Model view controller 在dot net core MVC中使用Jwt进行简单身份验证
我试图在我的dotnetcore应用程序中添加JWT验证。我已经理解了JWT,并且能够通过给一些像这样的值来生成令牌Model view controller 在dot net core MVC中使用Jwt进行简单身份验证,model-view-controller,asp.net-core,jwt,Model View Controller,Asp.net Core,Jwt,我试图在我的dotnetcore应用程序中添加JWT验证。我已经理解了JWT,并且能够通过给一些像这样的值来生成令牌 var token = new JwtSecurityToken( issuer: issuer, audience: aud, claims: claims, expires: expTime, signingCredentials: creds ); 编辑:接下来,我还在我的应用程序中添加了JwtBearerAuthentication中间件,方法是将a
var token = new JwtSecurityToken(
issuer: issuer,
audience: aud,
claims: claims,
expires: expTime,
signingCredentials: creds
);
编辑:接下来,我还在我的应用程序中添加了JwtBearerAuthentication中间件,方法是将app.UseJwtBearerAuthentication(新的jwtbearoptions{/*options*/})添加到Startup.Configure()方法
现在我被卡住了,我怎么能在HTTP头中传递这个令牌呢?我将在登录时生成此令牌,但下一步是什么?我怎样才能知道JWT已经添加并且运行良好
任何帮助都将不胜感激。这是ASP.NET核心中可运行的承载令牌身份验证示例。
在后端,您可以按照以下代码生成令牌:
[Route("api/[controller]")]
public class TokenAuthController : Controller
{
[HttpPost]
public string GetAuthToken(User user)
{
var existUser = UserStorage.Users.FirstOrDefault(u => u.Username == user.Username && u.Password == user.Password);
if (existUser != null)
{
var requestAt = DateTime.Now;
var expiresIn = requestAt + TokenAuthOption.ExpiresSpan;
var token = GenerateToken(existUser, expiresIn);
return JsonConvert.SerializeObject(new {
stateCode = 1,
requertAt = requestAt,
expiresIn = TokenAuthOption.ExpiresSpan.TotalSeconds,
accessToken = token
});
}
else
{
return JsonConvert.SerializeObject(new { stateCode = -1, errors = "Username or password is invalid" });
}
}
private string GenerateToken(User user, DateTime expires)
{
var handler = new JwtSecurityTokenHandler();
ClaimsIdentity identity = new ClaimsIdentity(
new GenericIdentity(user.Username, "TokenAuth"),
new[] {
new Claim("ID", user.ID.ToString())
}
);
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = TokenAuthOption.Issuer,
Audience = TokenAuthOption.Audience,
SigningCredentials = TokenAuthOption.SigningCredentials,
Subject = identity,
Expires = expires
});
return handler.WriteToken(securityToken);
}
}
在Startup.cs/ConfigureServices方法中
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
并在Configure方法中添加此代码
app.UseJwtBearerAuthentication(new JwtBearerOptions {
TokenValidationParameters = new TokenValidationParameters {
IssuerSigningKey = TokenAuthOption.Key,
ValidAudience = TokenAuthOption.Audience,
ValidIssuer = TokenAuthOption.Issuer,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
ClockSkew = TimeSpan.FromMinutes(0)
}
});
在前端,您只需将令牌添加到标头,如下所示:
$.ajaxSetup({
headers: { "Authorization": "Bearer " + accessToken }
});
或
这是ASP.NET Core中承载令牌身份验证的可运行示例。
在后端,您可以按照以下代码生成令牌:
[Route("api/[controller]")]
public class TokenAuthController : Controller
{
[HttpPost]
public string GetAuthToken(User user)
{
var existUser = UserStorage.Users.FirstOrDefault(u => u.Username == user.Username && u.Password == user.Password);
if (existUser != null)
{
var requestAt = DateTime.Now;
var expiresIn = requestAt + TokenAuthOption.ExpiresSpan;
var token = GenerateToken(existUser, expiresIn);
return JsonConvert.SerializeObject(new {
stateCode = 1,
requertAt = requestAt,
expiresIn = TokenAuthOption.ExpiresSpan.TotalSeconds,
accessToken = token
});
}
else
{
return JsonConvert.SerializeObject(new { stateCode = -1, errors = "Username or password is invalid" });
}
}
private string GenerateToken(User user, DateTime expires)
{
var handler = new JwtSecurityTokenHandler();
ClaimsIdentity identity = new ClaimsIdentity(
new GenericIdentity(user.Username, "TokenAuth"),
new[] {
new Claim("ID", user.ID.ToString())
}
);
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = TokenAuthOption.Issuer,
Audience = TokenAuthOption.Audience,
SigningCredentials = TokenAuthOption.SigningCredentials,
Subject = identity,
Expires = expires
});
return handler.WriteToken(securityToken);
}
}
在Startup.cs/ConfigureServices方法中
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
并在Configure方法中添加此代码
app.UseJwtBearerAuthentication(new JwtBearerOptions {
TokenValidationParameters = new TokenValidationParameters {
IssuerSigningKey = TokenAuthOption.Key,
ValidAudience = TokenAuthOption.Audience,
ValidIssuer = TokenAuthOption.Issuer,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
ClockSkew = TimeSpan.FromMinutes(0)
}
});
在前端,您只需将令牌添加到标头,如下所示:
$.ajaxSetup({
headers: { "Authorization": "Bearer " + accessToken }
});
或
从何处以及如何获取accessToken?您可以在代码示例中的Controllers/TokenAuthController.cs中找到代码。是否有任何方法通过razor语法实现此解决方案?我们没有ajax调用的地方?在浏览器中无法将http头添加到表单请求。但您可以在浏览器和服务器端将令牌设置为cookie,添加一个中间件以通过cookie设置httpheader。也许您应该为web jwt网页身份验证创建另一个问题。从何处以及如何获取accessToken??您可以从代码示例中的Controllers/TokenAuthController.cs中找到代码。是否有任何方法通过razor语法实现此解决方案?我们没有ajax调用的地方?在浏览器中无法将http头添加到表单请求。但您可以在浏览器中将令牌设置为cookie,并在服务器端添加中间件以通过cookie设置httpheader。也许您应该为web jwt网页身份验证创建另一个问题。