WCF Services
and Ajax Calls - Part 2
Introduction
This is part two of a three part series on implementing a WCF service in Sitefinity and calling it via jQuery. The first part looked at setting up the service. This post looks at the validation which we always do! The final post goes through calling the service from the client.
In the first post I walked through creating a Sitefinity WCF service by starting with Sitefinity Thunder. I implemented the service and the request and response models.
Next I need to validate the incoming request. We should always validate server side. Now some people are adamant one should have one validation which gets equally applied to client side and sever side. I see the advantages there, (DRY), but here is my quick take on it. If the hacker can see your exact validation logic he has a better chance of finding a hole. Second, all that client side logic and managing it to be seamless can be more hassle than it’s worth.
I look at the client side as non-security validation. It is UX stuff and its purpose is to enhance the UX. Thus it is designed to make filling in forms easier for the user whereas the server side is security related.
Anyway, (I think I have my next post subject lined up now), back to my implementation.
You can get frameworks like Microsoft Enterprise library that allows you to decorate your WCF DataContracts with validation logic. But I don’t want to use these because they intercept the call and return WCF fault contracts and I don’t want to deal with those in the client side Ajax responses. I always want my service request to return successfully.
I use Fluent Validation to then add validation over my request model. Below is my simple validation to validate that the name is present. I won't go into details of implementing Fluent Validation. You can check the Fluid Validation site for those details.
public class ContactFormRequestValidator : AbstractValidator<ContactFormRequest> { public ContactFormRequestValidator() { RuleFor(request => request.Name).NotNull().NotEmpty(); } }
In my Service Implementation I add a try catch block. (Because I always want a successful return).
I add two catches
public ContactFormResponse SubmitContactForm(ContactFormRequest form) { ContactFormResponse response = new ContactFormResponse(); ContactFormRequestValidator validator = new ContactFormRequestValidator(); try { validator.ValidateAndThrow(form); // Valid form so do my stuff here response.Response.Status = "success"; response.Response.Message = "Thank you for your comment. It will be reviewed soon and made visible."; } catch (ValidationException valEx) { response.Response.Status = "error"; response.Response.Message = "Sorry but an error has occurred saving your comment. Please try again or contact me directly."; } catch (Exception ex) { response.Response.Status = "error"; response.Response.Message = "Sorry but an error has occurred saving your comment. Please try again or contact me directly."; } return response; }
First the form is validated by my Validation logic. If that fails an exception is thrown and I return the validation message I want. I have the second catch to catch anything else just in case. At the end a valid response is always returned.
Of course you can add your logging and tracing to these returns as suits you. I keep it plain here for focus's sake.
And that is it for the server side. My Sitefinity Service is ready.
In the next and final post I will look at how I call this service from my client using JQuery.
Thanks for reading and feel free to comment - Darrin Robertson
If I was really helpful and you would buy me a coffee if you could, yay! You can.
Make a Comment