在Program.cs 文件的 builder.Services.AddControllersWithViews() 下一行添加如下代码:
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(option =>
{
option.LoginPath = "/Home/Login";
option.ExpireTimeSpan = TimeSpan.FromDays(2);
});
var app = builder.Build() 下面添加如下代码:
app.UseAuthentication();
登录认证控制器代码如下:
[HttpPost]
public async Task<IActionResult> Login(LoginModel dto)
{
if(dto.UserName=="admin" && dto.Password=="123")
{
var claims = new List<Claim>()
{
new Claim(ClaimTypes.Name,dto.UserName),
new Claim(ClaimTypes.Role,"Admin")
};
var claimIdentity=new ClaimsIdentity(claims,CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,new ClaimsPrincipal(claimIdentity));
return RedirectToAction("Index");
}
else
{
ViewBag.msg = "Login Failed";
return View();
}
}
登出控制器代码如下:
public async Task<IActionResult> Logout()
{
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
return RedirectToAction("Index");
}
需要认证的控制器或者动作上添加:
[Authorize]
不需要认证的动作上添加:
[AllowAnonymous]