.Net Core 学习笔记（二）

JWT 认证

1. 安装 JWT 相关 NuGet 包：Microsoft.AspNetCore.Authentication.JwtBearer

dotnet add package Microsoft.AspNetCore.Authentication.JwtBearer

2. 配置 ASP.NET Core JWT 认证

public class Program
{public static void Main(string[] args){CreateHostBuilder(args).Build().Run();}public static IHostBuilder CreateHostBuilder(string[] args) =>Host.CreateDefaultBuilder(args).ConfigureWebHostDefaults(webBuilder =>{webBuilder.UseStartup<Startup>();});
}

public class Startup
{public Startup(IConfiguration configuration){Configuration = configuration;}public IConfiguration Configuration { get; }// This method gets called by the runtime. Use this method to add services to the container.public void ConfigureServices(IServiceCollection services){//Log.StartupPath = AppContext.BaseDirectory;// Configure Swagger//services.ConfigureSwaggerUp();// Configure Cross Domain//services.ConfigureCrossDomainUp();// Configure Services//services.ConfigureServicesUp();// Configure JWT Tokenservices.ConfigureJWTToken();//services.AddControllers(options =>//{//    options.Filters.Add(typeof(GlobalExceptionFilter));//});}// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.public void Configure(IApplicationBuilder app, IWebHostEnvironment env){if (env.IsDevelopment()){app.UseDeveloperExceptionPage();}// Enable Swagger//app.UseSwagger();//app.UseSwaggerUI(c =>//{//    c.SwaggerEndpoint($"/swagger/V1/swagger.json", "InterviewPlatform.WebAPI V1");//    c.RoutePrefix = "";//});app.UseRouting();app.UseCors("CorsPolicy");app.UseAuthentication();app.UseAuthorization();app.UseEndpoints(endpoints =>{endpoints.MapControllers();});//app.UseStaticFiles(new StaticFileOptions//{//    FileProvider = new PhysicalFileProvider(Path.Combine(AppContext.BaseDirectory, "file")),//    RequestPath = "/file"//});}
}

public static class ConfigureToken
{private static string SecurityKey = null;public static string GetSecurityKey(){if (SecurityKey == null)SecurityKey = Guid.NewGuid().ToString();return SecurityKey;}public static void ConfigureJWTToken(this IServiceCollection services){if (services == null)throw new ArgumentNullException(nameof(services));services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>{options.TokenValidationParameters = new TokenValidationParameters{ValidateIssuerSigningKey = true,IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(GetSecurityKey())),ValidateIssuer = false,ValidateAudience = false,ValidateLifetime = true,ClockSkew = TimeSpan.FromDays(7)};});}
}

3. BaseController: 所有 controller 的基类

[Route("api/[controller]/[action]")]
[ApiController]
[Authorize]
public class BaseController : ControllerBase
{[NonAction]public AuthInfo ValidateToken(){string jwtToken = HttpContext.Request.Headers["Authorization"];jwtToken = jwtToken.Split(" ")[1];JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();JwtSecurityToken jwt = tokenHandler.ReadJwtToken(jwtToken);IEnumerable<Claim> claims = jwt.Claims;return new AuthInfo(){ID = Convert.ToInt32(claims.First(x => x.Type == "ID").Value),EasUserId = claims.First(x => x.Type == "EasUserId").Value,EmployeeNumber = claims.First(x => x.Type == "EmployeeNumber").Value,Name = claims.First(x => x.Type == "Name").Value,Email = claims.First(x => x.Type == "Email").Value,Phone = claims.First(x => x.Type == "Phone").Value,};}
}

public class UserController : BaseController
{private readonly IUserCore _userCore;public UserController(IUserCore userCore){_userCore = userCore;}[HttpPost][AllowAnonymous]public ResultModel Login([FromBody] LoginRequest request){LoginResponse response = _userCore.Login(request);var claims = new Claim[] {new Claim("ID",response.User.ID.ToString()),new Claim("EasUserId",response.User.EasUserId),new Claim("EmployeeNumber",response.User.EmployeeNumber),new Claim("Name",response.User.Name),new Claim("Email",response.User.Email==null?"":response.User.Email),new Claim("Phone",response.User.Phone==null?"":response.User.Phone),};var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigureToken.GetSecurityKey()));var token = new JwtSecurityToken(claims: claims,notBefore: DateTime.UtcNow,expires: DateTime.UtcNow.AddDays(5),signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256));var jwtToken = new JwtSecurityTokenHandler().WriteToken(token);response.Token = jwtToken;return new ResultModel{Code = 200,Data = response};}
}

public class DataController : BaseController
{private readonly IDataCore _dataCore;public DataController(IDataCore dataCore){_dataCore = dataCore;}[HttpPost]public ResultModel Createdata(CreateDataRequest request){AuthInfo authInfo = ValidateToken(); // 获取bool result = _dataCore.CreateData(request, authInfo.EasUserId);return new ResultModel{Code = 200,Data = result};}
}