在webapi中用jwt做身份验证的时候遇到的之前还好好的结果在做的时候一直通过Response.HttpContext.User.Identity.Name获取不到数据
目前已经找到解决方法如下:
登陆Controller
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using System.Security.Claims;
using System.IdentityModel.Tokens.Jwt;
using System.Text;
using Microsoft.Extensions.Configuration;
using IConfiguration = Microsoft.Extensions.Configuration.IConfiguration;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc.Filters;
using Witworks.Presentation.ModuleSuite.ERPWebApi.Models;
namespace Witworks.Presentation.ModuleSuite.ERPWebApi.Controllers
{
[Route("api/[controller]/[action]")]
[ApiController]
public class LoginController : BaseController
{
private readonly IConfiguration _configuration;
public LoginController(IConfiguration configuration)
{
_configuration = configuration;
}
[HttpPost]
public IActionResult GetToken([FromBody] User user)
{
if (user.Name == "admin" && user.Password == "123456")
{
var name = user.Name+"";
//颁发token
//创建jwt
//header
var singingAlorithm = SecurityAlgorithms.HmacSha256;
//payload(添加自定义内容)
var claims = new List<Claim>();
claims.AddRange(new[]{
// new Claim(ClaimTypes.Name,Id),
sub JwtRegisteredClaimNames.sub,用户id
//new Claim(JwtRegisteredClaimNames.Sub,Id)
new Claim(ClaimTypes.Name, name),
new Claim(JwtRegisteredClaimNames.Sub, name),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.Now.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64)
});
//signiture 私钥
var secretByte = Encoding.UTF8.GetBytes(_configuration["Authentication:SecretKey"]);
var signingKey = new SymmetricSecurityKey(secretByte);
var signingCredentials = new SigningCredentials(signingKey, singingAlorithm);
var token = new JwtSecurityToken(
issuer: _configuration["Authentication:Issuer"],
audience: _configuration["Authentication:audience"],
claims,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddDays(1),
signingCredentials
);
var tokenStr = new JwtSecurityTokenHandler().WriteToken(token);
return Json(new { success = true, code = 0, token = tokenStr, });
}
return Ok(new { code = -1 });
}
}
}
Startup类配置
//jwt注入
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
var secretByte = Encoding.UTF8.GetBytes(Configuration["Authentication:SecretKey"]);
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidIssuer = Configuration["Authentication:issuer"],
ValidateAudience = true,
ValidAudience = Configuration["Authentication:audience"],
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(secretByte)
};
});
在appsettings.json中的配置
"Authentication": {
"SecretKey": "xixixixixixixixxixixixixixi",
"issuer": "geren.com",
"audience": "geren.com"
}
测试接口
[HttpGet]
public IActionResult Gettoken()
{
string userId = Response.HttpContext.User.Identity.Name;
return Json(new { code = 0, mes = userId, });
}