.Netcore 默认认证授权

新建Webapi 项目

Startup.cs 有

app.AddAuthentication();

这是个中间件，

public async Task Invoke(HttpContext context)
        {
            context.Features.Set<IAuthenticationFeature>(new AuthenticationFeature
            {
                OriginalPath = context.Request.Path,
                OriginalPathBase = context.Request.PathBase
            });
        // Give any IAuthenticationRequestHandler schemes a chance to handle the request
        var handlers = context.RequestServices.GetRequiredService&lt;IAuthenticationHandlerProvider&gt;();
        foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
        {
            var handler = await handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler;
            if (handler != null &amp;&amp; await handler.HandleRequestAsync())
            {
                return;
            }
        }

        var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
        if (defaultAuthenticate != null)
        {
            var result = await context.AuthenticateAsync(defaultAuthenticate.Name);
            if (result?.Principal != null)
            {
                context.User = result.Principal;
            }
        }

        await _next(context);
    }

这里有给context.User 赋值的，实际上就是HttpContext 。

context.AuthenticateAsync(defaultAuthenticate.Name); 这句话追踪下去，可以 到这里
这会找到这个Handler, Handler 的执行方法的返回值就是上面代码里的result

HttpContext 在Controller的基类里有直接访问的。就是这里的赋值在后面的Controller 的HttpContext 可以读取。ControllerBase里也有User 属性: User=>HttpContext?.User

可以建一个父类，封装下，直接读取UserName 和 Role

    [Route("api/[controller]")]
    [ApiController]
    public class BaseController : ControllerBase
    {
        protected string UserName
        {
            get
            {
                return User.Identity.Name;
            }
        }
        protected Role Role
        {
            get
            {
                var s = User.Claims.FirstOrDefault(t => t.Type.EndsWith("role"))?.Value;
                if (!string.IsNullOrWhiteSpace(s))
                {
                    return (Role)Enum.Parse(typeof(Role), s);
                }
                return Role.Invaild;
            }
        }
    protected Role[] Roles
    {
        get
        {
            return User.Claims.Where(t => t.Type.EndsWith("role"))?.Select(t=> (Role)Enum.Parse(typeof(Role), t.Value)).ToArray();
            //if (!string.IsNullOrWhiteSpace(s))
            //{
            //    return (Role)Enum.Parse(typeof(Role), s);
            //}
            //return Role.Invaild;
        }
    }
}

　获取token, 再带上token访问需授权的action, 可以在action中获取到User 信息了。

如果用Bearer . 

Post man中在Request Header上加上Authorization，或者在Authorization 上选择Bearer token

如何获取Token?

 

 

TRANSLATE with x

English

Arabic	Hebrew	Polish
Bulgarian	Hindi	Portuguese
Catalan	Hmong Daw	Romanian
Chinese Simplified	Hungarian	Russian
Chinese Traditional	Indonesian	Slovak
Czech	Italian	Slovenian
Danish	Japanese	Spanish
Dutch	Klingon	Swedish
English	Korean	Thai
Estonian	Latvian	Turkish
Finnish	Lithuanian	Ukrainian
French	Malay	Urdu
German	Maltese	Vietnamese
Greek	Norwegian	Welsh
Haitian Creole	Persian

 

TRANSLATE with

COPY THE URL BELOW

Back

EMBED THE SNIPPET BELOW IN YOUR SITE

Enable collaborative features and customize widget: Bing Webmaster Portal

Back