视频讲解地址 https://www.bilibili.com/video/BV1XN4y1x758/
1、添加服务(Nuget 安装 Microsoft.AspNetCore.Authentication.JwtBearer)
//添加JWT身份验证服务 builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true,//是否效验Issuer ValidateAudience = true,//是否效验Audience ValidateLifetime = true,//是否验证失效时间 ValidateIssuerSigningKey = true,//是否效验SigningKey ValidIssuer = TokenParameter.Issuer,//颁发者 ValidAudience = TokenParameter.Audience,//接收者 IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter.Secret)) }; }); //配置Swagger身份验证输入(可选) builder.Services.AddSwaggerGen(options => { options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme { Description = "请输入token,格式为 【Bearer JWT字符串】(注意中间必须有空格)", Name = "Authorization", In = ParameterLocation.Header, Type = SecuritySchemeType.ApiKey, BearerFormat = "JWT", Scheme = "Bearer" }); //添加安全要求 options.AddSecurityRequirement(new OpenApiSecurityRequirement { { new OpenApiSecurityScheme{ Reference =new OpenApiReference{ Type = ReferenceType.SecurityScheme, Id ="Bearer" } },new string[]{ } } }); });
2、使用中间件
app.UseAuthentication(); app.UseAuthorization();
3、JWT帮助类
using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; namespace WebApplication1 { public class JwtHelper { public static string GenerateJsonWebToken(User userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter.Secret)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claimsIdentity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); claimsIdentity.AddClaim(new Claim("ID", "1001")); claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, userInfo.UserName)); claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "超级管理员")); var token = new JwtSecurityToken(TokenParameter.Issuer, TokenParameter.Audience, claimsIdentity.Claims, expires: DateTime.Now.AddMinutes(TokenParameter.AccessExpiration), signingCredentials: credentials); return new JwtSecurityTokenHandler().WriteToken(token); } } public class TokenParameter { public const string Issuer = "lqwvje";//颁发者 public const string Audience = "LuoFenMing";//接收者 public const string Secret = "1122334455667788";//签名秘钥 public const int AccessExpiration = 30;//AccessToken过期时间(分钟) } public class User { public string UserName { get; set; } public string UserPwd { get; set; } } }
4、创建JWT Token API接口
using Microsoft.AspNetCore.Mvc; namespace WebApplication1.Controllers { [Route("api/[controller]/[Action]")] [ApiController] public class AuthController : ControllerBase { [HttpPost] public ActionResult GetToken(User user) { if (user.UserName == "admin" && user.UserPwd == "123456") { string token = JwtHelper.GenerateJsonWebToken(user); return Ok(token); } Dictionary<string,object> data = new Dictionary<string, object>(); data["code"] = 2; data["msg"] = "帐号或密码错误"; return Ok(data); } } }
5、测试接口
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using static System.Net.Mime.MediaTypeNames; using System.Security.Claims; namespace WebApplication1.Controllers { [Authorize] [Route("api/[controller]/[Action]")] [ApiController] public class TestController : ControllerBase { [HttpPost] public ActionResult GetTestInfo() { var claimsPrincipal = this.HttpContext.User; var name = claimsPrincipal.Claims.FirstOrDefault(r => r.Type == ClaimTypes.Name)?.Value; var role = claimsPrincipal.Claims.FirstOrDefault(r => r.Type == ClaimTypes.Role)?.Value; Dictionary<string, object> dic = new Dictionary<string, object>(); dic["Code"] = 1; dic["Msg"] = "token 认证 成功"; return Ok(dic); } } }
本文来自 www.luofenming.com
源码地址 : https://pan.baidu.com/s/1kAMGM0UPoPSw5j8t8_5E2A?pwd=a775 提取码: a775