Get Bearer Token whenLogin in
[HttpPost] [AllowAnonymous] [Route("api/account/login")] public HttpResponseMessage Login(LoginBindingModel login) { // todo: add auth if (login.UserName == "a@a.com" && login.Password == "a") { var identity = new ClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, login.UserName)); --------------------------------------------------------------------------------------------------------------------------- AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties()); var currentUtc = new SystemClock().UtcNow; ticket.Properties.IssuedUtc = currentUtc; ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30)); DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);return new HttpResponseMessage(HttpStatusCode.OK) { Content = new ObjectContent<object>(new { UserName = login.UserName, AccessToken = Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket) }, Configuration.Formatters.JsonFormatter) }; } return new HttpResponseMessage(HttpStatusCode.BadRequest); }---------------------------------------------------------------------------------------------------------------------------
1. Startup.Auth.cs文件
添加属性
publicstaticOAuthBearerAuthenticationOptions OAuthBearerOptions {get;privateset; }添加静态构造函数
/// <summary>/// 构造函数/// </summary>staticStartup(){OAuthBearerOptions =newOAuthBearerAuthenticationOptions();}方法ConfigureAuth中添加
// 使用不记名身份验证app.UseOAuthBearerAuthentication(OAuthBearerOptions);
2. WebApiConfig.cs文件
方法Register中添加
config.SuppressDefaultHostAuthentication();config.Filters.Add(newHostAuthenticationFilter("Bearer"));
3. 创建身份验证方法(Web API)
[HttpPost]publicasync Task<String> Authenticate(stringuserName,stringpassword){if(string.IsNullOrEmpty(userAccount) ||string.IsNullOrEmpty(password)){returnstring.Empty;}<br>// 用户查找失败User user = await UserManager.FindAsync(userName, password);if(user ==null){returnstring.Empty;}// 身份验证票证包括角色或者可以换成用户名varidentity =newClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType);identity.AddClaim(newClaim(ClaimTypes.NameIdentifier, user.Id.ToString()));if(UserManager.SupportsUserRole){IList<string> roles = await UserManager.GetRolesAsync(user.Id).ConfigureAwait(false);foreach(stringroleNameinroles){identity.AddClaim(newClaim(ClaimTypes.Role, roleName, ClaimValueTypes.String));}}AuthenticationTicket ticket =newAuthenticationTicket(identity,newAuthenticationProperties());varcurrentUtc = DateTime.UtcNow;ticket.Properties.IssuedUtc = currentUtc;ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(1));// 返回值returnStartup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);}4. 为需要身份验证的控制器或方法添加标记
[Authorize(Roles ="Admin")]publicclassUsersController : ApiController{}
1813
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
