Asp.Net Core 6 之基于Cookie 的身份验证
2021/12/19 9:20:07
本文主要是介绍Asp.Net Core 6 之基于Cookie 的身份验证,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
配置身份验证
Program.cs
//选择使用那种方式来身份验证
builder.Services.AddAuthentication(option =>
{
option.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; //默认身份验证方案
option.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
option.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
option.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme;
option.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, option =>
{
option.LoginPath = "/Account/Login";//如果没有找到用户信息---身份验证失败--授权也失败了---就跳转到指定的Action
option.AccessDeniedPath = "/Home/NoAuthority";
});
app.UseRouting();
app.UseAuthentication();//身份验证中间件
app.UseAuthorization(); //授权中间件
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
登录
AccountController.cs
public class AccountController : Controller
{
[HttpGet]
public IActionResult Login()
{
return View();
}
[HttpPost]
public async Task<IActionResult> Login(string useName, string password)
{
if ("admin".Equals(useName) && "123456".Equals(password))
{
var claims = new List<Claim>()//身份验证信息
{
new Claim(ClaimTypes.Name,$"{useName}"),
new Claim("Userid","1"),
new Claim(ClaimTypes.Role,"Admin"),
new Claim(ClaimTypes.Role,"User"),
new Claim(ClaimTypes.Email,$"xxx@163.com"),
new Claim("password",password),//可以写入任意数据
new Claim("Account","Administrator"),
new Claim("role","admin"),
new Claim("QQ","xxx")
};
ClaimsPrincipal userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Customer"));
HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(30),//过期时间:30分钟
}).Wait();
var user = HttpContext.User;
return base.Redirect("/Fourth/Index");
}
else
{
base.ViewBag.Msg = "用户或密码错误";
}
return await Task.FromResult<IActionResult>(View());
}
}
重点:
ClaimsPrincipal userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Customer"));
HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(30),//过期时间:30分钟
}).Wait();
检查用户和密码正确后,根据当前用户信息(比如:从数据库查询),创建ClaimsPrincipal 的实例对象,
然后为身份验证方案CookieAuthenticationDefaults.AuthenticationScheme 执行登录。
HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal, new AuthenticationProperties(){....}
其中:CookieAuthenticationDefaults.AuthenticationScheme是身份验证方案名
登出
HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme)
授权的使用
public XXXController:Controller
.....
[Authorize(AuthenticationSchemes = CookieAuthenticationDefaults.AuthenticationScheme)]
public IActionResult Xxx()
{
return View();
}
因为以下代码
builder.Services.AddAuthentication(option =>
{
//设置默认身份验证方案
option.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
....
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, option =>
设置了默认的身份验证方案(名)是CookieAuthenticationDefaults.AuthenticationScheme;
可省略方案名
.....
[Authorize]
public IActionResult Xxx()
{
return View();
}
这篇关于Asp.Net Core 6 之基于Cookie 的身份验证的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2022-03-01沐雪多租宝商城源码从.NetCore3.1升级到.Net6的步骤
- 2024-05-08首个适配Visual Studio平台的国产智能编程助手CodeGeeX正式上线!C#程序员必备效率神器!
- 2024-03-30C#设计模式之十六迭代器模式(Iterator Pattern)【行为型】
- 2024-03-29c# datetime tryparse
- 2024-02-21list find index c#
- 2024-01-24convert toint32 c#
- 2024-01-24Advanced .Net Debugging 1:你必须知道的调试工具
- 2024-01-24.NET集成IdGenerator生成分布式全局唯一ID
- 2024-01-23用CI/CD工具Vela部署Elasticsearch + C# 如何使用
- 2024-01-23.NET开源的简单、快速、强大的前后端分离后台权限管理系统
