一、自定义CheckJWTAttribute特性方式之前使用的是这种方式,根据jwt原理自定义生成JWT、验证jwt,感觉挺好。原理就是自定义一个拦截器(特性),拦截器对每个请求都优先进行处理,认证成功的进行下一步操作。1、定...
一、自定义CheckJWTAttribute特性方式
之前使用的是这种方式,根据jwt原理自定义生成JWT、验证jwt,感觉挺好。原理就是自定义一个拦截器(特性),拦截器对每个请求都优先进行处理,认证成功的进行下一步操作。
1、定义JWTPayload类
using System;
namespace HyDataMiddleground.Util
{
public class JWTPayload
{
public string UserName { get; set; }
public string Email { get; set; }
public string UserId { get; set; }
public DateTime Expire { get; set; }
}
}
2、定义CheckJWTAttribute特性
用于验证jwt:
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Threading.Tasks;
namespace HyDataMiddleground.Util
{
/// <summary>
/// JWT校检
/// </summary>
public class CheckJWTAttribute : BaseActionFilterAsync
{
private static readonly int _errorCode = 401;
public override async Task OnActionExecuting(ActionExecutingContext context)
{
if (context.ContainsFilter<NoCheckJWTAttribute>()) return;
try
{
var req = context.HttpContext.Request;
string token = req.GetToken();
if (token.IsNullOrEmpty())
{
context.Result = Error("缺少token", _errorCode);
return;
}
if (!JWTHelper.CheckToken(token, JWTHelper.JWTSecret))
{
context.Result = Error("token校检失败!", _errorCode);
return;
}
var payload = JWTHelper.GetPayload<JWTPayload>(token);
if (payload.Expire < DateTime.Now)
{
context.Result = Error("token过期!", _errorCode);
return;
}
}
catch (Exception ex)
{
context.Result = Error(ex.Message, _errorCode);
}
await Task.CompletedTask;
}
}
}
3、定义其他帮助类
(1)BaseActionFilterAsync类
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Threading.Tasks;
namespace HyDataMiddleground.Util
{
public class BaseActionFilterAsync : Attribute, IAsyncActionFilter
{
/// <summary>
/// action执行之前执行
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async virtual Task OnActionExecuting(ActionExecutingContext context)
{
await Task.CompletedTask;
}
/// <summary>
/// action执行之后执行
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async virtual Task OnActionExecuted(ActionExecutedContext context)
{
await Task.CompletedTask;
}
/// <summary>
/// 在模型绑定完成后,在操作之前异步调用。
/// </summary>
/// <param name="context"></param>
/// <param name="next"></param>
/// <returns></returns>
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
await OnActionExecuting(context);
if (context.Result == null)
{
var nextContext = await next();
await OnActionExecuted(nextContext);
}
}
/// <summary>
/// 返回JSON
/// </summary>
/// <param name="json">json字符串</param>
/// <returns></returns>
public ContentResult JsonContent(string json)
{
return new ContentResult { Content = json, StatusCode = 200, ContentType = "application/json; charset=utf-8" };
}
/// <summary>
/// 返回成功
/// </summary>
/// <returns></returns>
public ContentResult Success()
{
AjaxResult res = new AjaxResult
{
Success = true,
Msg = "请求成功!"
};
return JsonContent(res.ToJson());
}
/// <summary>
/// 返回成功
/// </summary>
/// <param name="msg">消息</param>
/// <returns></returns>
public ContentResult Success(string msg)
{
AjaxResult res = new AjaxResult
{
Success = true,
Msg = msg
};
return JsonContent(res.ToJson());
}
/// <summary>
/// 返回成功
/// </summary>
/// <param name="data">返回的数据</param>
/// <returns></returns>
public ContentResult Success<T>(T data)
{
AjaxResult<T> res = new AjaxResult<T>
{
Success = true,
Msg = "请求成功!",
Data = data
};
return JsonContent(res.ToJson());
}
/// <summary>
/// 返回错误
/// </summary>
/// <returns></returns>
public ContentResult Error()
{
AjaxResult res = new AjaxResult
{
Success = false,
Msg = "请求失败!"
