ASP.NET MVC 3 folder structures

2019-05-26 04:21发布

问题:

I am learning the MVC framework after a background in traditional ASP.NET webforms. I am developing a typical sample e-commerce website which has a public domain, then the ability to sign up to a service which will provide access to a secured members area. I have a couple of questions please:

  • In ASP.NET the private member pages were usually separated from the public domain pages by placing them in their own subfolder and marking this subfolder as requiring authentication in web.config like this:

    location path="MembersArea"
        system.web
            authorization
                deny users="?"
            authorization
        system.web
    location
    

Do people usually put their secured members area pages in one subfolder in MVC too? Or do you mix the public and private pages in the same folders relying and Membership and authentication tags?

  • My MVC website will have a secure members area. But the home page etc. will be just standard HTML. When creating a site do you usually mark ALL pages as MVC in case of maybe wanting to enhance with dynamic data in the future? Or do you keep the plain HTML files as plain HTML because of performance reasons or something like that?

thanks for any advice with this

回答1:

Forget about index.html's, files and whatnot. In MVC you work with Controllers and tell it what View to render.

In MVC you don't protect Views per se, but controller actions. Look into the Authorize attribute. You don't have to separate files for public or private.

You can even roll your own authorization attributes, so you would be able to do something like:

[Administrators]
public class HomeController : Controller
{
    public ActionResult Index()
    {
    }
}

You can protect at the Controller level, or at the individual action level.

This will all sound like chinese though unless you have a more formal introduction to MVC. I suggest the new MVC3 book by Phil Haack.



回答2:

No, all views should be in the same folder structures as public and private. You want to check out the Authorize attribute. You can keep the controllers/actions in the same area.

I would do the site entirely as MVC.



回答3:

Forget everything you know about ASP.NET WebForms. MVC has a completely different approach, it doesn't use folders and files as direct mapping to resources as the traditional ASP.NET WebForms do. There are no "pages" in MVC, each URL invokes an action on a controller, which can return any result (either as view, which is similar to a "page", or any other type of result such as file downloads, redirects, etc.). There is not 1:1 mapping between controller actions and views, one action can return any view or result.

The MVC way to do it is via controllers, you can use authorization attributes on controllers (for the full class) or on specific controller actions (methods). You can even implement your own authentication attribute easily.