EFC JWT模式

根据我们.net core 3.1的版本 jwt 推荐使用3.1.5


image.png

1.服务中注入jwtBearer

        using Microsoft.AspNetCore.Authentication.JwtBearer;
        using System.Text;
        using Microsoft.IdentityModel.Tokens;
        //---ConfigureServices中添加
        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
        {
            var secretByte = Encoding.UTF8.GetBytes(Configuration["Authentication:SecretKey"]);
            options.TokenValidationParameters = new TokenValidationParameters()
            {
                ValidateIssuer = true,
                ValidIssuer = Configuration["Authentication:Issuer"],
                ValidateAudience = true,
                ValidAudience = Configuration["Authentication:Audience"],
                ValidateLifetime = true,
                IssuerSigningKey = new SymmetricSecurityKey(secretByte)
            };
        });

2.创建身份认证控制器

    private readonly IConfiguration _configuration;
    public AuthController(IConfiguration configuration) {
        _configuration = configuration;
    }
    [AllowAnonymous]
    [HttpPost("login")]
    public IActionResult login([FromBody] LoginDto loginDto ) {
        //header
        var signingAlgorithm = SecurityAlgorithms.HmacSha256;
        //payload
        var claims = new[]
        {
            new Claim(JwtRegisteredClaimNames.Sub , "fake_user_id"),
        };
        //signiture
        var secretByte = Encoding.UTF8.GetBytes(_configuration["Authentication:SecretKey"]);
        var signingKey = new SymmetricSecurityKey(secretByte);
        var signingCredentials = new SigningCredentials(signingKey, signingAlgorithm);
        var token = new JwtSecurityToken(
            issuer: _configuration["Authentication:SecretKey"],
            audience: _configuration["Authentication:Audience"],
            claims,
            notBefore: DateTime.UtcNow,
            expires: DateTime.UtcNow.AddDays(1),
            signingCredentials
        );
        var tokenStr = new JwtSecurityTokenHandler().WriteToken(token);
        return Ok(tokenStr);
    }
}

3.注意IConfiguration 的引用using Microsoft.Extensions.Configuration;
appsetting.json 中添加

"Authentication": {
"SecretKey": "suibianzifuchaun",
"Issuer": "fakexiecheng.com",
"Audience": "fakexiecheng.com"
}

使用public AuthController(IConfiguration configuration){}
构造方法引入
使用[ ]方式获取_configuration["Authentication:SecretKey"]);

4.注意路由

    [Route("auth")]
public class AuthController : ControllerBase
{
    private readonly IConfiguration _configuration;

所以最终的访问是 这样的


image.png

5.复制token到jwt.io,粘贴密钥


image.png
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

友情链接更多精彩内容