Api post请求如何通过在postman中访问[AllowAnonymous]创建访问[Authorized]_Api_Asp.net Core_Postman

Api post请求如何通过在postman中访问[AllowAnonymous]创建访问[Authorized]

api asp.net-core postman

Api post请求如何通过在postman中访问[AllowAnonymous]创建访问[Authorized],api,asp.net-core,postman,Api,Asp.net Core,Postman,这是我的TokenController的一部分 [Route("api/[controller]")] [ApiController] public class TokenController : ControllerBase { [AllowAnonymous] [HttpPost] public IActionResult CreateToken([FromBody]LoginModel login) {} [HttpGet, Auth

这是我的TokenController的一部分

 [Route("api/[controller]")]
[ApiController]
public class TokenController : ControllerBase
{
    [AllowAnonymous]
    [HttpPost]
    public IActionResult CreateToken([FromBody]LoginModel login)
    {}

[HttpGet, Authorize]
    public IEnumerable<Book> Get()
    {
        var currentUser = HttpContext.User;
        int userAge = 0;
        var resultBookList = new Book[] {
            new Book { Author = "Ray Bradbury", Title = "Fahrenheit 451" },
            new Book { Author = "Gabriel García Márquez", Title = "One"},
        };
      
        return resultBookList;
    }
}

在令牌控制器中

      private UserModel Authenticate(LoginModel login)
    {
        UserModel user = null;

        if (login.Username == "mario" && login.Password == "secret")
        {
            user = new UserModel { Name = "Mario Rossi", Email = "mario.rossi@domain.com" };
        }
        return user;
    }

这是我的图书控制器的一部分

 [Route("api/[controller]")]
[ApiController]
public class TokenController : ControllerBase
{
    [AllowAnonymous]
    [HttpPost]
    public IActionResult CreateToken([FromBody]LoginModel login)
    {}

[HttpGet, Authorize]
    public IEnumerable<Book> Get()
    {
        var currentUser = HttpContext.User;
        int userAge = 0;
        var resultBookList = new Book[] {
            new Book { Author = "Ray Bradbury", Title = "Fahrenheit 451" },
            new Book { Author = "Gabriel García Márquez", Title = "One"},
        };
      
        return resultBookList;
    }
}

[HttpGet，授权]
公共IEnumerable Get（）
{
var currentUser=HttpContext.User；
int userAge=0；
var resultBookList=新书[]{
新书{Author=“Ray Bradbury”，Title=“华氏451”}，
新书{Author=“Gabriel García Márquez”，Title=“One”}，
};
返回结果ooklist；
}
}

当我通过邮递员将{“username”：“mario”，“password”：“secret”}发送给api/令牌时，它会将令牌返回给我

但是，当我将其发送到api/books时，它没有返回如何通过postman创建post Requist以获取书籍的详细信息，我想您是在问如何将令牌用于未来的web请求。如果是这样，则必须向web请求添加标头。例如：

Authorization: Bearer eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9DQp7InVuaXF1ZV9uYW1lIjoic3RldmUiLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy91c2VydHlwZSI6Ik4iLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy91c2Vyc3RhdHVzIjoiQSIsImh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL3NpZCI6IkJhcnJ5IiwiZW1haWwiOiIiLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy9yZXNldHBhc3N3b3JkIjoiRmFsc2UiLCJodHRwOi8vSnVuay93cy8yMDE4LzA1L2lkZW50aXR5L2NsYWltcy9jbGllbnRpZCI6IkFJMjE0MjYwIiwiaHR0cDovL0p1bmsvd3MvMjAxOC8wNS9pZGVudGl0eS9jbGFpbXMvc2Vzc2lvbnN0YXJ0IjoiNjM2NjY5MTk0NjEwNDUwNDkyIiwibmJmIjoxNTMxMzE3ODYxLCJleHAiOjE1MzEzNzc4NjEsImlhdCI6MTUzMTM0Nzg2MSwiaXNzIjoiSnVuayJ9DQo5VX/vv73QhF0M77+9PsWhWwjvv73vv70k77+9b++/vSrvv73vv73vv73vv71Z77+9Le+/ve+/vT3vv73vv73vv73vv71gWVRrdc6a77+9TnQCaCnvv70NCu+/vWRo77+977+977+9cWIy77+9HO+/vRF5DQo=

Postman允许添加自定义标头，但对于此标头，我们可以使用Postman请求选项卡“授权”来定义承载令牌标头。有关如何添加无记名令牌头的详细信息，请参阅。

哦，好的-您的问题是“如何将无记名令牌头添加到邮递员请求中？”@DulangaHeshan-我已添加了对邮递员授权帮助页面的参考。您将需要查看关于承载令牌的部分。看起来该工具允许某种类型的授权层次结构-他们实现了某种类型的授权继承模型。请求中必须存在承载令牌头。