角色不在控制器上工作。NET核心API
我正在尝试授权AuthController的一个方法,我是这样实现的: AuthController.cs角色不在控制器上工作。NET核心API,api,.net-core,authorization,roles,Api,.net Core,Authorization,Roles,我正在尝试授权AuthController的一个方法,我是这样实现的: AuthController.cs [HttpPost("register")] [Authorize] [EnableCors("AllowAllHeaders")] public async Task<IActionResult> Register(UserForRegisterDto userForRegisterDto) { // bla bla b
[HttpPost("register")]
[Authorize]
[EnableCors("AllowAllHeaders")]
public async Task<IActionResult> Register(UserForRegisterDto userForRegisterDto)
{
// bla bla bla
}
IdentityBuilder builder = services.AddIdentityCore<User>(options =>
{
options.Password.RequiredLength = 4;
options.Password.RequireDigit = false;
options.Password.RequireUppercase = false;
options.Password.RequireNonAlphanumeric = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
builder.AddEntityFrameworkStores<DataContext>();
builder.AddRoleValidator<RoleValidator<Role>>();
builder.AddRoleManager<RoleManager<Role>>();
builder.AddSignInManager<SignInManager<User>>();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII
.GetBytes(Configuration.GetSection("AppSettings:Token").Value)),
ValidateIssuer = false,
ValidateAudience = false
};
});
services.AddControllers(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddNewtonsoftJson(opt =>
{
opt.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
是否仍缺少一些配置
我在这里试图完成的是使用Roles=“Admin”进行授权,以便注册一个帐户,但除了401之外,我没有任何其他响应
这是在我的登录方法上生成的令牌,我在授权标头上使用它:
EYJHBGCIOIJIUZUXMIIR5CCI6IKPXVCJ9.EYJUYU1LAWZV9UYW1LIJOIQXPYYWVSIIWICM9SZSI6WYJBZG1BIISIKVTCG6VEWVLL0SIM5IZIII6NTQZNZGZNZZYZHWIZHJ0NTI0MJM3LCJXYX0ODUZC4MZD9.DWDCEMXBRGZGEI1W2GNY ECCMA732BAFUN2YZYZK2PJJJ8V8V6V6V6ZYMZYMZYMZZZYMZZZZZZZZZYM9W9V6NZZZZZZZF
在Configure方法中,UseAuthentication()和UseAuthentication()的顺序不正确。应先进行身份验证,然后进行授权:
app.UseAuthentication();
app.UseAuthorization();
问题出在UseAuthentication()和UseAuthorization()的顺序上?是的。非常感谢你!如果你写一个答案,我会把它记下来,因为它是解决我问题的方法。很乐意帮忙。把它作为一个答案。
app.UseAuthentication();
app.UseAuthorization();