net.core webapi 使用JWT生成token与验证

1、添加服务(Nuget 安装 )

Microsoft.AspNetCore.Authentication.JwtBearer

2. 在 Program.cs 文件配置如下

复制代码
//添加JWT身份验证服务
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = true,//是否效验Issuer 
                ValidateAudience = true,//是否效验Audience
                ValidateLifetime = true,//是否验证失效时间
                ValidateIssuerSigningKey = true,//是否效验SigningKey
                ValidIssuer = TokenParameter.Issuer,//颁发者
                ValidAudience = TokenParameter.Audience,//接收者 
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter.Secret))
            };
        });
//配置Swagger身份验证输入(可选)
builder.Services.AddSwaggerGen(options =>
{
    options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
    {
        Description = "请输入token,格式为 【Bearer JWT字符串】(注意中间必须有空格)",
        Name = "Authorization",
        In = ParameterLocation.Header,
        Type = SecuritySchemeType.ApiKey,
        BearerFormat = "JWT",
        Scheme = "Bearer"
    });
    //添加安全要求
    options.AddSecurityRequirement(new OpenApiSecurityRequirement {
                {
                    new OpenApiSecurityScheme{
                        Reference =new OpenApiReference{
                            Type = ReferenceType.SecurityScheme,
                            Id ="Bearer"
                        }
                    },new string[]{ }
                }
    });
});
复制代码

3. 在Program.cs 文件使用中间件

app.UseAuthentication();
app.UseAuthorization();

4. 创建帮助类 JwtHelper.cs 

复制代码
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;

namespace WEB.API.Common
{
    public class JwtHelper
    {
        public static string GenerateJsonWebToken(LoginParams userInfo)
        {
            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter.Secret));
            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
            var claimsIdentity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
            claimsIdentity.AddClaim(new Claim("ID", "1001"));
            claimsIdentity.AddClaim(new Claim("Username", userInfo.username));
            claimsIdentity.AddClaim(new Claim("Password", userInfo.password));
            claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, "龙卷风摧毁停车场")); //设置用户名
            claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "admin")); //设置用户角色
            //可通过如下方式来获取用户名或用户角色
            //bool isInRole = HttpContext.User.IsInRole("admin");// 检查用户是否属于某个角色
            //string username = HttpContext.User.Identity.Name; //获取用户名

            var token = new JwtSecurityToken(
              issuer: TokenParameter.Issuer,
              audience: TokenParameter.Audience,
              claims: claimsIdentity.Claims,
              expires: DateTime.Now.AddMinutes(TokenParameter.AccessExpiration),
              signingCredentials: credentials
            );

            return new JwtSecurityTokenHandler().WriteToken(token);
        }

        public class TokenParameter
        {
            public const string Issuer = "Authentication:Issuer";//颁发者        
            public const string Audience = "Authentication:Audience";//接收者    
            public const string Secret = "bKgEeQFTs7dMgPJ532LehCXBRbI+LfTU0uNtZFHs5OE=";//签名秘钥        
            public const int AccessExpiration = 30;//AccessToken过期时间(分钟)
        }
        public class LoginParams
        {
            public string username { get; set; }
            public string password { get; set; }
        }
    }
}
复制代码

 

5 .签名秘钥使用 RNGCryptoServiceProvider 类来生成随机的字节数组,然后将其转换为Base64编码的字符串作为JWT的秘钥。(具体怎么创建点击: https://www.cnblogs.com/tlfe/p/18230656 滑动到最底部)
6. 创建 AuthController.cs 接口

复制代码
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;
using WebApplication1;

namespace WebApplication2.Controllers
{
    [Route("api/[controller]/[action]")]
    [ApiController]
    public class AuthController : ControllerBase
    {
        [HttpPost]
        public ActionResult GetToken(User user)
        {
            if (user.UserName == "admin" && user.UserPwd == "123456")
            {
                string token = JwtHelper.GenerateJsonWebToken(user);
                return Ok("Bearer "+token); //需要再token前面加上Bearer
            }

            Dictionary<string, object> data = new Dictionary<string, object>();
            data["code"] = 2;
            data["msg"] = "帐号或密码错误";
            return Ok(data);
        }
    }
}
复制代码

7. 创建验证token接口 TestController.cs

复制代码
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;

namespace WebApplication2.Controllers
{
    [Route("api/[controller]/[Action]")]
    [ApiController]
    public class TestController : ControllerBase
    {
     [Authorize(Roles = "admin")] //只有admin角色才可以访问此接口
        [HttpPost]
        public string GetTestInfo()
        {
            return "验证成功";
        }
    }
}
复制代码

 

posted @   龙卷风吹毁停车场  阅读(101)  评论(0编辑  收藏  举报
相关博文:
· 在webapi中创建一个jwt token
· net core 接收token,并解析token获取信息
· .NET Framework 中对webapi进行jwt验证
· ASP.NET Core Web API之Token验证
· .Net Core中进行Jwt验证
阅读排行:
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· Docker 太简单,K8s 太复杂?w7panel 让容器管理更轻松!
点击右上角即可分享
微信分享提示