从Web API

时间:2016-07-10 10:57:12

标签: c# rest asp.net-web-api error-handling

我在C#中编写web api,试图遵循REST概念,即成功响应将是HttpStatus:200,验证错误将是433,依此类推。

我在global.asax中为整个应用程序注册了ExceptionFilter。

我的问题是,对于验证错误,例如验证期间,如果验证失败,那么应该如何将消息传回客户端(它必须是不同的状态代码,如433或401)。

截至目前,我正在从业务层抛出自定义异常。是否建议在出现错误时抛出异常?

以下是代码示例:

记录器

public class ExceptionFilter : ExceptionFilterAttribute
{
    public override void OnException(HttpActionExecutedContext context)
    {
        HttpResponseMessage response;
        if (context.Exception is ExceptionBase)
        {
            response = context.Request.CreateResponse(HttpStatusCode.InternalServerError,
                new ErrorDTO() { ErrorCode = (int)((ExceptionBase)context.Exception).ExceptionCode, Messages = ((ExceptionBase)context.Exception).Message });
        }
        else {
            response = context.Request.CreateResponse(HttpStatusCode.InternalServerError,
                new ErrorDTO() { ErrorCode = (int)HttpStatusCode.InternalServerError, Messages = "Error occured at server." });
        }
        context.Response = response;
        base.OnException(context);
        LogException(context);
    }

    private static void LogException(HttpActionExecutedContext context)
    {
        if (context.Exception != null)
        {
            Logger.Instance.LogError(context.ActionContext.ActionDescriptor.ActionName, context.Exception);
        }
    }

    public override Task OnExceptionAsync(HttpActionExecutedContext context, CancellationToken cancellationToken)
    {
        return base.OnExceptionAsync(context, cancellationToken);
    }
}

业务层

public AuthorizationTokenDTO AuthenticateUser(UserDTO userDTO)
{
    User userEntity = _userRepository.GetUserWithAssociatedRole(userDTO.UserName);

    if (userEntity == null)
        throw new BLException("User does not exists.", ExceptionCode.RestApiValidation);

    ActiveDirectory activeDirectory = _activeDirectoryRepository.GetEntityById(ConfigurationSettings.GetConfigSetting<int>(ApplicationConstants.ActiveDirectoryId));

    if (activeDirectory == null)
        throw new BLException("UserName or password is incorrect.", ExceptionCode.RestApiValidation);

    using (var context = new PrincipalContext(ContextType.Domain))
    {
        string password = EncryptionUtility.Decrypt(userDTO.Password, ConfigurationSettings.GetConfigSetting<string>(ApplicationConstants.PrivateKeyForRSAEncryption));

        if (!context.ValidateCredentials(userDTO.UserName, password))
            throw new BLException("UserName or password is incorrect.", ExceptionCode.RestApiValidation);

        UserAccessTokenDTO accessToken = GenrateNewUserAccessToken(userEntity);

        if (accessToken == null)
            throw new BLException("Error occured while generating access token.", ExceptionCode.RestApiValidation);

        return GetAuthorizationTokenDTO(userEntity, accessToken);
    }
}

是否建议针对此类案件抛出异常?或者有更好的方法来编写Web API吗?

1 个答案:

答案 0 :(得分:0)

ExceptionFilter应该只捕获&#34;未处理的&#34;例外,可以这么说。您可以在BusinessLayer中保留这些异常并在控制器中捕获它们,或者返回某种对象。然后只需从控制器中使用适当的HttpStatusCode返回这些响应。

或者,您可以将响应包装成也知道HttpStatusCode(&amp; error message)的内容。

相关问题
最新问题