asp.core webapi头部token认证
1、新建个证书类TokenParameter也可以写入appsetting.json
public class TokenParameter { public const string Issuer = "小白";//颁发者 public const string Audience = "下黑";//接收者 public const string Secret = "1234567812345678";//签名秘钥 public const int AccessExpiration = 30;//AccessToken过期时间(分钟) }
2、新建个类OAuthController
[Route("api/oauth")] [ApiController] public class OAuthController : ControllerBase {/// <summary> /// 获取Token /// </summary> /// <returns></returns> [HttpGet] [Route("token")] public ActionResult GetAccessToken(string username, string password) { //这儿在做用户的帐号密码校验。我这儿略过了。 if (username != "admin" || password != "123") return BadRequest("Invalid Request"); var claims = new[] { new Claim(ClaimTypes.Name, username), new Claim(ClaimTypes.Role, ""), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken(TokenParameter.Issuer, TokenParameter.Audience, claims, expires: DateTime.UtcNow.AddMinutes(TokenParameter.AccessExpiration), signingCredentials: credentials); var token = new JwtSecurityTokenHandler().WriteToken(jwtToken); return Ok(token); } }
3、Startup下注入
services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(x => { x.RequireHttpsMetadata = false; x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true,//是否调用对签名securityToken的SecurityKey进行验证 IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(TokenParameter.Secret)),//签名秘钥 ValidateIssuer = true,//是否验证颁发者 ValidIssuer = TokenParameter.Issuer, //颁发者 ValidateAudience = true, //是否验证接收者 ValidAudience = TokenParameter.Audience,//接收者 ValidateLifetime = true,//是否验证失效时间 }; });
Configure下注入
public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseAuthentication();//必须在app.UseAuthorization();之前 //处理异常 app.UseStatusCodePages(new StatusCodePagesOptions() { HandleAsync = (context) => { if (context.HttpContext.Response.StatusCode == 401) { using (System.IO.StreamWriter sw = new System.IO.StreamWriter(context.HttpContext.Response.Body)) { sw.Write(Newtonsoft.Json.JsonConvert.SerializeObject(new { status = 401, message = "access denied!", })); } } return System.Threading.Tasks.Task.Delay(0); } }); app.UseMvc(); }
4、需要认证的Controller添加[Authorize]即可
[Authorize] [Route("api/[controller]")]
5、core webapi解决跨域
(1)、网上方法都试了发现还是不行,最后的方法可以,其它方法有空也可以试试
public void ConfigureServices(IServiceCollection services) { // 配置跨域 services.AddCors(options => { options.AddPolicy("CorsPolicy", builder => { builder.AllowAnyOrigin() //允许所有Origin策略 //允许所有请求方法:Get,Post,Put,Delete .AllowAnyMethod() //允许所有请求头:application/json .AllowAnyHeader(); }); }); }
public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseCors();//跨域 }
(2)需要跨域调用的Controller上面添加[EnableCors("CorsPolicy")]就可以了
[EnableCors("CorsPolicy")] //允许跨域
本文来自博客园,作者:键盘侠客,转载请注明原文链接:https://www.cnblogs.com/dongzi1997/p/16210907.html
浙公网安备 33010602011771号