HTML5技术

在ASP.NET Core中使用Angular2,以及与Angular2的Token base身份认证 - 微软一站式示(3)

字号+ 作者:H5之家 来源:H5之家 2016-11-20 15:00 我要评论( )

services.AddAuthorization(auth = {auth.AddPolicy( "Bearer", new AuthorizationPolicyBuilder().AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme).RequireAuthenticatedUser().Build());});

services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); });

这里是添加身份认证服务

在Configure方法中添加如下代码:

app.UseExceptionHandler(appBuilder => { appBuilder.Use(async (context, next) => { var error = context.Features[typeof(IExceptionHandlerFeature)] as IExceptionHandlerFeature; (error != null && error.Error is SecurityTokenExpiredException) { context.Response.StatusCode = 401; context.Response.ContentType = "application/json"; await context.Response.WriteAsync(JsonConvert.SerializeObject(new RequestResult { State = RequestState.NotAuth, Msg = "token expired" })); } (error != null && error.Error != null) { context.Response.StatusCode = 500; context.Response.ContentType = "application/json"; await context.Response.WriteAsync(JsonConvert.SerializeObject(new RequestResult { State = RequestState.Failed, Msg = error.Error.Message })); } await next(); }); });

本段是Handle当身份认证失败时抛出的异常,并返回合适的json

在相同的方法中添加另外一段代码:

app.UseJwtBearerAuthentication(new JwtBearerOptions() { TokenValidationParameters = new TokenValidationParameters() { IssuerSigningKey = TokenAuthOption.Key, ValidAudience = TokenAuthOption.Audience, ValidIssuer = TokenAuthOption.Issuer, // When receiving a token, check that we've signed it. ValidateIssuerSigningKey = true, // When receiving a token, check that it is still valid. ValidateLifetime = true, // This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time // when validating the lifetime. As we're creating the tokens locally and validating them on the same // machines which should have synchronised time, this can be set to zero. Where external tokens are // used, some leeway here could be useful. ClockSkew = TimeSpan.FromMinutes(0) } });

本段代码是应用JWTBearerAuthentication身份认证。

4.1.3.TokenAuthController.cs

在Controllers中新建一个Web API Controller Class,命名为TokenAuthController.cs。我们将在这里完成登录授权,

在同文件下添加两个类,分别用来模拟用户模型,以及用户存储,代码应该是这样:

public class User { public Guid ID { get; set; } public string Username { get; set; } public string Password { get; set; } } UserStorage { public static List<User> Users { get; set; } = new List<User> { ,Password = }, ,Password = }, ,Password = } }; }

接下来在TokenAuthController.cs中添加如下方法

private string GenerateToken(User user, DateTime expires) { var handler = new JwtSecurityTokenHandler(); ClaimsIdentity identity = new ClaimsIdentity( ), new[] { , user.ID.ToString()) } ); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = TokenAuthOption.Issuer, Audience = TokenAuthOption.Audience, SigningCredentials = TokenAuthOption.SigningCredentials, Subject = identity, Expires = expires }); return handler.WriteToken(securityToken); }

该方法仅仅只是生成一个Auth Token,接下来我们来添加另外一个方法来调用它

在相同文件中添加如下代码

[HttpPost] public string GetAuthToken(User user) { var existUser = UserStorage.Users.FirstOrDefault(u => u.Username == user.Username && u.Password == user.Password); if (existUser != null) { var requestAt = DateTime.Now; var expiresIn = requestAt + TokenAuthOption.ExpiresSpan; var token = GenerateToken(existUser, expiresIn); return JsonConvert.SerializeObject(new { stateCode = 1, requertAt = requestAt, expiresIn = TokenAuthOption.ExpiresSpan.TotalSeconds, accessToken = token }); } else { }); } }

 

接下来我们来完成授权部分,在相同的文件中添加如下代码:

 

1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。

相关文章
  • ASP.NET Aries 入门开发教程6:列表数据表格的格式化处理及行内编辑 - 路过秋天

    ASP.NET Aries 入门开发教程6:列表数据表格的格式化处理及行内编辑

    2016-11-20 16:00

  • 在ionic/cordova中使用百度地图插件 - LarryNE

    在ionic/cordova中使用百度地图插件 - LarryNE

    2016-11-20 13:00

  • ASP.NET Core 之 Identity 入门(二) - Savorboard

    ASP.NET Core 之 Identity 入门(二) - Savorboard

    2016-11-16 13:00

  • ASP.NET Core 之 Identity 入门(一) - Savorboard

    ASP.NET Core 之 Identity 入门(一) - Savorboard

    2016-11-07 15:00

网友点评
c