.net core Jwt 添加
2024-10-13 12:09:01
Jwt 已经成为跨平台身份验证通用方案,如不了解请关注:https://jwt.io/。
为了和微软其他验证模块有个比较好的衔接,项目中采用了微软开发的jwt组件: System.IdentityModel.Tokens.Jwt。首先安装:Install-Package System.IdentityModel.Tokens.Jwt。
在config方法中添加
if (!HostingEnvironment.IsEnvironment("test"))
{
app.UseJwtBearerAuthentication(Jwt.GetJwtOptions());
}
实现一个jwt工具类:
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using AutoMapper;
using Microsoft.AspNet.Hosting;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Extensions;
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using NDaisy.Core.ServiceLocator;
using WebApiCore.Core.Utility.Extension;
using IHostingEnvironment = Microsoft.AspNetCore.Hosting.IHostingEnvironment; namespace WebApiCore.Utility
{
public class Jwt
{
private static SecurityKey _signKey;
private static IConfigurationSection _config;
private const string Issue = "webcore";
static Jwt()
{
_config= ServiceLocator.Current.GetInstance<IConfigurationRoot>().GetSection("Jwt");
var keyAsBytes = Encoding.ASCII.GetBytes(_config.GetValue<string>("Salt"));
_signKey = new SymmetricSecurityKey(keyAsBytes); } public static JwtBearerOptions GetJwtOptions()
{
return new JwtBearerOptions
{
TokenValidationParameters =
{
ValidIssuer = Issue,
IssuerSigningKey = _signKey,
ValidateLifetime = true,
ValidateIssuer = true,
ValidateAudience = false
},
Events = new JwtBearerEvents()
{
OnAuthenticationFailed = c =>
{ return Task.Run(() =>
{
if (ServiceLocator.Current.GetInstance<IHostingEnvironment>().IsDevelopment())
{
c.Request.GetDisplayUrl().LogInfo();
c.Exception.LogError();
} } );
} }
};
} public static string SignToken(IList<Claim> claims)
{
var seconds= _config.GetValue<int>("SlideTime"); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: Issue, claims: claims, expires: DateTime.UtcNow.AddSeconds(seconds), signingCredentials: new SigningCredentials(_signKey, SecurityAlgorithms.HmacSha256)); return new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
}
} }
添加一个获取token的入口,实际项目中,放在登录授权里面:
app.Map("/auth/test", appbuilder =>
{
appbuilder.Run(d =>
{
var token= Jwt.SignToken(new List<Claim>() {new Claim("name", "ryan")});
return d.Response.WriteAsync(token);
});
});
最新文章
- struts-spring-mybatis实现最简单的登录验证
- BeanUtils.copyProperties()方法和PropertyUtils.copyProperties()的区别
- SAP的运输功能(转)
- java基础回顾(三)——HashMap与HashTable
- Java封装 properties文件操作
- 【题解】A-B
- PowerDesigner反projectM连接ySql没有mySql odbc驱动器
- 微服务(二)hystrix
- Go 语言,开源服务端代码自动生成 框架 - EasyGoServer
- Thinkphp环境搭建
- HTTPS加密流程超详解(二)
- python飞机大战代码
- 【随笔】nginx add_header指令的使用
- java学习笔记1--基础知识
- [原创]Linux下网络性能测试Netperf工具介绍及安装
- luoguP2572 [SCOI2010]序列操作
- SegmentedControl的使用
- MFC vs. SDK程序流程
- Gogland配置- 去掉Go源代码中的参数提示
- [HNOI2002]跳蚤 【容斥】