Api post请求如何通过在postman中访问[AllowAnonymous]创建访问[Authorized]
这是我的TokenController的一部分Api post请求如何通过在postman中访问[AllowAnonymous]创建访问[Authorized],api,asp.net-core,postman,Api,Asp.net Core,Postman,这是我的TokenController的一部分 [Route("api/[controller]")] [ApiController] public class TokenController : ControllerBase { [AllowAnonymous] [HttpPost] public IActionResult CreateToken([FromBody]LoginModel login) {} [HttpGet, Auth
[Route("api/[controller]")]
[ApiController]
public class TokenController : ControllerBase
{
[AllowAnonymous]
[HttpPost]
public IActionResult CreateToken([FromBody]LoginModel login)
{}
[HttpGet, Authorize]
public IEnumerable<Book> Get()
{
var currentUser = HttpContext.User;
int userAge = 0;
var resultBookList = new Book[] {
new Book { Author = "Ray Bradbury", Title = "Fahrenheit 451" },
new Book { Author = "Gabriel García Márquez", Title = "One"},
};
return resultBookList;
}
}
在令牌控制器中
private UserModel Authenticate(LoginModel login)
{
UserModel user = null;
if (login.Username == "mario" && login.Password == "secret")
{
user = new UserModel { Name = "Mario Rossi", Email = "mario.rossi@domain.com" };
}
return user;
}
这是我的图书控制器的一部分
[Route("api/[controller]")]
[ApiController]
public class TokenController : ControllerBase
{
[AllowAnonymous]
[HttpPost]
public IActionResult CreateToken([FromBody]LoginModel login)
{}
[HttpGet, Authorize]
public IEnumerable<Book> Get()
{
var currentUser = HttpContext.User;
int userAge = 0;
var resultBookList = new Book[] {
new Book { Author = "Ray Bradbury", Title = "Fahrenheit 451" },
new Book { Author = "Gabriel García Márquez", Title = "One"},
};
return resultBookList;
}
}
[HttpGet,授权]
公共IEnumerable Get()
{
var currentUser=HttpContext.User;
int userAge=0;
var resultBookList=新书[]{
新书{Author=“Ray Bradbury”,Title=“华氏451”},
新书{Author=“Gabriel García Márquez”,Title=“One”},
};
返回结果ooklist;
}
}
当我通过邮递员将{“username”:“mario”,“password”:“secret”}发送给api/令牌时,它会将令牌返回给我
但是,当我将其发送到api/books时,它没有返回如何通过postman创建post Requist以获取书籍的详细信息,我想您是在问如何将令牌用于未来的web请求。如果是这样,则必须向web请求添加标头。例如:
Authorization: Bearer eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9DQp7InVuaXF1ZV9uYW1lIjoic3RldmUiLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy91c2VydHlwZSI6Ik4iLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy91c2Vyc3RhdHVzIjoiQSIsImh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL3NpZCI6IkJhcnJ5IiwiZW1haWwiOiIiLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy9yZXNldHBhc3N3b3JkIjoiRmFsc2UiLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy9jbGllbnRpZCI6IkFJMjE0MjYwIiwiaHR0cDovL0p1bmsvd3MvMjAxOC8wNS9pZGVudGl0eS9jbGFpbXMvc2Vzc2lvbnN0YXJ0IjoiNjM2NjY5MTk0NjEwNDUwNDkyIiwibmJmIjoxNTMxMzE3ODYxLCJleHAiOjE1MzEzNzc4NjEsImlhdCI6MTUzMTM0Nzg2MSwiaXNzIjoiSnVuayJ9DQo5VX/vv73QhF0M77+9PsWhWwjvv73vv70k77+9b++/vSrvv73vv73vv73vv71Z77+9Le+/ve+/vT3vv73vv73vv73vv71gWVRrdc6a77+9TnQCaCnvv70NCu+/vWRo77+977+977+9cWIy77+9HO+/vRF5DQo=
Postman允许添加自定义标头,但对于此标头,我们可以使用Postman请求选项卡“授权”来定义承载令牌标头。有关如何添加无记名令牌头的详细信息,请参阅。哦,好的-您的问题是“如何将无记名令牌头添加到邮递员请求中?”@DulangaHeshan-我已添加了对邮递员授权帮助页面的参考。您将需要查看关于承载令牌的部分。看起来该工具允许某种类型的授权层次结构-他们实现了某种类型的授权继承模型。请求中必须存在承载令牌头。