JWT主要由三部分构成,header、 payload 、signature,下面给出详细的TOKEN生成及使用代码。
1、注册JWT服务
public void ConfigureServices(IServiceCollection services)
{
//注册JWT
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(opt => {
opt.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = JwtClaimTypes.Name,
RoleClaimType = JwtClaimTypes.Role,
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidAudience = Configuration["JWT:Audience"],
ValidIssuer = Configuration["JWT:Issuer"],
//ClockSkew = TimeSpan.FromSeconds(300), //时间偏移量
ClockSkew = TimeSpan.Zero,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration["JWT:SecurityKey"]))
};
});
}
2、配置JWT,启用认证
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
//启用验证
app.UseAuthorization();
}
3、配置appsettings.json
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"JWT": {
"SecurityKey": "fcf6dc95-6ba4-48ff-b584-a10fd61a054b",
"Issuer": "robinxu",
"Audience": "robinxu"
},
"AllowedHosts": "*"
}
4、服务端生成Token
///
/// 生成Token
///
///
///
[AllowAnonymous]
[HttpPost]
[Route("Token")]
public IActionResult Token([FromBody]TokenRequest request)
{
if (request.userName == "robin" && request.password == "666666")
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim("name", request.userName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:SecurityKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature);
var token = new JwtSecurityToken(
issuer: _configuration["JWT:Issuer"],
audience: _configuration["JWT:Audience"],
claims: claims,
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
date = DateTime.Now.ToString()
});
}
else
{
return BadRequest("账号或密码验证失败");
}
}
public class TokenRequest
{
public string userName { get; set; }
public string password { get; set; }
}
5、获取Token
请求:
{
"userName":"robin",
"password":"666666"
}
响应:
{
"token": "eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmZTczM2EyZC00MDYyLTRhOGEtOTNhZC00YThkMjliNDQyN2EiLCJuYW1lIjoicm9iaW4iLCJuYmYiOjE1ODE2ODEyMjQsImV4cCI6MTU4MTY4MzAyNCwiaXNzIjoieHVndW9odWkiLCJhdWQiOiJ4dWd1b2h1aSJ9.ttxs3NnZ3fTTvvcMymhpMPBTgP61oQuqc-klVwCYuoY",
"date": "2020/2/14 19:53:45"
}
6、验证Token请求地址
//
/// 测试
///
///
[HttpGet]
[Route("Test")]
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public string Test()
{
return Guid.NewGuid().ToString();
}
7、验证Token请求图示