1.安装依赖包 Microsoft.AspNetCore.Authentication.JwtBearer;等
2.AccountController.cs 里加获取token方法
[ApiController]
[Route("[controller]")]
public class AccountController : ControllerBase
{
private readonly JwtOptions _jwtOptions;
public AccountController(IOptionsSnapshot<JwtOptions> jwtOptions)
{
_jwtOptions = jwtOptions.Value;
}
[AllowAnonymous]
[HttpPost("Login")]
public IActionResult SignIn([FromBody] SignInDto dto)
{
//db query...
//return Unauthorized();
//user info
var user = new UserModel()
{
Id = Guid.NewGuid(),
UserName = dto.UserName,
Email = "test@test.com"
};
// 1 定义需要的Cliam信息
var claims = new[]
{
new Claim(JwtClaimTypes.Id, user.Id.ToString("N")),
new Claim(JwtClaimTypes.Name, user.UserName),
new Claim(JwtClaimTypes.Email, user.Email)
};
// 2 设置SecretKey
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SymmetricSecurityKeyString));
// 3 设置加密算法
var algorithm = SecurityAlgorithms.HmacSha256;
// 4 生成签名凭证信息
var signingCredentials = new SigningCredentials(secretKey, algorithm);
// 5 设置Token过期时间
var expires = DateTime.Now.AddMinutes(_jwtOptions.ExpiresMinutes);
// 6 生成token
var securityToken = new JwtSecurityToken(
claims: claims,
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
notBefore: DateTime.Now,
expires: expires,
signingCredentials: signingCredentials
);
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
var token = jwtSecurityTokenHandler.WriteToken(securityToken);
return Ok(new { token });
}
}
3.Program.cs, [DependsOn(typeof(AbpAspNetCoreAuthenticationJwtBearerModule),此处和xxApiModule功能类似模仿即可
using JwtDemo.Api.Options;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.Configure<JwtOptions>(builder.Configuration.GetSection(JwtOptions.Name));
var jwtOptions = builder.Configuration.GetSection(JwtOptions.Name).Get<JwtOptions>();
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
ValidIssuer = jwtOptions.Issuer,
ValidateAudience = false,
ValidAudience = jwtOptions.Audience,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOptions.SymmetricSecurityKeyString)),
};
});
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
4.对应控制器加Authorize
5.JwtOptions.cs
public class JwtOptions
{
public const string Name = "Jwt";
public string Audience { get; set; }
public string Issuer { get; set; }
public double ExpiresMinutes { get; set; } = 30d;
public Encoding Encoding { get; set; } = Encoding.UTF8;
public string SymmetricSecurityKeyString { get; set; }
public SymmetricSecurityKey SymmetricSecurityKey => new(Encoding.GetBytes(SymmetricSecurityKeyString));
}
6.appsettings.json
"Jwt": {
"Audience": "http://localhost:5105",
"Issuer": "http://localhost:5105",
"ExpiresMinutes": 30,
"SymmetricSecurityKeyString": "Symmetric Security Key"
}
7.主要的类已列了,其他可以自己声明,比如SignInDto.cs、UserModel.cs
最后假如看不懂的可以下载我之前上传的资源: