02_Web Api使用Jwt

  • 02_Web Api使用Jwt已关闭评论
  • 34 次浏览
  • A+
所属分类:.NET技术
摘要

JWT(JSON Web Token)是一种用于在网络应用之间传递信息的开放标准(RFC 7519)。它使用 JSON 对象在安全可靠的方式下传递信息,通常用于身份验证和信息交换。

JWT(JSON Web Token)是一种用于在网络应用之间传递信息的开放标准(RFC 7519)。它使用 JSON 对象在安全可靠的方式下传递信息,通常用于身份验证和信息交换。

在Web API中,JWT通常用于对用户进行身份验证和授权。当用户登录成功后,服务器会生成一个Token并返回给客户端,客户端在接下来的请求中携带该Token来进行身份验证。

使用:

安装包:JWT

1.添加一个Web Api项目

appsettings.json设置

"JWT": {      "SecretKey": "123456789ffffffffffffffffffffffffffffffffffff", //私钥     "Issuer": "zhansan", //发布者     "Audience": "lisi" //接收者   }

 

2.添加一个控制器用于获取Token

    [Route("api/[controller]/[action]")]     [ApiController]     public class TokenController : ControllerBase     {         public readonly IConfiguration configuration;         public TokenController(IConfiguration configuration)         {             this.configuration = configuration;         }          [HttpGet]         public string GetToken()         {//HmacSha256算法             var signingAlogorithm = SecurityAlgorithms.HmacSha256;             //存放用户信息              var claims = new[]             {                 new Claim(JwtRegisteredClaimNames.Sub,"userId"),                 new Claim(ClaimTypes.Role,"admin"),                 new Claim(ClaimTypes.Name,"ClaimTypesName"),new Claim("policy","EmployeeNumber"),             };//取出私钥并以utf8编码字节输出             var secretByte = Encoding.UTF8.GetBytes(configuration["JWT:SecretKey"]);             //使用非对称算法对私钥进行加密             var signingKey = new SymmetricSecurityKey(secretByte);             //使用HmacSha256来验证加密后的私钥生成数字签名             var signingCredentials = new SigningCredentials(signingKey, signingAlogorithm);             //生成Token             var Token = new JwtSecurityToken(                     issuer: configuration["JWT:Issuer"],        //发布者                     audience: configuration["JWT:Audience"],    //接收者                     claims: claims,                             //存放的用户信息                     notBefore: DateTime.UtcNow,                 //发布时间                     expires: DateTime.UtcNow.AddDays(1),        //有效期设置为1天                     signingCredentials                           //数字签名                 );             //生成字符串token             var _Tokenstring = new JwtSecurityTokenHandler().WriteToken(Token);              return _Tokenstring;         }     }

 

3.Program.cs设置

public class Program     {         public static void Main(string[] args)         {             var builder = WebApplication.CreateBuilder(args);              // Add services to the container.             builder.Services.AddControllers();             // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle             builder.Services.AddEndpointsApiExplorer();              builder.Services.AddSwaggerGen(c =>             {                 //版本控制                 foreach (FieldInfo field in typeof(EditionV).GetFields())                 {                     c.SwaggerDoc(field.Name, new OpenApiInfo()                     {                         Title = field.Name + "版本",                         Version = field.Name,                         Description = $"{field.Name}版本"                     });                 }                 //为swagger UI设置xml文档注释路径                 var file = Path.Combine(AppContext.BaseDirectory, "WebApiApp.xml");  // xml文档绝对路径                 var path = Path.Combine(AppContext.BaseDirectory, file); // xml文档绝对路径                 c.IncludeXmlComments(path, true); // true : 显示控制器层注释                 c.OrderActionsBy(o => o.RelativePath); // 对action的名称进行排序,如果有多个,就可以看见效果了。                  //注册到swagger中                 c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme                 {                     Description = "Value: Bearer {token}",                     Name = "Authorization",                     In = ParameterLocation.Header,                     Type = SecuritySchemeType.ApiKey,                     Scheme = "Bearer"                 });                  c.AddSecurityRequirement(new OpenApiSecurityRequirement()                 {{                     new OpenApiSecurityScheme                     {                         Reference = new OpenApiReference                         {                             Type = ReferenceType.SecurityScheme,                             Id = "Bearer"                         }, Scheme = "oauth2", Name = "Bearer", In = ParameterLocation.Header }, new List<string>()                     }                 });             });
//策略授权 builder.Services.AddAuthorization(options => { options.AddPolicy("policy", policy => policy.RequireClaim("policy")); }); //身份认证--如何鉴权 builder.Services.AddAuthentication(options => { //options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { //取出私钥 var secretByte = Encoding.UTF8.GetBytes(builder.Configuration["JWT:SecretKey"]); options.TokenValidationParameters = new TokenValidationParameters() { //验证发布者 ValidateIssuer = true, ValidIssuer = builder.Configuration["JWT:Issuer"], //验证接收者 ValidateAudience = true, ValidAudience = builder.Configuration["JWT:Audience"], //ValidateIssuerSigningKey= true,//是否验证SigningKey //验证是否过期 ValidateLifetime = true, //验证私钥 IssuerSigningKey = new SymmetricSecurityKey(secretByte) }; }); //配置跨域服务 builder.Services.AddCors(options => { options.AddPolicy("cross", p => { p.AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader(); }); }); var app = builder.Build(); // Configure the HTTP request pipeline. if (app.Environment.IsDevelopment()) { app.UseSwagger(); app.UseSwaggerUI(c => { foreach (FieldInfo field in typeof(EditionV).GetFields()) { c.SwaggerEndpoint($"/swagger/{field.Name}/swagger.json", $"{field.Name}"); } }); } app.UseCors("cross"); //跨域 app.UseHttpsRedirection(); app.UseAuthentication(); //鉴权 app.UseAuthorization();//授权 app.MapControllers(); app.Run(); } }

 

4.swagger设置

    /// <summary>     /// 版本     /// </summary>     public static class EditionV     {         public static string V1;         public static string V2;         public static string V3;         public static string V4;         public static string V5;     }

添加一个WebApiApp.xml文件,属性:复制到输出目录:始终复制

项目--->属性--->文档文件勾上。

02_Web Api使用Jwt

 

5.添加一个UserInfoController.cs用于测试

    [Route("api/[controller]/[action]")]     [ApiController]     [ApiExplorerSettings(GroupName =nameof(EditionV.V1))]     public class UserInfoController : ControllerBase     {         /// <summary>         /// 获取用户         /// </summary>         /// <param name="id"></param>         /// <returns></returns>         [HttpGet]         [Authorize]         public string GetUser(string id)         {             return $"用户id{id}---姓名:张三";         }          /// <summary>         /// 获取用户名         /// </summary>         /// <returns></returns>         [Authorize(Roles = "admin")]         [HttpPost]         public string GetUserName()         {             return "你好,我是李四";         }
/// <summary> /// 获取用户颜色 /// </summary> /// <returns></returns> [Authorize(Policy = "policy")] [HttpPost] public string GetUserColour() { return "我衣服的颜色为红色"; } }