// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure <JwtSeetings>(Configuration.GetSection("JwtSeetings")); var jwtSeetings = new JwtSeetings(); //绑定jwtSeetings Configuration.Bind("JwtSeetings", jwtSeetings); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = jwtSeetings.Issuer, ValidAudience = jwtSeetings.Audience, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSeetings.SecretKey)) }; }) ; services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); }
/// <summary> /// 使用 Microsoft.AspNetCore.Authentication.JwtBearer /// </summary> /// <param name="services"></param> private void JWTConfig(IServiceCollection services) { services.Configure <JwtSeetings>(Configuration.GetSection("JwtSeetings")); var jwtSeetings = new JwtSeetings(); //绑定jwtSeetings Configuration.Bind("JwtSeetings", jwtSeetings); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateAudience = true, ClockSkew = TimeSpan.FromMinutes(5), ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidateIssuer = true, ValidIssuer = jwtSeetings.Issuer, ValidAudience = jwtSeetings.Audience, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSeetings.SecretKey)) }; }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //将appsettings.json中的JwtSettings部分文件读取到JwtSettings中,这是给其他地方用的 services.Configure <JwtSeetings>(Configuration.GetSection("JwtSeetings")); //由于初始化的时候我们就需要用,所以使用Bind的方式读取配置 //将配置绑定到JwtSettings实例中 var jwtSettings = new JwtSeetings(); Configuration.Bind("JwtSeetings", jwtSettings); //注入:JWT认证配置 services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(o => { // //主要是jwt配置 token参数设置 // o.TokenValidationParameters = new TokenValidationParameters{ // //Token颁发机构 // ValidIssuer =jwtSettings.Issuer, // //颁发给谁 // ValidAudience =jwtSettings.Audience, // //这里的key要进行加密,需要引用 Microsoft.IdentityModel.Tokens // IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.SecretKey)) // //ValidateIssuerSigningKey=true, // ////是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比 // //ValidateLifetime=true, // ////允许的服务器时间偏移量 // //ClockSkew=TimeSpan.Zero // }; //自定义token取值 o.SecurityTokenValidators.Clear(); //修改token来源:默认是从请求头 context.Request.Headers["Authorization"] 中取 // 现在可直接从 context.Request.Headers["token"] 取 o.SecurityTokenValidators.Add(new CustomerTokenValidation()); o.Events = new JwtBearerEvents() { OnMessageReceived = context => { var token = context.Request.Headers["token"]; context.Token = token.FirstOrDefault(); return(Task.CompletedTask); } }; }); services.AddAuthorization(options => { options.AddPolicy("SuperAdminOnly", policy => policy.RequireClaim("SuperAdminOnly")); }); services.AddControllers(); }
public AuthroizeController(IOptions <JwtSeetings> jwtSeetingsOptions, IUowProvider uowProvider) { if (jwtSeetingsOptions != null) { _jwtSeetings = jwtSeetingsOptions.Value; } _uowProvider = uowProvider; }
public async Task <IActionResult> Login([FromServices] AccountService service, [FromServices] JwtSeetings jwtSeetings, [FromServices] IDateTimeService dateTimeService, [FromForm] LoginInputModel userLogin) { if (string.IsNullOrEmpty(userLogin.Account)) { throw new BingoX.LogicException(); } if (string.IsNullOrEmpty(userLogin.Password)) { throw new BingoX.LogicException(); } var user = service.Login(userLogin.Account, userLogin.Password); if (user == null) { throw new UnauthorizedException("登錄失败,帐号或密碼错误"); } if (user.State != CostControlWebApplication.Domain.CommonState.Enabled) { throw new UnauthorizedException("登錄失败,帐号已经注销"); } var now = dateTimeService.GetNow(); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSeetings.Secret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new Claim[] { new Claim(ClaimTypes.NameIdentifier, user.ID.ToString()), new Claim("Account", user.Account), new Claim(ClaimTypes.Name, user.Name), new Claim(ClaimTypes.Role, user.RoleType.ToString()), new Claim("UserID", user.ID.ToString()), }; var token = new JwtSecurityToken( jwtSeetings.Issuer, jwtSeetings.Audience, claims, now, now.AddDays(30), creds ); var tokenstring = new JwtSecurityTokenHandler().WriteToken(token); Response.Headers.Add("Authorization", "Bearer " + tokenstring); var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal userPrincipal = new ClaimsPrincipal(claimsIdentity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal); if (Url.IsLocalUrl(userLogin.ReturnUrl)) { return(Redirect(userLogin.ReturnUrl)); } else { return(Redirect("/ProjectMaster")); } }
public AuthroizeController(IOptions <JwtSeetings> jwtSeetingsOptions) { _jwtSeetings = jwtSeetingsOptions.Value; }
public AuthorizeController(IOptions <JwtSeetings> JwtSeetings) { _jwtSeetings = JwtSeetings.Value; }