1,首先安装
Nuget 包 Microsoft.AspNetCore.Authentication.JwtBearer
2,配置 appsettings.json
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"JWT": {
"SecretKey": "weblog@vip.qq.com",
"Issuer": "2222",
"Expires": 10,
"Audience": "22333"
}
}
3配置
//配置跨域
builder.Services.AddCors(policy =>
{
policy.AddPolicy("CorsPolicy", opt => opt
.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod()
.WithExposedHeaders("X-Pagination"));
});
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidIssuer = builder.Configuration["JWT:Issuer"],
ValidateAudience = true,
ValidAudience = builder.Configuration["JWT:Audience"],
ValidateLifetime = true,
IssuerSigningKey =
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["JWT:SecretKey"]))
};
});
3配置中间件
//使用跨域
app.UseCors("CorsPolicy");
app.UseAuthentication();
app.UseAuthorization();
4添加jwt操作类
public class TokenHelper
{
private readonly IConfiguration _configuration;
private readonly JwtSecurityTokenHandler _jwtSecurityTokenHandler;
public TokenHelper(IConfiguration configuration, JwtSecurityTokenHandler jwtSecurityTokenHandler)
{
_configuration = configuration;
_jwtSecurityTokenHandler = jwtSecurityTokenHandler;
}
/// <summary>
/// 创建加密JwtToken
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public string CreateJwtToken<T>(T user)
{
var claimList = this.CreateClaimList(user);
// 从 appsettings.json 中读取SecretKey
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:SecretKey"]));
// 从 appsettings.json 中读取Expires
var expires = Convert.ToDouble(_configuration["JWT:Expires"]);
// 选择加密算法
var algorithm = SecurityAlgorithms.HmacSha256;
// 生成Credentials
var signingCredentials = new SigningCredentials(secretKey, algorithm);
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(
_configuration["JWT:Issuer"], //Issuer
_configuration["JWT:Audience"], //Audience
claims: claimList,
DateTime.Now, //notBefore
DateTime.Now.AddDays(expires), //expires
signingCredentials //Credentials
);
string jwtToken = _jwtSecurityTokenHandler.WriteToken(jwtSecurityToken);
return jwtToken;
}
public T GetToken<T>(string Token)
{
Type t = typeof(T);
try
{
object objA = Activator.CreateInstance(t);
var b = _jwtSecurityTokenHandler.ReadJwtToken(Token);
foreach (var item in b.Claims)
{
PropertyInfo _Property = t.GetProperty(item.Type);
if (_Property != null && _Property.CanRead)
{
_Property.SetValue(objA, item.Value, null);
}
}
return (T)objA;
}
catch (Exception)
{
return default(T);
}
}
/// <summary>
/// 创建包含用户信息的CalimList
/// </summary>
/// <param name="authUser"></param>
/// <returns></returns>
private List<Claim> CreateClaimList<T>(T authUser)
{
var Class = typeof(User);
List<Claim> claimList = new List<Claim>();
foreach (var item in Class.GetProperties())
{
claimList.Add(new Claim(item.Name, Convert.ToString(item.GetValue(authUser))));
}
return claimList;
}
}
/// <summary>
/// 登录用户信息
/// </summary>
public class User
{
public int UserID { get; set; }
public string Email { get; set; }
public string Name { get; set; }
public string Role { get; set; }
public User(int userID = default, string name = default, string email = default, string role = default)
{
this.UserID = userID;
this.Name = name;
this.Email = email;
this.Role = role;
}
}
public class UserModel
{
public string UserID { get; set; }
public string Email { get; set; }
public string Name { get; set; }
public string Role { get; set; }
public UserModel()
{
}
}
5添加自定义权限过滤器
public class LoginAttrbuteFilter : IAuthorizationFilter
{
public JwtSecurityTokenHandler _jwtSecurityTokenHandler;
private readonly TokenHelper _tokenHelper;
public LoginAttrbuteFilter(
JwtSecurityTokenHandler jwtSecurityTokenHandler, TokenHelper tokenHelper)
{
_jwtSecurityTokenHandler = jwtSecurityTokenHandler;
_tokenHelper = tokenHelper;
}
public void OnAuthorization(AuthorizationFilterContext context)
{
var heads = context.HttpContext.Request.Headers["Authorization"];
var a = _tokenHelper.GetToken<UserModel>(heads);
if (a==null)
{
context.Result = new JsonResult(new {data="未登录"});
}
}
6 ioc注入
var services = builder.Services;
services.AddTransient<TokenHelper>();
services.AddTransient<LoginAttrbuteFilter>();
services.AddTransient<JwtSecurityTokenHandler>();
7实战
[ApiController]
[Route("api/[controller]/[action]")]
public class HomeController : ControllerBase
{
private readonly ILogger<HomeController> _logger;
private readonly IConfiguration _configuration;
private readonly JwtSecurityTokenHandler _jwtSecurityTokenHandler;
private readonly TokenHelper _tokenHelper;
public HomeController(
ILogger<HomeController> logger,
IConfiguration configuration,
JwtSecurityTokenHandler jwtSecurityTokenHandler,
TokenHelper tokenHelper)
{
_logger = logger;
_configuration = configuration;
_jwtSecurityTokenHandler = jwtSecurityTokenHandler;
_tokenHelper = tokenHelper;
}
[HttpGet(Name = "Login")]
public string Login()
{
var aaa = _tokenHelper.CreateJwtToken(new User(1, "22", "33", "44"));
return aaa;
}
[HttpGet(Name = "Get")]
public string Get()
{
return null;
}
[HttpGet(Name = "post")]
[TypeFilter(typeof(LoginAttrbuteFilter))]
public string post()
{
return "成功";
}
}