Filter 是延續 ASP.NET MVC 的產物,同樣保留了五種的 Filter,分別是 Authorization Filter、Resource Filter、Action Filter、Exception Filter 及 Result Filter。
透過不同的 Filter 可以有效處理封包進出的加工,本篇將介紹 ASP.NET Core 的五種 Filter 運作方式。
同步發佈至個人部落格:
John Wu's Blog - [鐵人賽 Day14] ASP.NET Core 2 系列 - Filters
Filter 的作用是在 Action 執行前或執行後做一些加工處理。
某種程度來看,會跟 Middleware 很像,但執行的順序略有不同,用對 Filter 不僅可以減少程式碼,還可以減省執行效率。
ASP.NET Core 有以下五種 Filter 可以使用:
ASP.NET Core 的每個 Request 都會先經過已註冊的 Middleware 接著才會執行 Filter,除了會依照上述的順序外,同類型的 Filter 預設都會以先進後出的方式處裡封包。
Response 在某些 Filter 並不會做處理,會值接 Bypass。Request 及 Response 的運作流程如下圖:
ASP.NET Core 的 Filter 基本上跟 ASP.NET MVC 的差不多。
上述的五種 Filter 範例分別如下:
AuthorizationFilter.cs
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
namespace MyWebsite.Filters
{
public class AuthorizationFilter : IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
}
}
}
非同步的方式:
// ...
public class AuthorizationFilter : IAsyncAuthorizationFilter
{
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
await context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
}
}
案例:
例如
ResourceFilter.cs
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
namespace MyWebsite.Filters
{
public class ResourceFilter : IResourceFilter
{
public void OnResourceExecuting(ResourceExecutingContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
}
public void OnResourceExecuted(ResourceExecutedContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} out. \r\n");
}
}
}
非同步的方式:
// ...
public class ResourceFilter : IAsyncResourceFilter
{
public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next)
{
await context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
await next();
await context.HttpContext.Response.WriteAsync($"{GetType().Name} out. \r\n");
}
}
ActionFilter.cs
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
namespace MyWebsite.Filters
{
public class ActionFilter : IActionFilter
{
public void OnActionExecuting(ActionExecutingContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
}
public void OnActionExecuted(ActionExecutedContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} out. \r\n");
}
}
}
非同步的方式:
// ...
public class ActionFilter : IAsyncActionFilter
{
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
await context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
await next();
await context.HttpContext.Response.WriteAsync($"{GetType().Name} out. \r\n");
}
}
ResultFilter.cs
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
namespace MyWebsite.Filters
{
public class ResultFilter : IResultFilter
{
public void OnResultExecuting(ResultExecutingContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
}
public void OnResultExecuted(ResultExecutedContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} out. \r\n");
}
}
}
非同步的方式:
// ...
public class ResultFilter : IAsyncResultFilter
{
public async Task OnResultExecutionAsync(ResultExecutingContext context, ResultExecutionDelegate next)
{
await context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
await next();
await context.HttpContext.Response.WriteAsync($"{GetType().Name} out. \r\n");
}
}
ExceptionFilter.cs
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
namespace MyWebsite.Filters
{
public class ExceptionFilter : IExceptionFilter
{
public void OnException(ExceptionContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
}
}
}
非同步的方式:
// ...
public class ExceptionFilter : IAsyncExceptionFilter
{
public Task OnExceptionAsync(ExceptionContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name} in. \r\n");
return Task.CompletedTask;
}
}
Filter 有兩種註冊方式,一種是全域註冊,另一種是用 [Attribute]
區域註冊的方式,只套用在特定的 Controller 或 Action。
在 Startup.ConfigureServices
的 MVC 服務中註冊 Filter,這樣就可以套用到所有的 Request。如下:
// ...
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc(config =>
{
config.Filters.Add(new ResultFilter());
config.Filters.Add(new ExceptionFilter());
config.Filters.Add(new ResourceFilter());
});
}
}
ASP.NET Core 在區域註冊 Filter 的方式跟 ASP.NET MVC 有一點不一樣,要透過 [TypeFilter(type)]
。
在 Controller 或 Action 上面加上 [TypeFilter(type)]
就可以區域註冊 Filter。如下:
// ...
namespace MyWebsite.Controllers
{
[TypeFilter(typeof(AuthorizationFilter))]
public class HomeController : Controller
{
[TypeFilter(typeof(ActionFilter))]
public void Index()
{
Response.WriteAsync("Hello World! \r\n");
}
[TypeFilter(typeof(ActionFilter))]
public void Error()
{
throw new System.Exception("Error");
}
}
}
[TypeFilter(type)]
用起來有點冗長,想要像過去 ASP.NET MVC 用 [Attribute]
註冊 Filter 的話,只要將 Filter 繼承 Attribute
即可。如下:
public class AuthorizationFilter : Attribute, IAuthorizationFilter
{
// ...
}
public class ActionFilter : Attribute, IActionFilter
{
// ...
}
[Attribute]
註冊就可以改成如下方式:
// ...
namespace MyWebsite.Controllers
{
[AuthorizationFilter]
public class HomeController : Controller
{
[ActionFilter]
public void Index()
{
Response.WriteAsync("Hello World! \r\n");
}
[ActionFilter]
public void Error()
{
throw new System.Exception("Error");
}
}
}
http://localhost:5000/Home/Index
輸出結果如下:
AuthorizationFilter in.
ResourceFilter in.
ActionFilter in.
Hello World!
ActionFilter out.
ResultFilter in.
ResultFilter out.
ResourceFilter out.
http://localhost:5000/Home/Error
輸出結果如下:
AuthorizationFilter in.
ResourceFilter in.
ActionFilter in.
ActionFilter out.
ExceptionFilter in.
ResourceFilter out.
預設註冊同類型的 Filter 是以先進後出的方式處裡封包,註冊層級也會影響執行順序。
但也可以透過實作 IOrderedFilter 更改執行順序。例如:
public class ActionFilter : Attribute, IActionFilter, IOrderedFilter
{
public string Name { get; set; }
public int Order { get; set; } = 0;
public void OnActionExecuting(ActionExecutingContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name}({Name}) in. \r\n");
}
public void OnActionExecuted(ActionExecutedContext context)
{
context.HttpContext.Response.WriteAsync($"{GetType().Name}({Name}) out. \r\n");
}
}
在註冊 Filter 時帶上 Order,數值越小優先權越高。
// ...
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc(config =>
{
config.Filters.Add(new ActionFilter() { Name = "Global", Order = 3 });
});
}
}
// ...
namespace MyWebsite.Controllers
{
[ActionFilter(Name = "Controller", Order = 2)]
public class HomeController : Controller
{
[ActionFilter(Name = "Action", Order = 1)]
public void Index()
{
Response.WriteAsync("Hello World! \r\n");
}
}
}
變更執行順序後的輸出內容:
ActionFilter(Action) in.
ActionFilter(Controller) in.
ActionFilter(Global) in.
Hello World!
ActionFilter(Global) out.
ActionFilter(Controller) out.
ActionFilter(Action) out.
通常用於驗證 Requert 合不合法 ←這邊字錯了應該是Request
打錯字
感謝告知,已修正