添加swagger程序包
Startup配置服務中間件
項目屬性
調試瀏覽器
啟動項目查看swaggerUI是否正常。。正常如下圖
准備工作完畢,下面開始加入jwt驗證功能
添加相關程序包
Startup 向swagger頁面添加提供驗證token相關配置
運行並請求接口看看是否請求的時候帶請求頭 Authorization
創建jwt配置類
public class JwtIssuerOptions
{
public string Issuer { get; set; }
public string Audience { get; set; }
public string ValidFor { get; set; }
public string ValidAudience { get; set; }
public string SecurityKey { get; set; }
}
appsettings.json配置信息
開啟jwt驗證服務
#region 注冊JwT驗證
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(opt =>
{
//獲取appsettings配置值
var jwtmodel = Configuration.GetSection(nameof(JwtIssuerOptions));
var iss = jwtmodel[nameof(JwtIssuerOptions.Issuer)];
var key = jwtmodel[nameof(JwtIssuerOptions.SecurityKey)];
var audience = jwtmodel[nameof(JwtIssuerOptions.Audience)];
opt.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,//是否驗證Issuer
ValidateAudience = true,//是否驗證Audience
ValidateLifetime = true,//是否驗證失效時間
ClockSkew = TimeSpan.FromSeconds(30),
ValidateIssuerSigningKey = true,//是否驗證SecurityKey
ValidAudience = audience,//Audience
ValidIssuer = iss,//Issuer,這兩項和前面簽發jwt的設置一致
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key))//拿到SecurityKey
};
});
#endregion
Configure 中間件
這樣配置方面就准備好了開始使用
添加登錄請求類
public class LoginRequest
{
[Required(ErrorMessage = "請輸入在賬號")]
public string LoginID { get; set; }
[Required(ErrorMessage = "請輸入在密碼")]
public string LoginPwd { get; set; }
}
添加登錄獲取token的控制器
[Route("api/[controller]/[action]")]
[ApiController]
public class AuthController : ControllerBase
{
private readonly IConfiguration _configuration;
public AuthController(IConfiguration configuration)
{
_configuration = configuration;
}
[HttpPost]
public string Gettoken([FromBody]LoginRequest request)
{
var jwtmodel = _configuration.GetSection(nameof(JwtIssuerOptions));
var iss = jwtmodel[nameof(JwtIssuerOptions.Issuer)];
var key = jwtmodel[nameof(JwtIssuerOptions.SecurityKey)];
var audience = jwtmodel[nameof(JwtIssuerOptions.Audience)];
if (request.LoginID == "admin" && request.LoginPwd == "1")
{
var claims = new[]{
new Claim(JwtRegisteredClaimNames.Nbf,$"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}") ,
new Claim (JwtRegisteredClaimNames.Exp,$"{new DateTimeOffset(DateTime.Now.AddMinutes(30)).ToUnixTimeSeconds()}"),
new Claim(ClaimTypes.Name, request.LoginID),
new Claim("Role", "角色")
};
var m5dkey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var creds = new SigningCredentials(m5dkey, SecurityAlgorithms.HmacSha256);//生成簽名
var jwttoken = new JwtSecurityToken(
//頒發者
issuer: iss,
//接收者
audience: audience,
//參數
claims: claims,
//過期時間
expires: DateTime.Now.AddMinutes(30),
//證書簽名
signingCredentials: creds
);
var token = new JwtSecurityTokenHandler().WriteToken(jwttoken);//生成token
return token;
}
return "密碼錯誤";
}
}
設置默認控制器需要授權驗證
運行項目
未添加token的請求 401
登錄獲取token
token放到表頭去
再次請求剛剛401的接口
請求成功
個人筆記,不足之處請大佬們莫怪(●'◡'●)