ASP.NET Core 1.x提供了通过Cookie 中间件将用户主体序列化为一个加密的Cookie,然后在后续请求中验证Cookie并重新创建主体,并将其分配给HttpContext.User属性。如果您要提供自己的登录界面和用户数据库,可以使用作为独立功能的Cookie中间件。
ASP.NET Core 2.x的一个主要变化是不再存在Cookie中间件。取而代之的是在Startup.cs文件中的Configure方法中的调用UseAuthentication方法会添加设置HttpContext.User属性的 AuthenticationMiddleware 中间件。
一、在您的项目中安装Microsoft.AspNetCore.Authentication.CookiesNuGet包。此包包含Cookie中间件。
二、在Startup.cs文件中的Configure方法中添加下面的行,在app.UseMvc()语句之前:
//验证中间件
app.UseAuthentication();
添加权限中间件, 一定要放在app.UseAuthentication后
app.UsePermission(new PermissionMiddlewareOption()
{
LoginAction = @"/login",
NoPermissionAction = @"/denied",
//这个集合从数据库中查出所有用户的全部权限
UserPerssions = objUserRight.GetAllUserRight()
});
三、新增权限中间件
namespace Extensions.PermissionMiddleware
{
/// <summary>
/// 权限中间件选项
/// </summary>
public class PermissionMiddlewareOption
{
/// <summary>
/// 登录action
/// </summary>
public string LoginAction
{ get; set; }
/// <summary>
/// 无权限导航action
/// </summary>
public string NoPermissionAction
{ get; set; }
/// <summary>
/// 用户权限集合
/// </summary>
public IList<UserPermission> UserPerssions
{ get; set; } = new List<UserPermission>();
}
}
新增权限类
namespace Extensions.PermissionMiddleware
{
/// <summary>
/// 用户权限
/// </summary>
public class UserPermission
{
/// <summary>
/// 用户名
/// </summary>
public string UserCode
{ get; set; }
/// <summary>
/// 请求Url
/// </summary>
public string Url
{ get; set; }
}
}
新建扩展类
namespace Extensions.PermissionMiddleware
{
public static class PermissionMiddlewareExtensions
{
/// <summary>
/// 引入权限中间件
/// </summary>
/// <param name="builder">扩展类型</param>
/// <param name="option">权限中间件配置选项</param>
/// <returns></returns>
public static IApplicationBuilder UsePermission(this IApplicationBuilder builder
, PermissionMiddlewareOption option)
{
return builder.UseMiddleware<PermissionMiddleware>(option);
}
}
}
新建权限拦截类
namespace Extensions.PermissionMiddleware
{
/// <summary>
/// 权限中间件
/// </summary>
public class PermissionMiddleware
{
/// <summary>
/// 管道代理对象
/// </summary>
private readonly RequestDelegate _next;
/// <summary>
/// 权限中间件的配置选项
/// </summary>
private readonly PermissionMiddlewareOption _option;
/// <summary>
/// 用户权限集合
/// </summary>
internal static IList<UserPermission> _userPermissions;
/// <summary>
/// 权限中间件构造
/// </summary>
/// <param name="next">管道代理对象</param>
/// <param name="permissionResitory">权限仓储对象</param>
/// <param name="option">权限中间件配置选项</param>
public PermissionMiddleware(RequestDelegate next, PermissionMiddlewareOption option)
{
_next = next;
_option = option;
_userPermissions = option.UserPerssions;
}
/// <summary>
/// 调用管道
/// </summary>
/// <param name="context">请求上下文</param>
/// <returns></returns>
public Task Invoke(HttpContext context)
{
//请求Url
string questUrl = context.Request.Path.Value.ToLower();
//是否经过验证
bool isAuthenticated = context.User.Identity.IsAuthenticated;
if (isAuthenticated)
{
if(_userPermissions.GroupBy(g=>g.Url).Where(w=>w.Key.ToLower()==questUrl).Count()>0)
{
//用户名
string userCode =context.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Sid).Value;
if(_userPermissions.Where(w=>w.UserCode== userCode && w.Url.ToLower()==questUrl).Count()>0)
{
return _next(context);
}
else
{
//无权限跳转到拒绝页面
context.Response.Redirect(_option.NoPermissionAction);
}
}
}
return _next(context);
}
}
}
四、在controller登录事件中保存用户信息
#region 事件
[AllowAnonymous]
[HttpPost]
public JsonResult dologin(Myuser myuser)
{
reuult=SaveCookie(CookieAuthenticationDefaults.AuthenticationScheme, user, 20);
return Json(result);
}
public bool SaveCookie(string strCookeName, Myuser myuser, int intTimeDayOut)
{
if (myuser == null)
return false;
ClaimsIdentity identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, myuser.UserGUID.ToString()));
identity.AddClaim(new Claim(ClaimTypes.Sid, myuser.UserCode));
identity.AddClaim(new Claim(ClaimTypes.Name, myuser.UserName));
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
MyHttpContext.Current.SignInAsync(
strCookeName,
principal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(intTimeDayOut)
});
return true;
}
五、前端页面
<form id="frm_login" method="post">
<div class="login_box">
<h3>登录系统</h3>
<div class="input clearfix">
<span class="s1">
<i class="ico ico_people"></i>
</span>
<input type="text" name="UserCode" id="usr" placeholder="请输入用户名" autocomplete="off" />
</div>
<div class="input clearfix">
<span class="s1" id="spanPwd">
<i class="ico ico_lock"></i>
</span>
<span id="pwdbox">
<input type="Password" name="UserPassword" id="pwd" placeholder="请输入密码" />
</span>
<div class="eyes">
<i class="ico ico_eye-open" onclick="ShowHideEyes()"></i>
</div>
</div>
<div class="input clearfix" id="codeAera">
<span class="s1">
<i class="ico ico_code"></i>
</span>
<input type="text" name="Verifycode" id="code" class="fl" placeholder="请输入验证码" maxlength="4" autocomplete="off" />
<span class="codeImg">
<img title="点击刷新" src="home/doverifycode" id="codeimg" />
</span>
</div>
<div id="errorinfo" class="hide clearfix fl wmax mt10">
<i class="ico ico_exclamation"> </i>
<span class="orange">请输入正确的用户名</span>
</div>
<div class="pt20 clearfix fl wmax">
<button class="btn btn-large btn-block btn-orange " id="submit" type="submit">登 录</button>
</div>
</div>
</form>
详细代码:https://download.csdn.net/download/qq_39628933/10842083