惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

美团技术团队
P
Privacy International News Feed
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
C
CXSECURITY Database RSS Feed - CXSecurity.com
Know Your Adversary
Know Your Adversary
Security Latest
Security Latest
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Attack and Defense Labs
Attack and Defense Labs
NISL@THU
NISL@THU
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
W
WeLiveSecurity
GbyAI
GbyAI
N
News and Events Feed by Topic
N
News | PayPal Newsroom
Y
Y Combinator Blog
C
CERT Recently Published Vulnerability Notes
N
Netflix TechBlog - Medium
S
Security Affairs
Spread Privacy
Spread Privacy
罗磊的独立博客
腾讯CDC
MyScale Blog
MyScale Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
L
LINUX DO - 热门话题
The Cloudflare Blog
L
LangChain Blog
博客园_首页
H
Hacker News: Front Page
宝玉的分享
宝玉的分享
Martin Fowler
Martin Fowler
博客园 - 聂微东
SecWiki News
SecWiki News
A
Arctic Wolf
爱范儿
爱范儿
Google Online Security Blog
Google Online Security Blog
T
Threat Research - Cisco Blogs
Hacker News - Newest:
Hacker News - Newest: "LLM"
有赞技术团队
有赞技术团队
The GitHub Blog
The GitHub Blog
Cyberwarzone
Cyberwarzone
博客园 - 叶小钗
V
Visual Studio Blog
V
V2EX
T
Tailwind CSS Blog
Project Zero
Project Zero
T
The Blog of Author Tim Ferriss
F
Fortinet All Blogs
MongoDB | Blog
MongoDB | Blog
D
Docker

博客园 - 广阔之海

Halcon的三角函数 Halcon轮廓插值方法 C# 控件选项变化事件处理 深度学习执行速度不稳定的解决方法 Halcon - 深度学习 - 目标分类 Halcon 画一个时钟 Halcon 解方程(solve_matrix) C# 使用Serilog日志框架 Halcon 生成标定板 Halcon 中的形态学 Halcon的提取中心线算法 C# 消灭switch的面向映射编程 C#中Task的用法 Halcon 通过坐标轴过滤点云数据 Halcon图像投影映射 C# 获取MySql的数据库结构信息 C# HttpClient的使用方法总结 MySql字符集导致特殊字符保存出错问题处理 Asp.Net Core 动态生成WebApi
Asp.Net Core WebApi中集成Jwt认证
广阔之海 · 2022-05-09 · via 博客园 - 广阔之海

先在 Startup.cs的ConfigureServices方法中添加Jwt配置:

       services.AddAuthentication(options =>
            {
                // 身份认证配置
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(options =>
            {
                // Jwt认证配置
                options.RequireHttpsMetadata = false;
                options.SaveToken = true;
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = false,
                    ValidateAudience = false,
                    ValidateLifetime = false,
                    ValidateIssuerSigningKey = true,
                    ValidIssuer = Configuration["JwtToken:Issuer"], // Token发行人,网站或公司名称
                    ValidAudience = Configuration["JwtToken:Issuer"], // Token接收人,同上
                    // Token密钥,建议为GUID
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JwtToken:SecretKey"]))
                };
            });

在 Configure方法中开启认证

            app.UseAuthorization();

            app.UseAuthentication();

生成JwtToken的帮助类:

   #region Jwt负载信息
    /// <summary>
    /// Jwt负载信息
    /// </summary>
    public class JwtPayloadInfo
    {
        /// <summary>
        /// 发行人
        /// </summary>
        public string Issuer { get; set; }
        /// <summary>
        /// 接收人
        /// </summary>
        public string Audience { get; set; }
        /// <summary>
        /// 起始时间
        /// </summary>
        public DateTime? NotBefore { get; set; }
        /// <summary>
        /// 超时时间
        /// </summary>
        public DateTime? Expires { get; set; }
        /// <summary>
        /// 密钥
        /// </summary>
        public string SecretKey { get; set; }
        /// <summary>
        /// 参数
        /// </summary>
        public Dictionary<string, string> Claims { get; set; }
        /// <summary>
        /// 初始化
        /// </summary>
        public JwtPayloadInfo()
        {
            this.Claims = new Dictionary<string, string>();
        }
    }
    #endregion

    /// <summary>
    /// Jwt帮助类
    /// </summary>
    public class JwtHelper
    {
        /// <summary>
        /// 生成Token
        /// </summary>
        /// <param name="payload">Jwt负载信息</param>
        /// <returns></returns>
        public static string GetToken(JwtPayloadInfo payload)
        {
            var claims = new List<Claim>();
            if (payload.Claims != null)
            {
                foreach (var item in payload.Claims)
                {
                    claims.Add(new Claim(item.Key, item.Value));
                }
            }

            var jwt = new JwtSecurityToken(
                issuer: payload.Issuer,
                audience: payload.Audience,
                claims: claims,
                notBefore: payload.NotBefore,
                expires: payload.Expires,
                signingCredentials: new SigningCredentials(
                    new SymmetricSecurityKey(Encoding.UTF8.GetBytes(payload.SecretKey)),
                    SecurityAlgorithms.HmacSha256)
            );
            var token = new JwtSecurityTokenHandler().WriteToken(jwt);
            return token;
        }
    }

用户登录时生成Token,前端请求Api时在Header中加入Authorization: Bearer [Token],注意Token前需要有Bearer标识符

   /// <summary>
    /// 用户控制器
    /// </summary>
    [ApiController]
    [ApiExplorerSettings(GroupName = "system")]
    [Route("[controller]/[action]")]
    public class UserController : ControllerBase
    {
        private readonly IConfiguration _configuration;
        private readonly IHttpContextAccessor _httpContextAccessor;

        public UserController(
            IConfiguration configuration,
            IHttpContextAccessor httpContextAccessor)
        {
            _configuration = configuration;
            _httpContextAccessor = httpContextAccessor;
        }

        /// <summary>
        /// 用户登录
        /// </summary>
        /// <param name="account">账号</param>
        /// <param name="password">密码</param>
        /// <returns></returns>
        [HttpPost]
        [AllowAnonymous]
        public string Login(string account, string password)
        {
            var userId = "00000001";
            var payload = new JwtPayloadInfo()
            {
                Issuer = _configuration["JwtToken:Issuer"],
                Audience = _configuration["JwtToken:Issuer"],
                NotBefore = DateTime.Now,
                Expires = DateTime.Now.AddMinutes(60),
                SecretKey = _configuration["JwtToken:SecretKey"],
                Claims = new Dictionary<string, string>()
                {
                    { "UserId", userId }
                }
            };
            var token = JwtHelper.GetToken(payload);
            return token;
        }

        /// <summary>
        /// 获取我的用户信息
        /// </summary>
        /// <returns></returns>
        [HttpGet]
        [Authorize]
        public string GetMyUserInfo()
        {
            var claim = _httpContextAccessor.HttpContext.User.FindFirst("UserId");
            if (claim == null)
            {
                throw new Exception("错误的Token信息");
            }

            var userId = claim.Value;
            return userId;
        }
    }

注意需要注入IHttpContextAccessor 时,要在Startup.cs的ConfigureServices方法中添加:

       services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

在Controller类中给需要认证的方法添加[Authorize]特性,给不需要认证的方法添加[AllowAnonymous]特性,如果需要对所有方法开启认证可以在Startup.cs的Configure方法中添加如下配置:

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers().RequireAuthorization();
            });