I'm creating an api with asp net core 2.1 and I can not use identity , I know that it already has a whole library built for user manipulation and everything else, however, , in my project I can not use it. Contextualized, I would like to know if some of the implementations I have done are considered to be bad practices in the framework. I hope you understand the context of the situations below;)
I'll list the situations I'm facing and the ideas I had to solve them.
Multiple dynamic databases
First of all, the application I'm building takes into account the existence of several dynamic banks and another database for your data.
When the client makes a request to the server it searches its database for which bank that user belongs to after that the server performs the necessary operations on the target bank.
What's the problem? The addiction injection! As the context is dynamic, I have not found a way to inject dynamically and to complete the situation, this context will not always be used, for example in Login.
Many users and many banks!
The other situation is the users of the application, therefore, each user belonged to a different bank and at times in the controllers I must have access to this user to perform some actions with it, however, since I can not use identity, I can not get by HttpContext.
Solution
To solve I have created an extension of HttpContext that stores the user in a static variable within the extension. For example title, below is implementation:
namespace WebService.Extensions {
public static class HttpContextExtension
{
public static string CurrentUser;
public static void SetCurrentUser(this HttpContext httpContext, string user)
{
CurrentUSer = user;
}
public static string GetCurrentUser(this HttpContext httpContext, string user)
{
return CurrentUser;
}
}
}
Q.: This implementation is for test title only. The user would be injected into this variable through middleware.
I would like to know if I'm following a certain path and if this way I would face performance problems, any questions I will answer!
Thank you all!
EDIT1 All databases are SQL Server. I'm using the entity framework. The login is stored in dynamic banks and is done in a simple way comparing password and email.