ASP.NET Core JWT认证授权介绍
2024-10-18 22:31:03
using JWTWebApi.Models;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Tokens;
using System.Text; namespace JWTWebApi
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
} public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<JwtSettings>(Configuration.GetSection("JwtSettings"));
var jwtsettings = new JwtSettings();
Configuration.Bind("JwtSettings", jwtsettings);
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidAudience = jwtsettings.Audience,
ValidIssuer = jwtsettings.Issuer,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtsettings.SecretKey)) };
});
services.AddMvc();
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
} app.UseAuthentication();
app.UseMvc();
}
}
}
using JWTWebApi.Models;
using JWTWebApi.ViewModel;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text; namespace JWTWebApi.Controllers
{
[Route("api/[controller]")]
public class AuthrozeController : Controller
{
private readonly JwtSettings _jwtSetting; public AuthrozeController(IOptions<JwtSettings> jwtSetting)
{
_jwtSetting = jwtSetting.Value;
} [HttpGet]
public IActionResult Token()
{
LoginViewModel viewModel = new LoginViewModel(){ User= "wolf",PassWord = "" };
if (ModelState.IsValid)
{
if (viewModel.User == "wolf" && viewModel.PassWord == "")
{
var claims = new Claim[]
{
new Claim(ClaimTypes.Name,"wolf"),
new Claim(ClaimTypes.Role,"admin"),
}; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSetting.SecretKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(_jwtSetting.Issuer, _jwtSetting.Audience, claims, DateTime.Now,
DateTime.Now.AddHours(), creds);
return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) });
} return BadRequest();
} return BadRequest();
}
}
}
{
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Debug",
"System": "Information",
"Microsoft": "Information"
}
},
"JwtSettings": {
"Issuer": "http://localhost:50443/",
"Audience": "http://localhost:50443/",
"SecretKey": "wolf123456789123456789"
}
}
最新文章
- Python: Win7 64位如何安装MongoDB?
- Expert 诊断优化系列-------------针对重点语句调索引
- asp.net mvc 简易通用自定义Pager实现分页
- 编译原理-词法分析03-DFA
- Qt中使用Windows API
- Net 分页功能的实现
- Spring 学习笔记 4. 尚硅谷_佟刚_Spring_属性配置细节
- Android四大组件之——Activity的生命周期(图文详解)
- 为什么要设置getter和setter?
- 使用git Rebase让历史变得清晰
- Cnetos7下,已经能访问tomcat
- 学会爱上iOS自动布局(Auto Layout) - 剑尖
- java6 - 面向对象编程思想
- 解决vscode无法提示golang的问题
- centos的防火墙相关
- Spring boot连接MongoDB集群
- GoogLeNet 之 Inception-v1 解读
- 更改datatables的分页切换时的'processing'提示信息的式样
- [笔记] 升級到 Delphi 10.2 Tokyo 笔记
- 重构改善既有代码设计--重构手法06:Split Temporary Variable (分解临时变量)