};
return JsonContent(res.ToJson());
}
/// <summary>
/// 返回错误
/// </summary>
/// <param name="msg">错误提示</param>
/// <returns></returns>
public ContentResult Error(string msg)
{
AjaxResult res = new AjaxResult
{
Success = false,
Msg = msg,
};
return JsonContent(res.ToJson());
}
/// <summary>
/// 返回错误
/// </summary>
/// <param name="msg">错误提示</param>
/// <param name="errorCode">错误代码</param>
/// <returns></returns>
public ContentResult Error(string msg, int errorCode)
{
AjaxResult res = new AjaxResult
{
Success = false,
Msg = msg,
ErrorCode = errorCode
};
return JsonContent(res.ToJson());
}
}
}
(2)AjaxResult类
namespace HyDataMiddleground.Util
{
/// <summary>
/// Ajax请求结果
/// </summary>
public class AjaxResult
{
/// <summary>
/// 是否成功
/// </summary>
public bool Success { get; set; } = true;
/// <summary>
/// 错误代码
/// </summary>
public int ErrorCode { get; set; }
/// <summary>
/// 返回消息
/// </summary>
public string Msg { get; set; }
}
}
(3)上述代码中使用到的扩展类Extention
using Newtonsoft.Json;
using System;
using System.ComponentModel;
using System.IO;
using System.Reflection;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;
namespace HyDataMiddleground.Util
{
public static partial class Extention
{
/// <summary>
/// 构造函数
/// </summary>
static Extention()
{
JsonSerializerSettings setting = new JsonSerializerSettings();
JsonConvert.DefaultSettings = new Func<JsonSerializerSettings>(() =>
{
//日期类型默认格式化处理
setting.DateFormatHandling = DateFormatHandling.MicrosoftDateFormat;
setting.DateFormatString = "yyyy-MM-dd HH:mm:ss";
return setting;
});
}
/// <summary>
/// 将对象序列化成Json字符串
/// </summary>
/// <param name="obj">需要序列化的对象</param>
/// <returns></returns>
public static string ToJson(this object obj)
{
return JsonConvert.SerializeObject(obj);
}
}
}
(4)JWTHelper类
using Newtonsoft.Json.Linq;
namespace HyDataMiddleground.Util
{
/// <summary>
/// JWT帮助类
/// </summary>
public class JWTHelper
{
private static readonly string _headerBase64Url = "{\"alg\":\"HS256\",\"typ\":\"JWT\"}".Base64UrlEncode();
public static readonly string JWTSecret = ConfigHelper.GetValue("JWTSecret");
/// <summary>
/// 生成Token
/// </summary>
/// <param name="payloadJsonStr">载荷,数据JSON字符串</param>
/// <param name="secret">秘钥</param>
/// <returns></returns>
public static string GetToken(string payloadJsonStr, string secret)
{
string payloadBase64Url = payloadJsonStr.Base64UrlEncode();
string sign = $"{_headerBase64Url}.{payloadBase64Url}".ToHMACSHA256String(secret);
return $"{_headerBase64Url}.{payloadBase64Url}.{sign}";
}
/// <summary>
/// 获取Token中的数据
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public static JObject GetPayload(string token)
{
return token.Split('.')[1].Base64UrlDecode().ToJObject();
}
/// <summary>
/// 获取Token中的数据
/// </summary>
/// <typeparam name="T">泛型</typeparam>
/// <param name="token">token</param>
/// <returns></returns>
public static T GetPayload<T>(string token)
{
if (token.IsNullOrEmpty())
return default;
return token.Split('.')[1].Base64UrlDecode().ToObject<T>();
}
/// <summary>
/// 校验Token
/// </summary>
/// <param name="token">token</param>
/// <param name="secret">密钥</param>
/// <returns></returns>
public static bool CheckToken(string token, string secret)
{
var items = token.Split('.');
var oldSign = items[2];
string newSign = $"{items[0]}.{items[1]}".ToHMACSHA256String(secret);
return oldSign == newSign;
}
}
}
3、定义NoCheckJWTAttribute类
namespace HyDataMiddleground.Util
{
/// <summary>
/// 忽略JWT校验
/// </summary>
public class NoCheckJWTAttribute : BaseActionFilterAsync
{
}
}
4、使用CheckJWTAttribute
(1)定义一个BaseApiController,所有的controller都继承该类,BaseApiController类使用CheckJWTAttribute特性
using HyDataMiddleground.Util;
using Microsoft.AspNetCore.Mvc;
namespace HyDataMiddleground.Admin
{
/// <summary>
/// Mvc对外接口基控制器
/// </summary>
[CheckJWT]
public class BaseApiController : BaseController
{
}
}
(2)不需要认证的,使用NoCheckJWT限制,如下:
/// <summary>
/// 用户登录
/// </summary>
/// <param name="input">LoginInputDTO实体参数</param>
/// <returns></returns>
[Produces("application/json")]
[HttpPost]
[NoCheckJWT]
public async Task<string> SubmitLogin(LoginInputDTO input)
