我们如何在安全的ApiController操作中获取当前用户,而不将userName或userId作为参数传递?
我们假设这是可用的,因为我们处于安全行动中.处于安全行动意味着用户已经过身份验证,并且请求具有她的承载令牌.鉴于WebApi已授权用户,可能存在一种内置方式来访问userId,而不必将其作为操作参数传递.
我正在运行一个ASP.NET mvc5应用程序,目前有500万用户.它托管在Azure云中.对于身份验证,我使用Asp.Net Identity for EntityFramework.
但是,我得到的用户越多,寄存器功能就越慢.我尝试缩放数据库,但结果仍然相同.新用户注册大约需要6-7秒.
我也试着搜索如何提高身份系统的性能,但我找不到任何相关的东西.
我真的很想知道是否有人知道如何才能提高它的性能.
更新:我在搜索的字段上有索引,而且,我在Azure中选择的数据库订阅是具有200个DTU的P3 SQL数据库.
我描述了数据库,我发现了一个可疑的选择查询.我删除了一些预测并用"...."替换它们,所以它不会太长,你可以看到什么是查询.
SELECT
[UnionAll2].[Gender] AS [C1],
....
[UnionAll2].[UserName] AS [C27],
[UnionAll2].[C1] AS [C28],
[UnionAll2].[UserId] AS [C29],
[UnionAll2].[RoleId] AS [C30],
[UnionAll2].[UserId1] AS [C31],
[UnionAll2].[C2] AS [C32],
[UnionAll2].[C3] AS [C33],
[UnionAll2].[C4] AS [C34],
[UnionAll2].[C5] AS [C35],
[UnionAll2].[C6] AS [C36],
[UnionAll2].[C7] AS [C37],
[UnionAll2].[C8] AS [C38],
[UnionAll2].[C9] AS [C39]
FROM (SELECT
CASE WHEN ([Extent2].[UserId] IS NULL) THEN CAST(NULL AS int) ELSE 1 END AS [C1],
[Limit1].[Gender] AS [Gender],
....
[Limit1].[UserName] AS [UserName],
[Extent2].[UserId] AS … 在常规控制器中,以下代码有效:
[HttpPost]
public ActionResult Custom()
{
string name = User.Identity.GetUserName();
string id = User.Identity.GetUserId();
return Content(string.Format("Name:{0} </br> ID: {1}",name, id));
}
在Web Api 2 Controller中,name和id字符串为空:
[HttpPost]
public IHttpActionResult Test()
{
string name = User.Identity.GetUserName();
string id = User.Identity.GetUserId();
return Ok();
}
任何人都可以告诉我为什么GetUserId()在普通控制器中工作但不在Api中工作?在这两种情况下我都登录,并被GlobalConfiguration.Configure(WebApiConfig.Register);添加Application_Start()进去Global.asax.cs.
我有另一个问题.如果我用[Authorize]属性装饰我的api控制器,我甚至无法访问我的api.当我已登录时,邮递员会将我引导至登录页面.
[[Authorize]]
public class TestController : ApiController
{
....