1.建立一个正常运行的.net core web api项目,并且能运行。
2.增加BasicMiddleware类
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace WebApplication6
{
public class BasicMiddleware
{
private readonly RequestDelegate _next;
public const string AuthorizationHeader = "Authorization";
public const string WWWAuthenticateHeader = "WWW-Authenticate";
private BasicUser _user;
public BasicMiddleware(RequestDelegate next, BasicUser user)
{
_next = next;
_user = user;
}
public Task Invoke(HttpContext httpContext)
{
var Request = httpContext.Request;
string auth = Request.Headers[AuthorizationHeader];
if (auth == null)
{
return BasicResult(httpContext);
}
//取得Base64 并解码成字符串
string[] authParts = auth.Split(' ');
if (authParts.Length != 2)
return BasicResult(httpContext);
string base64 = authParts[1];
string authValue;
try
{
byte[] bytes = Convert.FromBase64String(base64);
authValue = Encoding.ASCII.GetString(bytes);
}
catch
{
authValue = null;
}
if (string.IsNullOrEmpty(authValue))
return BasicResult(httpContext);
// 解析用户名密码
string userName;
string password;
int sepIndex = authValue.IndexOf(':');
if (sepIndex == -1)
{
userName = authValue;
password = string.Empty;
}
else
{
userName = authValue.Substring(0, sepIndex);
password = authValue.Substring(sepIndex + 1);
}
//判断用户名密码
if (_user.UserName.Equals(userName) && _user.Password.Equals(password))
return _next(httpContext);
else
return BasicResult(httpContext);
}
/// <summary>
/// 返回需Basic 认证输出
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
private static Task BasicResult(HttpContext httpContext)
{
httpContext.Response.StatusCode = 401;
httpContext.Response.Headers.Add(WWWAuthenticateHeader, "Basic realm=\"localhost\"");
return Task.FromResult(httpContext);
}
}
public static class BasicMiddlewareExtensions
{
public static IApplicationBuilder UseBasicMiddleware(this IApplicationBuilder builder, BasicUser user)
{
if (user == null)
throw new ArgumentException("需设置Basic用户");
return builder.UseMiddleware<BasicMiddleware>(user);
}
}
}
3.建立BasicUser类
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace WebApplication6
{
public class BasicUser
{
public string UserName { get; set; }
public string Password { get; set; }
}
}
4.在Startup.cs类中的Configure方法中使用中间件,并且设置账号和密码
app.UseBasicMiddleware(new BasicUser {
UserName="admin", Password="123456"
});
5.运行网址,点击执行,弹框
6.输入账号密码
7.效果,顺利返回数值
一般这种认证都是比较弱的,可以使用JWT代替。