1:startup:
services.AddAuthentication(IdentityService.AuthenticationScheme) .AddCookie(IdentityService.AuthenticationScheme, options => { options.AccessDeniedPath = "/Account/Login/"; options.LoginPath = "/Account/Login/"; //options.LogoutPath = new PathString("/Account/Logout"); options.Cookie.Domain = Configuration["CookieDomain"]; }); //自定义秘钥加密 services.AddDataProtection().DisableAutomaticKeyGeneration() .PersistKeysToFileSystem(new DirectoryInfo(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "ShareKeys"))) .SetApplicationName("Jst.LeYou");
services.AddScoped<PermissionFilter>();
sharekeys
<?xml version="1.0" encoding="utf-8"?> <key id="91732fd5-4ec5-447f-9c6f-c832bda18354" version="1"> <creationDate>2018-09-04T01:56:26.1864522Z</creationDate> <activationDate>2018-09-04T01:56:26.1729285Z</activationDate> <expirationDate>2118-09-04T01:56:26.1729285Z</expirationDate> <descriptor deserializerType="Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel.AuthenticatedEncryptorDescriptorDeserializer, Microsoft.AspNetCore.DataProtection, Version=2.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60"> <descriptor> <encryption algorithm="AES_256_CBC" /> <validation algorithm="HMACSHA256" /> <masterKey p4:requiresEncryption="true" xmlns:p4="http://schemas.asp.net/2015/03/dataProtection"> <!-- Warning: the key below is in an unencrypted form. --> <value></value> </masterKey> </descriptor> </descriptor> </key>
// 创建用户成功后,把用户信息存在 calm中 HttpContext.SignInAsync(IdentityService.AuthenticationScheme, user);
public class PermissionFilter : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext context) { if(IsNoLogin(context)) { base.OnActionExecuting(context); return; } if (!context.HttpContext.User.Identity.IsAuthenticated) { if (IsAjax(context)) { context.Result = new JsonResult(new { Success = false, Message = "您没有权限执行此操作!" }); return; } else { context.Result = new RedirectResult("/Account/Login"); return; } } base.OnActionExecuting(context); } }