ASP .NET CORE 2.2的JWT&声明网站的身份验证 [英] ASP .NET CORE 2.2 JWT & Claims identity Authentication for Website
问题描述
我有一个.net core 2.2 api,该API生成(成功登录后)一个JWT令牌,该令牌包含声明身份,身份声明身份传递诸如身份验证用户的用户名,权限和角色之类的信息.
在我的.net core 2.2中.网络应用程序中,我有一个登录机制,该机制可以通过控制器的用户检索JWT令牌.
我的问题是
如何从我的登录控制器内部扩展令牌并设置Web应用程序以包括对User.Identity.IsAuthenticated,User.IsInRole("Admin")之类的身份验证机制以及[Authorize]和[Authorize(Roles="Admin")]
我一直被引导着查看外部身份验证提供程序(例如facebook/google)背后的源代码,但无济于事.
谢谢.
第一步是在Startup.cs中使用cookie authentication:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
在Configure方法中,使用UseAuthentication方法来调用设置HttpContext.User属性的身份验证中间件.在调用UseMvcWithDefaultRoute或UseMvc之前,先调用UseAuthentication方法:
app.UseAuthentication();
然后在您的auth控制器中,获取令牌并进行解码以获取声明后,您应该创建新的ClaimsIdentity,添加声明并登录用户:
if (!User.Identity.IsAuthenticated)
{
var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, YourName));
identity.AddClaim(new Claim(ClaimTypes.Name, YourName));
identity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
//Add your custom claims
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = true });
}
之后,您可以使用User.Identity.IsAuthenticated,User.IsInRole("Admin")和[Authorize(Roles="Admin")]:
[Authorize(Roles = "Admin")]
public IActionResult About()
{
var result = User.IsInRole("Admin");
return View();
}
I have an .net core 2.2 api which generates (on a successful login) a JWT token which contains a claims identity that passes along information such as the username, permissions and roles of the authenticated user.
In my .net core 2.2. web app I have a login mechanism which retrieves the JWT token via the user of a controller.
My question is.
How can I expand the token from within my login controller and set up my web app to include the use of the authentication mechanisms like User.Identity.IsAuthenticated, User.IsInRole("Admin") and controller actions like [Authorize] and [Authorize(Roles="Admin")]
I've been directed towards looking at the source code behind external authentication providers such as facebook/google but to no avail.
Thanks in advance.
First step is to use cookie authentication in Startup.cs :
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
In the Configure method, use the UseAuthentication method to invoke the Authentication Middleware that sets the HttpContext.User property. Call the UseAuthentication method before calling UseMvcWithDefaultRoute or UseMvc:
app.UseAuthentication();
Then in your auth controller , after getting token and decode to get the claims , you should create new ClaimsIdentity , add your claims and sign-in user :
if (!User.Identity.IsAuthenticated)
{
var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, YourName));
identity.AddClaim(new Claim(ClaimTypes.Name, YourName));
identity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
//Add your custom claims
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = true });
}
After that , you can useUser.Identity.IsAuthenticated, User.IsInRole("Admin") and [Authorize(Roles="Admin")]:
[Authorize(Roles = "Admin")]
public IActionResult About()
{
var result = User.IsInRole("Admin");
return View();
}
这篇关于ASP .NET CORE 2.2的JWT&声明网站的身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
