C/C++教程
asp.core 同时兼容JWT身份验证和Cookies 身份验证两种模式
本文主要是介绍asp.core 同时兼容JWT身份验证和Cookies 身份验证两种模式,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
在实际使用中,可能会遇到,aspi接口验证和view页面的登录验证情况。asp.core 同样支持两种兼容。
首先在startup.cs 启用身份验证。
var secrityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecurityKey"]));
services.AddSingleton(secrityKey);
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(option => //cookies 方式
{
option.LoginPath = "/Login";
})
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => //jwt 方式
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,//是否验证Issuer
ValidateAudience = true,//是否验证Audience
ValidateLifetime = true,//是否验证失效时间
ClockSkew = TimeSpan.FromSeconds(30),
ValidateIssuerSigningKey = true,//是否验证SecurityKey
ValidAudience = Configuration["JWTDomain"],//Audience
ValidIssuer = Configuration["JWTDomain"],//Issuer
IssuerSigningKey = secrityKey//拿到SecurityKey
};
});
Configure 方法中须加入
app.UseAuthentication(); //授权
app.UseAuthorization(); //认证 认证方式有用户名密码认证
app.MapWhen(context =>
{
var excludeUrl = new string[] { "/api/login/getinfo", "/api/login/login", "/api/login/modifypwd" }; //注意小写
return context.Request.Path.HasValue
&& context.Request.Path.Value.Contains("Login")
&& context.Request.Headers.ContainsKey("Authorization")
&& !(excludeUrl.Contains(context.Request.Path.Value.ToLower()));
}, _app =>
{
_app.Use(async (context, next) =>
{
context.Response.StatusCode = 401;
});
});
在login页面,后台代码
var uid = Request.Form["code"] + "";
var pwd = Request.Form["pwd"] + "";
var info = _mysql.users.Where(m => m.user_code == uid&&m.delflag==0).FirstOrDefault();
if (info == null)
{
return new JsonResult(new
{
success = false,
msg = "用户不存在"
});
}
if (info.pwd != pwd)
{
return new JsonResult(new
{
success = false,
msg = "用户密码不正确"
});
}
//创建一个身份认证
var claims = new List<Claim>() {
new Claim(ClaimTypes.Sid,info.id), //用户ID
new Claim(ClaimTypes.Name,info.user_code) //用户名称
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme);
//var identity = new ClaimsIdentity(claims, "Login");
//var userPrincipal = new ClaimsPrincipal(identity);
//HttpContext.SignInAsync("MyCookieAuthenticationScheme", userPrincipal, new AuthenticationProperties
//{
// ExpiresUtc = DateTime.UtcNow.AddMinutes(30),
// IsPersistent = true
//}).Wait();
var authProperties = new AuthenticationProperties
{
//AllowRefresh = <bool>,
// Refreshing the authentication session should be allowed.
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. When used with cookies, controls
// whether the cookie's lifetime is absolute (matching the
// lifetime of the authentication ticket) or session-based.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
Controler控制器部分,登录代码:
[HttpPost("Login")]
public async Task<JsonResult> Login(getdata _getdata)
{
var userName = _getdata.username;
var passWord = _getdata.password;
var info = _mysql.users.Where(m => m.user_code == userName && m.delflag == 0).FirstOrDefault();
if (info == null)
{
return new JsonResult(new
{
state = false,
code = -1,
data = "",
msg = "用户名不存在!"
});
}
if (CommonOp.MD5Hash(info.pwd).ToLower() != passWord)
{
return new JsonResult(new
{
state = false,
code = -2,
data = "",
msg = "用户密码不正确!"
});
}
#region 身份认证处理
var secrityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["SecurityKey"]));
List<Claim> claims = new List<Claim>();
claims.Add(new Claim("user_code", info.user_code));
claims.Add(new Claim("id", info.id));
var creds = new SigningCredentials(secrityKey, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: _config["JWTDomain"],
audience: _config["JWTDomain"],
claims: claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: creds);
return new JsonResult(new
{
state = true,
code = 0,
data = new JwtSecurityTokenHandler().WriteToken(token),
msg = "获取token成功"
});
#endregion
}
注意, 受身份验证的控制器部分,要加入如下属性头,才可以生效。
[Authorize(AuthenticationSchemes = "Bearer,Cookies")]
public class ControllerCommonBase : ControllerBase
{
}
这样一个Controler 控制器,能够兼容两种模式啦。
这篇关于asp.core 同时兼容JWT身份验证和Cookies 身份验证两种模式的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
您可能喜欢
-
微信支付提示下单账户与支付账户不一致-icode9专业技术文章分享07-03
-
微信支付提示订单号重复-icode9专业技术文章分享07-03
-
微服务启动nacos注册上去了,但是一直没有收到请求-icode9专业技术文章分享07-02
-
如何检查文件的编码格式-icode9专业技术文章分享07-02
-
sublime 更改编码格式-icode9专业技术文章分享07-02
-
uniAPP 实现全屏左右滚动滚动的效果-icode9专业技术文章分享06-30
-
如何在本地使用授权或插件-icode9专业技术文章分享06-30
-
伪静态规则配置方法汇总-icode9专业技术文章分享06-30
-
易优CMS安装常见问题汇总-icode9专业技术文章分享06-29
-
易优新手必读安装教程-icode9专业技术文章分享06-28
-
忘记eyoucms后台密码怎么办?-icode9专业技术文章分享06-28
-
终极指南:Scrum中如何设置需求优先级06-26
-
AI大模型企业应用实战(25)-为Langchain Agent添加记忆功能06-26
-
小白家庭 nas 搭建方案-icode9专业技术文章分享06-26
-
AI大模型企业应用实战(14)-langchain的Embedding06-23
栏目导航
