1、创建.net core web api项目:
Create a Web API with ASP.NET Core and Visual Studio
按照上面链接创建项目。
2、添加JWT(Bearer Token)认证
- 在项目的Startup.cs文件中的ConfigureServices方法添加以下代码添加并配置JWT认证:
//添加jwt验证:services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,//是否验证Issuer
ValidateAudience = true,//是否验证Audience
ValidateLifetime = true,//是否验证失效时间
ValidateIssuerSigningKey = true,//是否验证SecurityKey
ValidAudience = Configuration["audience"],//Audience
ValidIssuer = Configuration["issuer"],//Issuer,这两项和签发jwt的设置一致
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecurityKey"]))//拿到SecurityKey
};
});
其中 Configuration["audience"]、Configuration["issuer"]、Configuration["SecurityKey"]为读取项目中appsettings.json文件中的自定义字符串。
appsettings.json文件:
{
"Logging": {
"LogLevel": {
"Default": "Warning"
}
},
"AllowedHosts": "*",
"SecurityKey": "dd%88*377f6d&f£$$£$#$%#$%#$FF33fssDG^!3",
"issuer": "guetServer",
"audience": "guetClient"
}