Asp.net core 如何生成具有Net Core的JWT
您好,我在使用Net Core创建令牌时感到困惑,我遵循了一个指南,在Postman中执行Post请求时没有工作 请看,我的数据库带有ef核心迁移,我的用户类有用户名和密码{get;set;} 然后,我创建了一个AuthController,其中包含以下内容:Asp.net core 如何生成具有Net Core的JWT,asp.net-core,jwt,entity-framework-core,Asp.net Core,Jwt,Entity Framework Core,您好,我在使用Net Core创建令牌时感到困惑,我遵循了一个指南,在Postman中执行Post请求时没有工作 请看,我的数据库带有ef核心迁移,我的用户类有用户名和密码{get;set;} 然后,我创建了一个AuthController,其中包含以下内容: public class AuthController : Controller { private readonly IConfiguration _configuration; private readonly Hac
public class AuthController : Controller
{
private readonly IConfiguration _configuration;
private readonly HacsysContext _context;
public AuthController(IConfiguration configuration, HacsysContext context) {
_configuration = configuration;
}
[AllowAnonymous]
[HttpPost]
[Route("token")]
public IActionResult Post([FromBody]Personal personal)
{
if (ModelState.IsValid)
{
var userId = GetUserIdFromCredentials(personal);
if (userId == -1)
{
return Unauthorized();
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, personal.CorreoE),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var token = new JwtSecurityToken
(
issuer: _configuration["Issuer"],
audience: _configuration["Audience"],
claims: claims,
expires: DateTime.UtcNow.AddDays(10),
notBefore: DateTime.UtcNow,
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SigningKey"])),
SecurityAlgorithms.HmacSha256)
);
return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) });
}
return BadRequest();
}
private int GetUserIdFromCredentials(Personal personal)
{
var userId = -1;
var email = personal.CorreoE;
var password = personal.Contrasena;
if (personal.CorreoE.Equals(email))
{
userId = 1;
}
return userId;
}
}
基本上,当我在GetUserIdFromCredentials中比较电子邮件是否等于peronal.CorreoE时,返回的总是True,即使在Postman中,我发送的邮件中只有一封信或不同的电子邮件,或者数据库中没有的不同电子邮件
您每次都会获得userId 1,因为您首先将电子邮件值设置为该值 然后比较
email
值是否等于personal.CorreoE
。。这将始终为真,因此返回1
但是,您应该做的是在dbContext中对Personal实体进行查询,以查找带有该电子邮件的人员,并返回找到的实体的userId
private int GetUserIdFromCredentials(Personal personal)
{
var email = personal.CorreoE;
var password = personal.Contrasena;
//make a query on the db context
var dbPerson = _context.Personal.FirstOrDefault(p=> p.Email == email);
if(dbPerson == null)
return -1;
return dbPerson.Id;
}