{
return await _userBus.SubmitLoginAsync(input);
}
二、使用aspnetcore提供的组件
1、安装组件
通过nugut搜索安装Microsoft.AspNetCore.Authentication.JwtBearer
2、jwtconfig配置
{
"Jwt": {
"Issuer": "Issuer",
"Audience": "Audience",
"SigningKey": "EF1DA5B4-C7FA-4240-B997-7D1701BF9BE2"
}
}
3、定义jwtconfig对应的实体
public class JwtConfig
{
public string Issuer{get;set;}
public string Audience{get;set;}
public string SigningKey{get;set;}
}
4、Startup.cs 配置
(1)ConfigureServices 中需要进行添加的信息
#region Token验证信息 JWT
//读取JWT的配置信息
var jwtconfig = Configuration.GetSection("Jwt").Get<JwtConfig>();
//JWT身份认证
services.AddAuthentication(option =>
{
option.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
option.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(option =>
{
option.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jwtconfig.Issuer,
ValidAudience = jwtconfig.Audience,
ValidateIssuer = true,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtconfig.SigningKey)),
// 缓冲过期时间,总的有效时间等于这个时间加上jwt的过期时间,如果不配置,默认是5分钟
ClockSkew = TimeSpan.FromSeconds(5)
};
option.Events = new JwtBearerEvents
{
//此处为权限验证失败后触发的事件
OnChallenge = context =>
{
//此处代码为终止.Net Core默认的返回类型和数据结果,这个很重要哦,必须
context.HandleResponse();
//自定义自己想要返回的数据结果,我这里要返回的是Json对象,通过引用Newtonsoft.Json库进行转换
var payload = JsonConvert.SerializeObject(new { message = "授权未通过,Token无效", status = false, code = 401 });
//自定义返回的数据类型
context.Response.ContentType = "application/json";
//自定义返回状态码,默认为401 我这里改成 200
context.Response.StatusCode = StatusCodes.Status200OK;
//输出Json数据结果
context.Response.WriteAsync(payload);
return Task.FromResult(0);
}
};
});
services.AddOptions().Configure<JwtConfig>(Configuration.GetSection("Jwt"));
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
#endregion
(2)Configure需要添加的信息
// JWT身份认证 app.UseAuthentication(); app.UseAuthorization();
以上配置好了 就基本上可以使用JWT验证了,下面介绍如何生成jwt token
5、封装了一个帮助类
/// <summary>
/// JWT帮助类信息
/// </summary>
public class JwtHelper
{
/// <summary>
/// 颁发JWT字符串
/// </summary>
/// <param name="tokenModel"></param>
/// <returns></returns>
public static string IssueJwt(Claim[] claim)
{
// 读取对应的配置信息
string iss = ConfigHelper.GetSectionValue("Jwt:Issuer");
string aud = ConfigHelper.GetSectionValue("Jwt:Audience");
string secret = ConfigHelper.GetSectionValue("Jwt:SigningKey");
//加密关键字
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
//编码格式
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
//token存储相关信息
var token = new JwtSecurityToken(
issuer: iss,
audience: aud,
claims: claim,
notBefore: DateTime.Now,
expires: DateTime.Now.AddSeconds(300),
signingCredentials: creds);
var jwtHandler = new JwtSecurityTokenHandler();
//生成对应的编码信息
var encodedJwt = jwtHandler.WriteToken(token);
return encodedJwt;
}
/// <summary>
/// 解析
/// </summary>
/// <param name="jwtStr"></param>
/// <returns></returns>
public static List<Claim> SerializeJwt(string jwtStr)
{
var jwtHandler = new JwtSecurityTokenHandler();
JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr);
object role;
try
{
jwtToken.Payload.TryGetValue(ClaimTypes.Role, out role);
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
var list = jwtToken.Claims.ToList();
return list;
}
}
6、控制器层使用示例
/// <summary>
/// 测试获取token信息
/// </summary>
/// <returns></returns>
[HttpGet]
public ActionResult<string> Get()
{
//参数存储的信息
var claim = new Claim[]{
new Claim("UserName", "测试"),
new Claim("UserId", "10086")
};
//生成证书
var token = JwtHelper.IssueJwt(claim);
//解析证书
var data= JwtHelper.SerializeJwt(token);
return Ok(new { token = token, data= data });
}
/// <summary>
/// 在需要身份认证的方法添加[Authorize]
/// </summary>
[Authorize]
[HttpGet("{id}")]
public ActionResult<string> Get(int id)
{
return "value";
}
然后 整体就基本上结束了。虽然说这种方式没有自定义的方式代码容易读,但是也方便了好多。
沃梦达教程
本文标题为:NET CORE项目中JWT的使用
基础教程推荐
猜你喜欢
- C# 调用WebService的方法 2023-03-09
- unity实现动态排行榜 2023-04-27
- C# windows语音识别与朗读实例 2023-04-27
- ZooKeeper的安装及部署教程 2023-01-22
- winform把Office转成PDF文件 2023-06-14
- C#控制台实现飞行棋小游戏 2023-04-22
- C#类和结构详解 2023-05-30
- C# List实现行转列的通用方案 2022-11-02
- linux – 如何在Debian Jessie中安装dotnet core sdk 2023-09-26
- 一个读写csv文件的C#类 2022-11-06
