当前位置:首页 > 编程语言 > .Net Core Api 授权认证

.Net Core Api 授权认证

2021-02-16 20:19

阅读:787

标签:odi   auth   metrics   date   返回   text   res   style   mod   

一、所使用到的NuGet:

1. System.IdentityModel.Tokens.Jwt

2. Microsoft.AspNetCore.Authentication.JwtBearer

技术分享图片

技术分享图片

 

二、在Startup.cs 中配置添加如下服务

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using System.Text;
using Microsoft.IdentityModel.Tokens;
using Microsoft.AspNetCore.Authentication.JwtBearer;

namespace WebApplication1
{
    public class Startup
    {
        

        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            
            services.AddMvc();
            //手动高亮
            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                  .AddJwtBearer(options => {
                      options.TokenValidationParameters = new TokenValidationParameters
                      {
                          ValidateIssuer = true,//是否验证Issuer
                          ValidateAudience = true,//是否验证Audience
                          ValidateLifetime = true,//是否验证失效时间
                          ValidateIssuerSigningKey = true,//是否验证SecurityKey
                          ValidAudience = "haos.test.com",
                          //山下这两项和签发token时的issuer,Audience一致
                          ValidIssuer = "haos.test.issuer.com",
                          IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("1234567887654321"))//拿到token加密密钥.必须是16个字符
                      };
                  });
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            //手动高亮
            app.UseAuthentication();
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseBrowserLink();
            }
            else
            {
                app.UseExceptionHandler("/Error");
            }
            
            app.UseStaticFiles();

            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller}/{action=Index}/{id?}");
            });
        }
    }
}

三、签发token 添加测试控制器

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using System.Linq;

namespace WebApplication1.Controllers
{
    [Authorize]
    public class TestController:Controller
    {

        public JsonResult Test()
        {
            //获取当前用户信息
            var claims = User.Claims;
            var userName = User.Identity.Name;
            var userId = claims.FirstOrDefault(t => t.Type == "userId");
            var phone = claims.FirstOrDefault(t => t.Type == ClaimTypes.MobilePhone);
            return Json("ok");
        }
        
        /// 
        /// 登录(签发token)
        /// 
        /// 
        /// 
        /// 
        [AllowAnonymous]
        public JsonResult Login(string name ,string pwd)
        {
            var claims = new[]
               {
                   new Claim(ClaimTypes.Name, "test"),
                   new Claim(ClaimTypes.MobilePhone, "157****7350"),
                   new Claim("userId","value")
               };
            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("1234567887654321"));
            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
            var token = new JwtSecurityToken(
                   issuer: "haos.test.issuer.com",
                   audience: "haos.test.com",
                   claims: claims,
                   expires: DateTime.Now.AddMinutes(30),
                   signingCredentials: creds);
            return Json(new {
                Authorization = $"Bearer {new JwtSecurityTokenHandler().WriteToken(token)}"
            });
        }
    }
}
//返回的token;注:键为authorization,其中必须有Bearer 字样
{"authorization":"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoidGVzdCIsImh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL21vYmlsZXBob25lIjoiMTU3KioqKjczNTAiLCJleHAiOjE1MTc0NjgzNDcsImlzcyI6Imhhb3MudGVzdC5pc3N1ZXIuY29tIiwiYXVkIjoiaGFvcy50ZXN0LmNvbSJ9.Xtrbbz6WF4VreoB-S2nmRL5lx1Vg27WcQYTsek5VPIc"}

四、访问结果

技术分享图片

 

.Net Core Api 授权认证

标签:odi   auth   metrics   date   返回   text   res   style   mod   

原文地址:https://www.cnblogs.com/haosit/p/8399048.html

上一篇:C#Winform将软件最小化至系统托盘

下一篇:Java 给 PowerPoint 文档添加背景颜色和背景图片

文章来自:搜素材网编程语言模块,转载请注明文章出处。
文章标题:.Net Core Api 授权认证
文章链接:http://soscw.com/index.php/essay/56257.html

评论

亲,登录后才可以留言!

热门文章

推荐文章

最新文章

置顶文章

关于我们 | 版权声明 | 常见问题 | 素材投稿 | 联系我们 | 网站地图 |
搜素材网素材除本站原创外均由用户分享,若发现权利被侵害,请联系及时联系我们,我们会在第一时间进行处理。
特别说明:本站所有资源除本站原创外仅供学习与参考,请勿用于商业用途,如有侵犯您的版权请联系客服服务QQ:点击这里给我发消息
Copyright © 2024 soscw.com 搜素材网素材网版权所有 蜀ICP备18015633号-1