|
namespace JWTS.Controllers
{
[Route("api/[controller]")]
[ApiController]
public class AuthenticationController : ControllerBase
{
#region 构造函数
private ILogger<AuthenticationController> _logger;
private IJWTService _iJWTService;
private readonly IConfiguration _iConfiguration;
public AuthenticationController(ILogger<AuthenticationController> logger,
IConfiguration configuration
, IJWTService service)
{
_logger = logger;
_iConfiguration = configuration;
_iJWTService = service;
}
#endregion
/// <summary>
/// 实际场景使用Post方法
///http://localhost:5000/api/Authentication/Login?name=william&password=123123
/// </summary>
/// <param></param>
/// <param></param>
/// <returns></returns>
[Route("Login")]
[HttpGet]
public IActionResult Login(string name, string password)
{
//这里应该是需要去连接数据库做数据校验,为了方便所有用户名和密码写死了
if ("william".Equals(name) && "123123".Equals(password))//应该数据库
{
var role = "Administrator";//可以从数据库获取角色
string token = this._iJWTService.GetToken(name, role);
return new JsonResult(new
{
result = true,
token
});
}
return Unauthorized("Not Register!!!");
}
}
}
2、资源中心API:使用从认证服务中心获取的Token,去访问资源,资源中心对用户信息以及Token进行鉴权操作,认证失败返回401
1、资源中心添加Nuget包(Microsoft.AspNetCore.Authentication.JwtBearer)
2、添加Authentication服务,添加JwtBearer,通过Configuration获取TokenParameter对象
using System;
using System.Text;
using API.Core.Models;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;
namespace API.Core
{
public class Startup
{
private TokenParameter _tokenParameter;
public IConfiguration Configuration { get; }
public Startup(IConfiguration configuration)
{
Configuration = configuration;
_tokenParameter = configuration.GetSection("TokenParameter").Get<TokenParameter>()??throw new ArgumentNullException(nameof(_tokenParameter));
}
(编辑:ASP站长网)
|
小米笔记本pro152021
室内加湿器对人体有害
怎样分辨伪劣电线
分析建筑物内电子设备