本章讲下关于JWT身份验证的实现
1、Net.WebApi 项目 从Nuget中搜索安装JWT
2、Net.WebApi 项目添加文件夹AuthAttributes,且创建ApiAuthorizeAttribute.cs类
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http;
using System.Web.Http.Controllers;
using JWT;
using JWT.Serializers;
using System.Text;
using System.Net;
using System.Net.Http;
using Net.Repository.Common;
namespace Net.WebApi.AuthAttributes
{
/// <summary>
/// 身份认证拦截器
/// </summary>
public class ApiAuthorizeAttribute: AuthorizeAttribute
{
/// <summary>
/// 指示指定的控件是否已获得授权
/// </summary>
/// <param name="actionContext"></param>
/// <returns></returns>
protected override bool IsAuthorized(HttpActionContext actionContext)
{
//前端请求api时会将token存放在名为"auth"的请求头中
var authHeader = from t in actionContext.Request.Headers where t.Key == "auth" select t.Value.FirstOrDefault();
if (authHeader != null)
{
const string secretKey = "Hello World";//加密秘钥
string token = authHeader.FirstOrDefault();//获取token
if (!string.IsNullOrEmpty(token))
{
try
{
byte[] key = Encoding.UTF8.GetBytes(secretKey);
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
//解密
var json = decoder.DecodeToObject<JWTAuthInfo>(token, key, verify: true);
if (json != null)
{
//判断口令过期时间
if (json.ExpiryDateTime < DateTime.Now)
{
return false;
}
actionContext.RequestContext.RouteData.Values.Add("auth", json);
return true;
}
return false;
}
catch (Exception ex)
{
return false;
}
}
}
return false;
}
/// <summary>
/// 处理授权失败的请求
/// </summary>
/// <param name="actionContext"></param>
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
var erModel = new
{
Success="false",
ErrorCode="401"
};
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, erModel, "application/json");
}
/// <summary>
/// 为操作授权时调用
/// </summary>
/// <param name="actionContext"></param>
//public override void OnAuthorization(HttpActionContext actionContext)
//{
//}
}
}
3、添加 LoginController控制器
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http;
//using System.Web.Mvc;
using System.Text;
using JWT;
using JWT.Algorithms;
using JWT.Serializers;
using Net.Repository.RequestEntity;
using Net.Repository.Common;
using Net.Repository;
using Net.IApp;
namespace Net.WebApi.Controllers
{
/// <summary>
/// 登录
/// </summary>
[RoutePrefix("api/[controller]/[action]")]
public class LoginController : ApiController
{
private readonly IUserInfoApp userInfoApp;
public LoginController(IUserInfoApp _userInfoApp)
{
userInfoApp = _userInfoApp;
}
/// <summary>
/// 登录
/// </summary>
/// <param name="loginRequest"></param>
/// <returns></returns>
[HttpPost]
public ResponseResult Login([FromBody] LoginRequest loginRequest)
{
if (loginRequest != null)
{
var userInfo = userInfoApp.Login(loginRequest.UserName, loginRequest.PassWord);
if (userInfo != null)
{
bool isAdmin = (loginRequest.UserName == "admin") ? true : false;
//身份验证信息
JWTAuthInfo authInfo = new JWTAuthInfo { UserName = userInfo.UserName, Roles = new List<string> { "admin", "commonrole" }, IsAdmin = isAdmin, ExpiryDateTime = DateTime.Now.AddHours(2) };
const string secretKey = "Hello World";//口令加密秘钥
try
{
byte[] key = Encoding.UTF8.GetBytes(secretKey);
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();//加密方式
IJsonSerializer serializer = new JsonNetSerializer();//序列化Json
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();//base64加解密
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);//JWT编码
var token = encoder.Encode(authInfo, key);//生成令牌
return new ResponseResult() { Message = "登陆成功", Data = token };
}
catch (Exception ex)
{
return new ResponseResult() { Code = 505, Message = "服务器错误:" + ex.Message.ToString() };
}
}
else
{
return new ResponseResult() { Code = 201, Message = "用户名或密码错误" };
}
}
else
{
return new ResponseResult() { Code = 201, Message = "用户名或密码错误"};
}
}
}
}
using System;
using System.Collections.Generic;
using System.Text;
namespace Net.Repository.Common
{
/// <summary>
/// JWT验证配置信息
/// </summary>
public class JWTAuthInfo
{
/// <summary>
/// 用户名
/// </summary>
public string UserName { get; set; }
/// <summary>
/// 角色
/// </summary>
public List<string> Roles { get; set; }
/// <summary>
/// 是否管理员
/// </summary>
public bool IsAdmin { get; set; }
/// <summary>
/// 口令过期时间
/// </summary>
public DateTime? ExpiryDateTime { get; set; }
}
}
通过PostMan调用此接口获取登录口令
在UserInfoController 中添加 [ApiAuthorize] 身份验证
/// 用户信息
/// </summary>
[RoutePrefix("api/[controller]/[action]")]
[ApiAuthorize]
public class UserInfoController : ApiController
完整代码下载地址:https://download.csdn.net/download/liwan09/11720168