ASP .NET 核心 2.2 JWT &声明网站身份认证 [英] ASP .NET CORE 2.2 JWT & Claims identity Authentication for Website
问题描述
我有一个 .net core 2.2 api,它生成(在成功登录时)一个 JWT 令牌,其中包含一个声明身份,该身份传递诸如用户名、权限和身份验证用户的角色等信息.
I have an .net core 2.2 api which generates (on a successful login) a JWT token which contains a claims identity that passes along information such as the username, permissions and roles of the authenticated user.
在我的 .net core 2.2 中.Web 应用程序我有一个登录机制,它通过控制器的用户检索 JWT 令牌.
In my .net core 2.2. web app I have a login mechanism which retrieves the JWT token via the user of a controller.
我的问题是.
如何从我的登录控制器中扩展令牌并设置我的网络应用程序以包括使用诸如 User.Identity.IsAuthenticated
、User.IsInRole("Admin")
和控制器操作,如 [Authorize]
和 [Authorize(Roles="Admin")]
How can I expand the token from within my login controller and set up my web app to include the use of the authentication mechanisms like User.Identity.IsAuthenticated
, User.IsInRole("Admin")
and controller actions like [Authorize]
and [Authorize(Roles="Admin")]
我已被指示查看外部身份验证提供商(例如 facebook/google)背后的源代码,但无济于事.
I've been directed towards looking at the source code behind external authentication providers such as facebook/google but to no avail.
提前致谢.
推荐答案
第一步是在Startup.cs
中使用cookie authentication
:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
在Configure
方法中,使用UseAuthentication
方法调用设置HttpContext.User 属性的身份验证中间件.在调用 UseMvcWithDefaultRoute
或 UseMvc
之前调用 UseAuthentication 方法:
In the Configure
method, use the UseAuthentication
method to invoke the Authentication Middleware that sets the HttpContext.User property. Call the UseAuthentication method before calling UseMvcWithDefaultRoute
or UseMvc
:
app.UseAuthentication();
然后在您的身份验证控制器中,在获取令牌和解码以获取声明后,您应该创建新的 ClaimsIdentity
,添加您的声明和登录用户:
Then in your auth controller , after getting token and decode to get the claims , you should create new ClaimsIdentity
, add your claims and sign-in user :
if (!User.Identity.IsAuthenticated)
{
var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, YourName));
identity.AddClaim(new Claim(ClaimTypes.Name, YourName));
identity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
//Add your custom claims
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = true });
}
之后,您可以使用User.Identity.IsAuthenticated
、User.IsInRole("Admin")
和 [Authorize(Roles="Admin")]代码>:
After that , you can useUser.Identity.IsAuthenticated
, User.IsInRole("Admin")
and [Authorize(Roles="Admin")]
:
[Authorize(Roles = "Admin")]
public IActionResult About()
{
var result = User.IsInRole("Admin");
return View();
}
这篇关于ASP .NET 核心 2.2 JWT &声明网站身份认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!