学海无涯

导航

统计

使用 ASP.NET Core 封装的 JWT

一、用NuGet安装 :Microsoft.AspNetCore.Authentication.JwtBearer

二、在appsetting中添加配置节点

?
1
2
3
4
"JWT": {
    "SigningKey": "",
    "ExpireSeconds": ""
  }
?
1
2
3
4
5
public class JWTOptions
   {
       public string SigningKey { get; set; }
       public string ExpireSeconds { get; set; }
   }

  

 三、注册服务

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
//配置JWT
services.Configure<JWTOptions>(builder.Configuration.GetSection("JWT"));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(x =>
    {
        var jwtOpt = builder.Configuration.GetSection("JWT").Get<JWTOptions>();
        byte[] keyBytes=Encoding.UTF8.GetBytes(jwtOpt.SigningKey);
        var secKey=new SymmetricSecurityKey(keyBytes);
        x.TokenValidationParameters = new()
        {
            ValidateIssuer = false,
            ValidateAudience = false,
            ValidateLifetime = false,
            ValidateIssuerSigningKey = true,
            IssuerSigningKey = secKey
        };
    });<br>services.AddScoped<JwtHelper,JwtHelper>();

  

?
1
2
app.UseAuthentication();
app.UseAuthorization();

使用

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
using CAPWebApplication.Config;
using CAPWebApplication.Entities;
using CAPWebApplication.Tools;
using CAPWebApplication.ViewModel;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using System.Security.Claims;
 
namespace CAPWebApplication.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class UserRoleController : ControllerBase
    {
        private readonly ILogger<UserRoleController> m_logger;
        private readonly UserManager<User> m_userManager;
        private readonly RoleManager<Role> m_roleManager;
        private readonly IOptions<JWTOptions> m_JWTOptions;
        private readonly JwtHelper m_JwtHelper;
        public UserRoleController(ILogger<UserRoleController> logger, UserManager<User> userManager, RoleManager<Role> roleManager, IOptions<JWTOptions> jWTOptions = null, JwtHelper jwtHelper = null)
        {
            m_logger = logger;
            m_userManager = userManager;
            m_roleManager = roleManager;
            m_JWTOptions = jWTOptions;
            m_JwtHelper = jwtHelper;
        }
        [Route(nameof(CreateUserRole))]
        [HttpPost]
        public async Task<ActionResult> CreateUserRole()
        {
            bool roleExists = await m_roleManager.RoleExistsAsync("admin");
            if (!roleExists)
            {
                Role role = new Role { Name = "Admin" };
                var r = await m_roleManager.CreateAsync(role);
                if (!r.Succeeded)
                {
                    return BadRequest(r.Errors);
                }
            }
            User user = await m_userManager.FindByNameAsync("yyy");
            if (user == null)
            {
                user = new User
                {
                    UserName = "yyy",
                    Email = "flyingdream8@163.com",
                    EmailConfirmed = true
                };
                var r = await m_userManager.CreateAsync(user, "123456");
                if (!r.Succeeded)
                {
                    return BadRequest(r.Errors);
                }
                r = await m_userManager.AddToRoleAsync(user, "admin");
                if (!r.Succeeded)
                {
                    return BadRequest(r.Errors);
                }
            }
            return Ok();
        }
        [Route(nameof(Login))]
        [HttpPost]
        public async Task<ActionResult> Login(UserViewModel model)
        {//验证用户名和密码
            if (model == null || string.IsNullOrEmpty(model.UserName) ||
                string.IsNullOrEmpty(model.Password))
            {
                return BadRequest();
            }
            var user = await m_userManager.FindByNameAsync(model.UserName);
            if (user == null)
            {
                return NotFound($"用户名不存在{model.UserName}");
            }
            if (await m_userManager.IsLockedOutAsync(user))
                return BadRequest("LockedOut");
            var success = await m_userManager.CheckPasswordAsync(user, model.Password);
            if (success)
            {//登录成功返回Token
                string jwtToken = await m_JwtHelper.GenerateJWT(user, m_JWTOptions.Value.SigningKey, m_JWTOptions.Value.ExpireSeconds);
                return Ok(jwtToken);
            }
            else
            {
                await m_userManager.AccessFailedAsync(user);
                return BadRequest("密码错误");
            }
        }
        [Authorize]
        [Route(nameof(GetUserRole))]
        [HttpGet]
        public async Task<ActionResult> GetUserRole()
        {//读取当前登录用户User的信息
            string id = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value;
            string userName = this.User.FindFirst(ClaimTypes.Name)!.Value;
            IEnumerable<Claim> roleClaims = this.User.FindAll(ClaimTypes.Role);
            string roleNames = string.Join(',', roleClaims.Select(c => c.Value));
            return Ok($"Id={id},UserName={userName},Roles={roleNames}");
        }
    }
 
 
}

 JWTHelper参见: https://www.cnblogs.com/friend/p/16757914.html

posted on   宁静致远.  阅读(99)  评论(0编辑  收藏  举报

相关博文:
· 生成JWT
· 配置APS.NET Core 提供的 用户角色的数据库
· Asp.Net Core鉴权授权:.Net Core对于JWT的封装
· AspNetCore中的身份鉴权基于JWT
· ASP.NET Core使用JWT+标识框架(identity)实现登录验证
阅读排行:
· DeepSeek 开源周回顾「GitHub 热点速览」
· 记一次.NET内存居高不下排查解决与启示
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· .NET10 - 预览版1新功能体验(一)
点击右上角即可分享
微信分享提示
AI FOR CODE 大赛