标签:Core Asp string JWT Microsoft using var new public
Programme.cs
using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; using System.Text; using WebApiYzk.Models; var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddControllers(); // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); //这里给Swagger指定说要使用Authorization 在swagger页面会出现一个小锁按钮,输入 jwttoken就行了 builder.Services.AddSwaggerGen(c => { var scheme = new OpenApiSecurityScheme() { Description = "Authorization header. \r\nExample: 'Bearer 12345abcdef'", Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Authorization" }, Scheme = "oauth2", Name = "Authorization", In = ParameterLocation.Header, Type = SecuritySchemeType.ApiKey, }; c.AddSecurityDefinition("Authorization", scheme); var requirement = new OpenApiSecurityRequirement(); requirement[scheme] = new List<string>(); c.AddSecurityRequirement(requirement); }); //从配置文件中读取 JWT 节点,转换到 JwtOption对象上,在Login方法的 FromService 时用 builder.Services.Configure<JwtOption>(builder.Configuration.GetSection("JWT")); //注册JwtBear,设置一些验证的项 builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(x => { var jwtOpt = builder.Configuration.GetSection("JWT").Get<JwtOption>(); byte[] keyBytes = Encoding.UTF8.GetBytes(jwtOpt.SigningKey); var scrkey = new SymmetricSecurityKey(keyBytes); x.TokenValidationParameters = new TokenValidationParameters() { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true, ValidateIssuerSigningKey = true, IssuerSigningKey = scrkey }; }); var app = builder.Build(); // Configure the HTTP request pipeline. if (app.Environment.IsDevelopment()) { app.UseSwagger(); app.UseSwaggerUI(); } app.UseHttpsRedirection(); //认证 需要加这个中间件 app.UseAuthentication(); //授权 app.UseAuthorization(); app.MapControllers(); app.Run();View Code
写一个Login返回jwttoken
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; using WebApiYzk.Models; namespace WebApiYzk.Controllers { [Route("api/[controller]/[action]")] [ApiController] public class LoginController : ControllerBase { [HttpPost] public async Task<IActionResult> Login(LoginRequest rq,[FromServices]IOptionsSnapshot<JwtOption> jwtOptions) { if (rq.UserName != "admin") return NotFound("没有找到"); var claims = new List<Claim>(); claims.Add(new Claim(ClaimTypes.NameIdentifier, rq.UserName)); claims.Add(new Claim(ClaimTypes.Role, "管理员")); string jwtToken = BuildToken(claims, jwtOptions.Value); return Ok(jwtToken); } private static string BuildToken(IEnumerable<Claim> claims, JwtOption options) { DateTime expires = DateTime.Now.AddSeconds(options.ExpireSeconds); byte[] keyBytes = Encoding.UTF8.GetBytes(options.SigningKey); var secKey = new SymmetricSecurityKey(keyBytes); var credentials = new SigningCredentials(secKey, SecurityAlgorithms.HmacSha256Signature); var tokenDescriptor = new JwtSecurityToken(expires: expires, signingCredentials: credentials, claims: claims); return new JwtSecurityTokenHandler().WriteToken(tokenDescriptor); } } }View Code
写一个方法,需要验证登录信息后才能访问:
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Security.Claims; namespace WebApiYzk.Controllers { [Route("api/[controller]")] [ApiController] [Authorize] public class SayHiController : ControllerBase { [HttpGet] public IActionResult Hello() { string id = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value; string userName = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value; IEnumerable<Claim> roleClaims = this.User.FindAll(ClaimTypes.Role); string roleNames = string.Join(',', roleClaims.Select(c => c.Value)); return Ok($"id={id},userName={userName},roleNames ={roleNames}"); } } }View Code
用到的类
public class JwtOption { public string SigningKey { get; set; } public int ExpireSeconds { get; set; } } public class Role : IdentityRole<long> { } public class User : IdentityUser<long> { public string UserName { get; set; } public DateTime CreatTime { get; set; } } public class LoginRequest { public string UserName { get; set; } public string Password { get; set; } }View Code
这只是基础例子,可以看杨老师源码,多了一些内容
视频:
Part5-7:让Swagger中带JWT报文头_哔哩哔哩_bilibili
NETBookMaterials/第八章/ASPNETCore_JWT1 at main · yangzhongke/NETBookMaterials · GitHub
自己可见:第八章/ASPNETCore_JWT1 · 物华天宝/NETBookMaterials - 码云 - 开源中国 (gitee.com)
标签:Core,Asp,string,JWT,Microsoft,using,var,new,public 来源: https://www.cnblogs.com/zhouxiuquan/p/16574325.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。