使用HttpContext.SignInAsync实现简单的授权
1. 将认证添加到服务中
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => { //登入地址 options.LoginPath = "/Account/FcbLogin/"; //登出地址 options.LogoutPath = "/Account/FcbLogout/"; //设置cookie过期时长 //options.ExpireTimeSpan = TimeSpan.FromSeconds(10); });
所有CookieAuthenticationOptions 属性可以查看微软官方文档
2. 注入管道
这里认证要在授权之前注入
app.UseAuthentication();
3. 添加登入和登出
这里我没有验证用户账号密码,只是写了登入和登出的相关代码,这里也可以喝注入认证那里一样,这是票证过期时间
[HttpPost] public async Task<ActionResult> Login(UserLogin model) { //这里的scheme一定要和注入服务的scheme一样 var identity = new ClaimsIdentity(new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme)); //自定义的claim信息 identity.AddClaim(new Claim("abc", "123")); AuthenticationProperties properties = new AuthenticationProperties() { //设置cookie票证的过期时间 ExpiresUtc = DateTime.Now.AddDays(1), RedirectUri = model.ReturnUrl }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity), properties); if (string.IsNullOrEmpty(model.ReturnUrl)) { return LocalRedirect("/"); } return LocalRedirect(model.ReturnUrl); }
[HttpGet] public ActionResult FcbLoginOut() { //AuthenticationProperties properties = new AuthenticationProperties() //{ // ExpiresUtc = DateTime.Now.AddDays(-100) //}; HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return Ok(); }