Reputation: 1161
How to handle System.InvalidOperationException in entity framework?
I am new to asp.net web API. i have made a functions that should validate the user the front end sends data and then i search for data in database. But when the account is not found i always got a exception how should i handle that exception to send to the front end information also what should i return when the first if statement is not true as null dose not work.
public UserData ByPassword(string emailAddress, string password)
{
if (emailAddress != null && password != null)
{
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).Single();
string token = OurAuthorizationAttribute.CreateTicket(account.AccID, false);
UserData data = new UserData();
data.Id = account.AccID;
data.Token = token;
return data;
}
her also i have add try and catch block but still the same issue.
public UserData ByPassword(string emailAddress, string password)
{
if (emailAddress != null && password != null)
{
try
{
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).Single();
string token = OurAuthorizationAttribute.CreateTicket(account.AccID, false);
UserData data = new UserData();
data.Id = account.AccID;
data.Token = token;
return data;
}
catch
{
throw new OurException(OurExceptionType.InvalidCredentials);
}
}
throw new OurException(OurExceptionType.InvalidCredentials);
}
Upvotes: 2
Views: 10665
Answers (1)
Reputation: 726509
System.InvalidOperationException indicates a programming error. You handle it by fixing your code.
In this particular case the error is on this line:
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).Single();
Your code makes an assumption that Accounts must contain a record for any {emailAddress, password} pair, which is not true. Replacing Single with SingleOrDefault will make the exception go away. Of course you would need to null-check the result to see if the record was there or not.
Here is how you can change your code:
public UserData ByPassword(string emailAddress, string password) {
// null-check your arguments to detect programming errors in the "upstream" code
if (emailAddress == null) throw new ArgumentNullException("emailAddress");
if (password == null) throw new ArgumentNullException("password");
// Now that your arguments are "sanitized", fix the Single() call
Account account = db.Accounts.Where(acc => acc.AccMail == emailAddress && acc.AccPassword == password.ToLower()).SingleOrDefault();
// Missing credentials is not a programming error - throw your specific exception here:
if (account == null) {
throw new OurException(OurExceptionType.InvalidCredentials);
}
string token = OurAuthorizationAttribute.CreateTicket(account.AccID, false);
UserData data = new UserData();
data.Id = account.AccID;
data.Token = token;
return data;
}
NOTE : Although the above change would fix the coding error, it would not address a major design flaw of storing passwords in plain text. See this question for an in-depth discussion on storing passwords in databases.
Upvotes: 2
Related Questions
- Exception handling in Entity Framework
- How to fix System.InvalidOperationException error?
- Web API and EF cause InvalidOperationException
- Exception of type 'System.InvalidOperationException' occurred in System.Core.dll but was not handled in user code
- An exception of type 'System.InvalidOperationException' occurred in EntityFramework.dll but was not handled in user code
- How to handle System.Data.Entity.Validation.DbEntityValidationException
- InvalidOperationException on EF
- invalidOperationExceptions was unhandled in entity framwork
- Entity Framework System.InvalidOperationException
- How handle UpdateException?