新建Webapi 项目
Startup.cs 有
app.AddAuthentication();
这是个中间件,
public async Task Invoke(HttpContext context) { context.Features.Set<IAuthenticationFeature>(new AuthenticationFeature { OriginalPath = context.Request.Path, OriginalPathBase = context.Request.PathBase }); // Give any IAuthenticationRequestHandler schemes a chance to handle the request var handlers = context.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>(); foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync()) { var handler = await handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler; if (handler != null && await handler.HandleRequestAsync()) { return; } } var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync(); if (defaultAuthenticate != null) { var result = await context.AuthenticateAsync(defaultAuthenticate.Name); if (result?.Principal != null) { context.User = result.Principal; } } await _next(context); }
这里有给context.User 赋值的,实际上就是HttpContext 。
context.AuthenticateAsync(defaultAuthenticate.Name); 这句话追踪下去,可以 到这里
这会找到这个Handler, Handler 的执行方法的返回值就是上面代码里的result
HttpContext 在Controller的基类里有直接访问的。就是这里的赋值在后面的Controller 的HttpContext 可以读取。ControllerBase里也有User 属性: User=>HttpContext?.User
可以建一个父类,封装下,直接读取UserName 和 Role
[Route("api/[controller]")] [ApiController] public class BaseController : ControllerBase { protected string UserName { get { return User.Identity.Name; } } protected Role Role { get { var s = User.Claims.FirstOrDefault(t => t.Type.EndsWith("role"))?.Value; if (!string.IsNullOrWhiteSpace(s)) { return (Role)Enum.Parse(typeof(Role), s); } return Role.Invaild; } } protected Role[] Roles { get { return User.Claims.Where(t => t.Type.EndsWith("role"))?.Select(t=> (Role)Enum.Parse(typeof(Role), t.Value)).ToArray(); //if (!string.IsNullOrWhiteSpace(s)) //{ // return (Role)Enum.Parse(typeof(Role), s); //} //return Role.Invaild; } } }
获取token, 再带上token访问需授权的action, 可以在action中获取到User 信息了。
如果用Bearer .
Post man中在Request Header上加上Authorization,或者在Authorization 上选择Bearer token