ASP.NET Core 3.1 系列之 Web API 中间件篇 (一)
身份验证(Jwt)中间件使用步骤
添加 NuGet程序包
添加包:Microsoft.AspNetCore.Authentication.JwtBearer
修改 Startup.cs 文件
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
RequireExpirationTime = true,
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ClockSkew = TimeSpan.Zero,
ValidIssuer = "testIssuer",
ValidAudience = "testAudience",
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("2342423fsklfjafjlkj234k23j2kj3jkljdf"))
};
});
app.UseAuthentication();
app.UseAuthorization();
添加生成Token方法
public string GetToken()
{
var claims = new[] { new Claim(ClaimTypes.Name, "testUser") };
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("2342423fsklfjafjlkj234k23j2kj3jkljdf"));
var jwtToken = new JwtSecurityToken(
claims: claims,
issuer: "testIssuer",
audience: "testAudience",
expires: DateTime.Now.AddMinutes(5),
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
);
return new JwtSecurityTokenHandler().WriteToken(jwtToken);
}
使用
请求头携带样例
Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoidGVzdFVzZXIiLCJleHAiOjE2NTQxNTY4NDcsImlzcyI6InRlc3Q2NjY2NjY2IiwiYXVkIjoidGVzdDIyMjIyMTExMSJ9.xV_ma0Q2qXg9kIzzpk7YhR_UTs5DfnvLuayBsGCGMac
更多中间件使用教程