新建Webapi 项目
Startup.cs 有
app.AddAuthentication();
这是个中间件,
public async Task Invoke(HttpContext context)
{
context.Features.Set<IAuthenticationFeature>(new AuthenticationFeature
{
OriginalPath = context.Request.Path,
OriginalPathBase = context.Request.PathBase
});
// Give any IAuthenticationRequestHandler schemes a chance to handle the request
var handlers = context.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
var handler = await handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
return;
}
}
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await context.AuthenticateAsync(defaultAuthenticate.Name);
if (result?.Principal != null)
{
context.User = result.Principal;
}
}
await _next(context);
}
这里有给context.User 赋值的,实际上就是HttpContext 。
context.AuthenticateAsync(defaultAuthenticate.Name); 这句话追踪下去,可以 到这里
这会找到这个Handler, Handler 的执行方法的返回值就是上面代码里的result
HttpContext 在Controller的基类里有直接访问的。就是这里的赋值在后面的Controller 的HttpContext 可以读取。ControllerBase里也有User 属性: User=>HttpContext?.User
可以建一个父类,封装下,直接读取UserName 和 Role
[Route("api/[controller]")]
[ApiController]
public class BaseController : ControllerBase
{
protected string UserName
{
get
{
return User.Identity.Name;
}
}
protected Role Role
{
get
{
var s = User.Claims.FirstOrDefault(t => t.Type.EndsWith("role"))?.Value;
if (!string.IsNullOrWhiteSpace(s))
{
return (Role)Enum.Parse(typeof(Role), s);
}
return Role.Invaild;
}
}
protected Role[] Roles
{
get
{
return User.Claims.Where(t => t.Type.EndsWith("role"))?.Select(t=> (Role)Enum.Parse(typeof(Role), t.Value)).ToArray();
//if (!string.IsNullOrWhiteSpace(s))
//{
// return (Role)Enum.Parse(typeof(Role), s);
//}
//return Role.Invaild;
}
}
}
获取token, 再带上token访问需授权的action, 可以在action中获取到User 信息了。
如果用Bearer .
Post man中在Request Header上加上Authorization,或者在Authorization 上选择Bearer token
