.net core 2.0 登陆权限验证

首先在Startup的ConfigureServices方法添加一段权限代码

services.AddAuthentication(x=> {
                x.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; x.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme; x.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; }).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, x => { //登录地址 x.LoginPath = "/Home/Login"; //sid x.Cookie.Name = "mycookie"; x.Cookie.Path = "/"; x.Cookie.HttpOnly = true; x.Cookie.Expiration = new TimeSpan(0, 0, 30); x.ExpireTimeSpan = new TimeSpan(0, 0, 30); });

这里整理下目录。

有个HomeController，首页的Index页面添加[Authorize]，需要权限进入

有个Login的action，登录页

添加登录方法SignIn

public async Task<IActionResult> SignIn(LoginViewModel model)
        {
            if (ModelState.IsValid) { var claims = new List<Claim>(); claims.Add(new Claim(ClaimTypes.Name, model.UserName)); var identity = new ClaimsIdentity(claims, "login"); var principal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); if (principal.Identity.IsAuthenticated) return RedirectToAction("Index"); } return View(); }

添加登录页面

@{
    ViewData["Title"] = "Login";
}

<h2>Login</h2>

<form method="post" action="/home/SignIn"> 用户名<input type="text" name="username" /> 密码<input type="password" name="password" /> <button type="submit" class="btn">登录</button> </form>

因为在Startup里面配置了当没权限时进入登录页面  

                        x.LoginPath = "/Home/Login";

此时运行程序，会跳转到登录页面

输入用户名密码登陆，登录验证成功后就可以跳转到Index了。

再添加个退出

public async Task<IActionResult> SignOut()
        {
            if (HttpContext.User.Identity.IsAuthenticated)
                await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

            return RedirectToAction("Login");
        } 

在页面上可以通过这段代码判断是否登录

Context.User.Identity.IsAuthenticated