address: https://github.com/cqhaibin/ApiTemplate
A summary put in front
Minimize mandate
- This task is only limited on the "username + password" to this task, and does not contain persistent data, so that when done repeatedly test themselves, not to out of range. and so
- Query user registration information, online storage-related user interfaces only to define and implement simulation, not a specific storage implementation
- Taking into account the business logic is stable, and the storage is variable, the database entity object and object separation business entity
To mandate a deadline
Like this it only lists the deadline of the task, but no time limit for each sub-stages are listed, such as: demand must go through a needs analysis, module design, code implementation phases. These sub-stage also need to give a specific deadline.
From outside to inside layer to promote
- Define UI / service layer interfaces
because UI interface to provide a variety of ways (eg: rest api, rpc, etc.), so basic to the service layer interface standard, an interface layer UI just do a simple conversion and call. Wherein Moddel UI / service layer interface input / output parameters will be defined (two shared Model) - Implement the service layer interface
this step implement the service layer interface, you will find the need to rely on online user management module, and database layer (queries registered user information), where I only defines the interface to query the user registration information, and temporarily make a specific implementation. Then enter the third step - Online user-defined interface module
in this step include: online user management interface entity, the entity online user interface. To not realize after a good definition. Improve the service layer implementations rely on this module call, where you may repeatedly adjust the way online users modules input / output parameters Model, in order to achieve integration and services layer - Online user interface module to achieve
this step for online user interface to manage entities, entity online user interface. At this point we found online also rely on user memory interface (only definition, do not do to achieve)
Second, the user needs
According to implement the login user name, log out interface.
Third, demand analysis
- Username: Supports English, numbers, characters, and special characters; user names are not case sensitive
- Password: Supports English, numbers, special characters, case sensitive
- Tip: The user does not exist and the password is wrong to distinguish between the tips
- This stage does not consider the data persistence, because you want to quickly verify the feasibility prototype
Fourth, system design
Interface Design
Unified interface using a rest api, to achieve login, logout two interfaces
- Login Interface
- Interface name: PostLogin
- Request type: post
- Input parameters
{ The userName < String >, // username password < String > // password }
- Return parameters
{ IsSuccess < BOOL >, // request is successful the resultCode <Number>, // Request Status Code 200006: account does not exist; 200001: account is disabled; 200002: password error Data < Object > : { token < String > // login after a successful return to the token the user < Object >: { // user object realname < String >, // user name userName < String >, // login name the above mentioned id < int >, // user Id config <String >, // user extension information, json string mobilephone < String >, // phone number } } }
- Logout Interface
- Interface Name: LoginOut
- Request type: get
- Input parameters
through url, order header, cookie acquisition token - Return parameters
{ IsSuccess < BOOL >, // request is successful the resultCode <Number>, // Request Status Code }
detailed design
Interface login detailed design
- Process
- Online User Management
- Online user management interface class
class IOnlineUserMgr { /// <Summary> /// add users to the list of online users, this method requires persistent login information /// </ Summary> /// <param name = "Entity"> </ param> void the Add (IUserEntity Entity); /// <Summary> /// remove a corresponding user according to the token, this method requires persistence logout information /// </ Summary> /// <param name = "token" > </ param> /// <Returns> </ Returns> BOOL the remove ( String token); /// <Summary> /// remove a user based on user Id, this method requires persistence logout information /// </ Summary> /// <param name="id"></param> /// <Returns> </ Returns> BOOL the Remove ( int ID); /// <Summary> /// back online users from the Persistent Layer /// </ Summary> void the Load (); /// <Summary> // / Get all online users /// </ Summary> the IList <IUserEntity> GetAll (); IUserEntity the Get ( int the userId); }
- User interface class entity
class IUserEntity{ UserInfo UserInfo { get; } string Token { get; } /// <summary> /// 客户端信息 /// </summary> RequestClientInfo ClientInfo { get; } DateTime LoginTime { get; } DateTime ExpiredTime { get; } /// <summary> /// 用户登录配置 /// </summary> UserAuthOption Option { get; } TokenEntity GetTokenEntity(); }
- Explanation
- token generation rule
user key = token_UserId_UserName_IP_OS_Time, then the user token as a key value calculated by MD5 - UAParser
achieve UserAgent string to the conversion target.
- token generation rule
Out the detailed design of the interface
- Process
Fifth, the data dictionary
- Online User Information
- user