配置密钥
在appsettings.json里添加
"JWT": {
"Key": "kkkkkkkkkkkkkkkkkkkkkkkkkk",
"Issuer": "II",
"Audience": "AA"
}
添加服务
在Program.cs中添加服务
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
//非固定可选可加
ValidateIssuer = true,
ValidIssuer = builder.Configuration["Jwt:Issuer"],
ValidateAudience = true,
ValidAudience = builder.Configuration["Jwt:Audience"],
//时间
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["JWT:KEY"]))
};
});
//所有控制器启动身份验证
builder.Services.AddMvc(options =>
{
options.Filters.Add(new AuthorizeFilter());
});
app.UseAuthentication();
app.UseAuthorization();
登录Api
登录控制器添加
写入JWT的登录api
[HttpPost]
public string JWTLogin(User user)
{
if (_context.User.Any(x => x.Account == user.Account))
{
var result = _context.User.Include(x => x.Role).Where(x => x.Account == user.Account && x.PassWord == user.PassWord).FirstOrDefault();
if (result == null)
{
return "账号或者密码错误";
}
else
{
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Email, result.Account),
new Claim("昵称", result.Name),
new Claim(ClaimTypes.Role,result.Role.Name)
};
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Key"]));
var jwt = new JwtSecurityToken
(
issuer: _configuration["JWT:Issuer"],
audience: _configuration["JWT:Audience"],
claims:claims,
//有效时间
expires:DateTime.Now.AddMinutes(30),
signingCredentials:new SigningCredentials(securityKey,SecurityAlgorithms.HmacSha256)
);
var token = new JwtSecurityTokenHandler().WriteToken(jwt);
return token;
}
}
else
{
return "账号不存在";
}
}
取出登录用户信息
Program.cs添加
builder.Services.AddHttpContextAccessor();
在控制器
var userName = _httpContextAccessor.HttpContext.User.FindFirstValue("昵称");
\
