添加swagger程序包
Startup配置服务中间件
项目属性
调试浏览器
启动项目查看swaggerUI是否正常。。正常如下图
准备工作完毕,下面开始加入jwt验证功能
添加相关程序包
Startup 向swagger页面添加提供验证token相关配置
运行并请求接口看看是否请求的时候带请求头 Authorization
创建jwt配置类
public class JwtIssuerOptions
{
public string Issuer { get; set; }
public string Audience { get; set; }
public string ValidFor { get; set; }
public string ValidAudience { get; set; }
public string SecurityKey { get; set; }
}
appsettings.json配置信息
开启jwt验证服务
#region 注册JwT验证
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(opt =>
{
//获取appsettings配置值
var jwtmodel = Configuration.GetSection(nameof(JwtIssuerOptions));
var iss = jwtmodel[nameof(JwtIssuerOptions.Issuer)];
var key = jwtmodel[nameof(JwtIssuerOptions.SecurityKey)];
var audience = jwtmodel[nameof(JwtIssuerOptions.Audience)];
opt.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,//是否验证Issuer
ValidateAudience = true,//是否验证Audience
ValidateLifetime = true,//是否验证失效时间
ClockSkew = TimeSpan.FromSeconds(30),
ValidateIssuerSigningKey = true,//是否验证SecurityKey
ValidAudience = audience,//Audience
ValidIssuer = iss,//Issuer,这两项和前面签发jwt的设置一致
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key))//拿到SecurityKey
};
});
#endregion
Configure 中间件
这样配置方面就准备好了开始使用
添加登录请求类
public class LoginRequest
{
[Required(ErrorMessage = "请输入在账号")]
public string LoginID { get; set; }
[Required(ErrorMessage = "请输入在密码")]
public string LoginPwd { get; set; }
}
添加登录获取token的控制器
[Route("api/[controller]/[action]")]
[ApiController]
public class AuthController : ControllerBase
{
private readonly IConfiguration _configuration;
public AuthController(IConfiguration configuration)
{
_configuration = configuration;
}
[HttpPost]
public string Gettoken([FromBody]LoginRequest request)
{
var jwtmodel = _configuration.GetSection(nameof(JwtIssuerOptions));
var iss = jwtmodel[nameof(JwtIssuerOptions.Issuer)];
var key = jwtmodel[nameof(JwtIssuerOptions.SecurityKey)];
var audience = jwtmodel[nameof(JwtIssuerOptions.Audience)];
if (request.LoginID == "admin" && request.LoginPwd == "1")
{
var claims = new[]{
new Claim(JwtRegisteredClaimNames.Nbf,$"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}") ,
new Claim (JwtRegisteredClaimNames.Exp,$"{new DateTimeOffset(DateTime.Now.AddMinutes(30)).ToUnixTimeSeconds()}"),
new Claim(ClaimTypes.Name, request.LoginID),
new Claim("Role", "角色")
};
var m5dkey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var creds = new SigningCredentials(m5dkey, SecurityAlgorithms.HmacSha256);//生成签名
var jwttoken = new JwtSecurityToken(
//颁发者
issuer: iss,
//接收者
audience: audience,
//参数
claims: claims,
//过期时间
expires: DateTime.Now.AddMinutes(30),
//证书签名
signingCredentials: creds
);
var token = new JwtSecurityTokenHandler().WriteToken(jwttoken);//生成token
return token;
}
return "密码错误";
}
}
设置默认控制器需要授权验证
运行项目
未添加token的请求 401
登录获取token
token放到表头去
再次请求刚刚401的接口
请求成功
个人笔记,不足之处请大佬们莫怪(●'◡'●)