Swagger與JWT
創建項目后首先我們要引用這幾個包
打開appsettings.json在里面添加
"LemonToken": {
"secret":"123456789123456789",
"issuer": "text.cn",//發行人
"audience": "test",//訂閱人
"accessExpiraction": 180000,//過期時間
"refreshExpiration": 60//刷新時間 秒
},
創建個文件夾tokens在里面創建個LemonToken類
public class LemonToken
{
[JsonProperty("Secret")]
public string Secret { get; set; }
[JsonProperty("Issuer")]
public string Issuer { get; set; }
[JsonProperty("Audience")]
public string Audience { get; set; }
[JsonProperty("AccessExpiration")]
public int AccessExpiration { get; set; }
[JsonProperty("RefreshExpiration")]
public string RefreshExpiration { get; set; }
}
在右鍵項目屬性,點擊生成。找到XML文檔文件並打勾,在取消顯示警告(S):里面加上1591
在點擊Startup,找到 public void ConfigureServices(IServiceCollection services)並在里面加上
var basePath = Microsoft.DotNet.PlatformAbstractions.ApplicationEnvironment.ApplicationBasePath; services.AddSwaggerGen(a => { a.SwaggerDoc("a", new OpenApiInfo { Version = "a", Title = "第一個接口標題", Description = $"Description的描述", Contact = new OpenApiContact { Name = "zhangsan", Email = "1919675978@qq.com", Url = new Uri("https://www.cnblogs.com/mvpbest/") }, License = new OpenApiLicense { Name = "lisi", Url = new Uri("https://www.cnblogs.com/mvpbest/") } }); a.OrderActionsBy(a => a.RelativePath); var Xmalpath = Path.Combine(basePath, "JWTExercise.xml"); a.IncludeXmlComments(Xmalpath, true); //SecurityDefinition安全定義 //公開的接口安全方案 a.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme() { Description = "在下框中輸入請求頭中需要添加Jwt授權Token:Bearer Token", Name = "Authorization", In = ParameterLocation.Header, Type = SecuritySchemeType.ApiKey, BearerFormat = "JWTExercise", Scheme = "Bearer" }); a.AddSecurityRequirement(new OpenApiSecurityRequirement { { new OpenApiSecurityScheme{ Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer"} },new string[] { } } }); }); LemonToken lemonToken = Configuration.GetSection("LemonToken").Get<LemonToken>(); services.AddAuthentication("Bearer") .AddJwtBearer(option => { option.TokenValidationParameters = new TokenValidationParameters() { ValidateIssuerSigningKey = true, ValidateIssuer = true, ValidIssuer = lemonToken.Issuer, ValidateAudience = true, ValidAudience = lemonToken.Audience, ValidateLifetime = true, ClockSkew = new TimeSpan(30), RequireExpirationTime = true, SaveSigninToken = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(lemonToken.Secret)) }; }); services.AddAuthorization(options => { //單獨角色 options.AddPolicy("Client", policy => policy.RequireRole("Client").Build()); //或的關系 options.AddPolicy("SystemOrAdmin", policy => policy.RequireRole("Admin", "System").Build()); //與的關系 options.AddPolicy("SystemAndAdmin", policy => policy.RequireRole("System").RequireRole("Admin")); });
在找到Configure按下面寫,記得位置不能弄錯
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseSwagger();
app.UseSwaggerUI(c => {
c.SwaggerEndpoint($"swagger/a/swagger.json", $"a");// 將swagger設置成首頁
//訪問該文件,注意localhost:8001/swagger是訪問不到的,
//去launchSettings.json把launchUrl去掉
c.RoutePrefix = "";
});
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
找到launchSettings.json按一下改
{
"$schema": "http://json.schemastore.org/launchsettings.json",
"profiles": {
"JWTExercise": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "",
"applicationUrl": "http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
在創建一個Home控制器
[Route("api/[controller]/[action]")] [ApiController] public class HomeController : ControllerBase { private readonly ILogger<HomeController> _logger; private readonly IConfiguration _configuration; public HomeController(IConfiguration configuration, ILogger<HomeController> logger) { _logger = logger; _configuration = configuration; } #region 獲取token /// <summary> /// token獲取接口數據 /// </summary> [HttpGet] public string Gettoken() { LemonToken lemon = _configuration.GetSection("LemonToken").Get<LemonToken>(); Claim[] claim = { new Claim(JwtRegisteredClaimNames.FamilyName,"猴三棍"), new Claim(JwtRegisteredClaimNames.Sub,"屁股朝天"), new Claim(JwtRegisteredClaimNames.Email,"120@qq.com"), new Claim(ClaimTypes.Role,"Client") }; JwtSecurityToken token = new JwtSecurityToken( issuer: lemon.Issuer, audience: lemon.Audience, claims: claim, expires: DateTime.Now.AddMinutes(lemon.AccessExpiration), signingCredentials: new SigningCredentials( new SymmetricSecurityKey(Encoding.ASCII.GetBytes(lemon.Secret)) , SecurityAlgorithms.HmacSha256) ); string JwtToken = new JwtSecurityTokenHandler().WriteToken(token); return JwtToken; } #endregion [HttpGet] [Authorize] public string Find() { return "成功"; } }
點擊執行
直接點擊無法顯示輸出的值
而你先點擊下面的獲取到了密鑰,在登陸就可以有權限了
