创建Web Service
时我正在使用Entity Framework
。我有一个Entity
类扩展DBContext
。
在此类中,我每次创建context
时都写了逻辑来处理密码解密:
namespace ePdfExtractor.Entity
public partial class MyDBEntities : DbContext
{
public MyDBEntities()
: base()
{
}
protected override void OnModelCreating(DbModelBuilder modelBuilder)
{
throw new UnintentionalCodeFirstException();
}
public virtual DbSet<MyTable1> MyTable1 { get; set; }
public virtual DbSet<UserSvc> UserSvcs { get; set; }
}
这是我的实体另一个部分:
namespace ePdfExtractor.Entity
public partial class MyDBEntities
{
public MyDBEntities():
base(GetDecrptString())
{
}
public static string DecrypConnectionString(string connectionString)
{
return EncDec.EVODecrypt(connectionString);
}
public static string EncodeConnectionString(string connectionString)
{
return EncDec.EVOEncrypt(connectionString);
}
private static string GetDecrptString()
{
string connString = ConfigurationManager.ConnectionStrings["MyEntitiesConnection"].ConnectionString;
return EncDec.EVODecrypt(connString);
}
}
每次需要查询表时,我都会创建MyDBEntities
的新实例:
public partial class UserSvc
{
public static UserSvc Authenticate(string userName, string password)
{
using (var ctx = new MyDBEntities())
{
UserSvc userObj = ctx.UserSvcs.FirstOrDefault(u => u.UserName == userName && u.Password == password && u.Active);
return userObj;
}
}
}
在创建新的UserSvc
表之后,从数据库更新模型时,此类将重新生成,而我的解密逻辑以及构造函数的定义将被删除。
我该如何坚持下去,因此,每次我再生模型时,此类都只会使用新内容进行更新。那可以做到吗?
您需要部分类别的签名:
namespace ePdfExtractor.Entity
public partial class MyDBEntities
{
public MyDBEntities(string connectString):
base(GetDecrptString(connectString))
{
}
public static string EVOConnectionString(string connectionString)
{
return ConfigurationManager.ConnectionStrings["MyEntitiesConnection"].ConnectionString;
}
public static string DecrypConnectionString(string connectionString)
{
return EncDec.EVODecrypt(connectionString);
}
public static string EncodeConnectionString(string connectionString)
{
return EncDec.EVOEncrypt(connectionString);
}
private static string GetDecrptString(string connString)
{
return EncDec.EVODecrypt(connString);
}
}
然后用新的签名致电:
using (var ctx = new MyDBEntities(MyDBEntities.EVOConnectionString))
{
UserSvc userObj = ctx.UserSvcs.FirstOrDefault(u => u.UserName == userName && u.Password == password && u.Active);
return userObj;
}
您也可以进行黑客攻击:
namespace ePdfExtractor.Entity
public partial class MyDBEntities
{
public MyDBEntities(string dummy):
base(GetDecrptString())
{
}
public static string DecrypConnectionString(string connectionString)
{
return EncDec.EVODecrypt(connectionString);
}
public static string EncodeConnectionString(string connectionString)
{
return EncDec.EVOEncrypt(connectionString);
}
private static string GetDecrptString()
{
string connString = ConfigurationManager.ConnectionStrings["MyEntitiesConnection"].ConnectionString;
return EncDec.EVODecrypt(connString);
}
}
然后用新的签名致电:
using (var ctx = new MyDBEntities("Dummy"))
{
UserSvc userObj = ctx.UserSvcs.FirstOrDefault(u => u.UserName == userName && u.Password == password && u.Active);
return userObj;
}