zoukankan      html  css  js  c++  java

  • Web API 身份验证 不记名令牌验证 Bearer Token Authentication

    1. Startup.Auth.cs文件

    添加属性

    public static OAuthBearerAuthenticationOptions OAuthBearerOptions { get; private set; }

     添加静态构造函数

            /// <summary>
        /// 构造函数
        /// </summary>
        static Startup()
        {
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
        }

     方法ConfigureAuth中添加

                // 使用不记名身份验证
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);

    2. WebApiConfig.cs文件

    方法Register中添加

                config.SuppressDefaultHostAuthentication();
            config.Filters.Add(new HostAuthenticationFilter("Bearer"));

    3. 创建身份验证方法(Web API)

            [HttpPost]
        public async Task<String> Authenticate(string userName, string password)
        {
            if (string.IsNullOrEmpty(userAccount) || string.IsNullOrEmpty(password))
            {
                return string.Empty;
            }
    
            // 用户查找失败
            User user = await UserManager.FindAsync(userName, password);            
            if (user == null)
            {
                return string.Empty;
            }

            // 身份验证票证包括角色或者可以换成用户名
            var identity = new ClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType);
            identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
            if (UserManager.SupportsUserRole)
            {
                IList<string> roles = await UserManager.GetRolesAsync(user.Id).ConfigureAwait(false);
                foreach (string roleName in roles)
                {
                    identity.AddClaim(new Claim(ClaimTypes.Role, roleName, ClaimValueTypes.String));
                }
            }
            AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
            var currentUtc = DateTime.UtcNow;
            ticket.Properties.IssuedUtc = currentUtc;
            ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(1));

            // 返回值
            return Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
        }

     4. 为需要身份验证的控制器或方法添加标记

    [Authorize(Roles = "Admin")]
public class UsersController : ApiController
{
}

    测试:

    在请求头部中添加令牌,格式如下:

    Authorization: Bearer boQtj0SCGz2GFGz...
  • 相关阅读:
    logstash定义表达式
    redis
    HTTP 错误 500.19 请求的页面的相关配置数据无效 解决办法
    redis sentinel集群
    Elasticsearch6.0及其head插件安装
    Elasticsearch5.2.0部署过程的坑
    Centos7远程桌面 vnc/vnc-server的设置
    python-day27--configparser模块
    python-day27--hashlib模块-摘要算法
    python-day21--os模块
  • 原文地址:https://www.cnblogs.com/nele/p/5052037.html
Copyright © 2011-2022 走看看