【问题标题】:Authentication of a user in ASP.NET Core 5 Web APIASP.NET Core 5 Web API 中的用户身份验证
【发布时间】:2021-03-22 16:19:58
【问题描述】:

在 Web API 项目中,我使用以下方法登录我的用户,但稍后我想获取我的用户名和姓。我正在使用 Web API 和 .NET 5。

public AuthenticateResponse Authenticate(AuthenticateRequest model, string ipAddress)
{
    var user = _userManager.Users
                           .Where(w => w.UserName == model.Username)
                           .FirstOrDefault();

    // This doesn't count login failures towards account lockout
    // To enable password failures to trigger account lockout, set 
    lockoutOnFailure: true

    var result = _signInManager.PasswordSignInAsync(model.Username, model.Password, true, lockoutOnFailure: false);

    User users = new User();
    users.Username = model.Username;
    users.Password = model.Password;
    users.FirstName = user.FirstName;
    users.LastName = user.LastName;

    if (result.Result.Succeeded)
    {
        // return null if user not found
        if (user == null)
            return null;
    }

    // authentication successful so generate jwt and refresh tokens
    var jwtToken = generateJwtToken(users);
    var refreshToken = generateRefreshToken(ipAddress);

    // save refresh token
    // users.RefreshTokens.Add(refreshToken);

    return new AuthenticateResponse(users, jwtToken, null);
 }

我在UserService 类中有这种方法,如何最好地访问来自

users.FirstName
users.LastName

来自可以说是俱乐部的 Web API 控制器。如您所见,我正在使用登录管理器和用户管理器,我应该在我的ClubController 中简单地加载一个实例。

我的 API 方法是

[HttpPost]
[Route("Clubs/Create")]
public async Task<IActionResult> Create(ClubViewModelApi clubModel)
{
    if (ModelState.IsValid)
    {
        Club _club = new Club();
        _club.Name = clubModel.Name;
        _club.Description = clubModel.Description;
        _club.isActive = clubModel.isActive;
        _club.isDeleted = clubModel.isDeleted;
        _club.CreatedDate = DateTime.Now;
        _club.CreatedBy = insert first lastname here;

        _club.CreatedBy = User.Identity.

        _context.Clubs.Add(_club);

        await _context.SaveChangesAsync();

        return Ok();
    }

    return View(clubModel);
}

我希望在上面的api端点的这一点处插入名字和姓氏_club.CreatedBy

我在验证时使用此代码创建我的令牌:

private string generateJwtToken(User user)
{
    var tokenHandler = new JwtSecurityTokenHandler();
    var secret = _configRoot.GetValue<string>("JWTSecret");

    _logger.Log(LogLevel.Information, $"JWT Secret from Everleap={secret}");

    var key = Encoding.ASCII.GetBytes(secret);
    var tokenDescriptor = new SecurityTokenDescriptor
                              {
                                  Subject = new ClaimsIdentity(new Claim[]
                                                {
                                                     new Claim(ClaimTypes.Name, user.Id.ToString())
                                                }),
                                  Expires = DateTime.UtcNow.AddMinutes(15),
                                  SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
                              };

    var token = tokenHandler.CreateToken(tokenDescriptor);

    return tokenHandler.WriteToken(token);
}

我的详细信息存储在 jwttoken 中。我是否再次使用该令牌并在控制器级别对其进行解密。

响应正文

{
   "id": 0,
   "firstName": "david",
   "lastName": "buckley",
   "username": "davidbuckleyweb@outlook.com",
   "jwtToken":  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IjAiLCJuYmYiOjE2MTY0MzAzNzUsImV4cCI6MTYxNjQzMTI3NSwiaWF0IjoxNjE2NDMwMzc1fQ.P8smaC0PAB5uSrBbI8bbHoc2PKbwIj7mI0jLnBuJz4s",

   "refreshToken": null
}

【问题讨论】:

    标签: c# .net-core asp.net-core-webapi


    【解决方案1】:

    我发现我需要做的是扩展我的声明,以便它存储在自己的令牌中我使用以下代码对令牌进行编码

    var tokenDescriptor = new SecurityTokenDescriptor
    {    
         Subject = new ClaimsIdentity(new Claim[]
                {
                     new Claim("CreatedBy", user.FirstName.Substring(0,1).ToUpper() + " "  + user.LastName.Substring(0,1).ToUpper()),
                    new Claim(ClaimTypes.Email, user.Username),
                    new Claim(ClaimTypes.Name, user.FirstName + " " + user.LastName),
                    new Claim(ClaimTypes.Role,roles)
                }),
                Expires = DateTime.UtcNow.AddMinutes(15),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
    

    然后要解码它,我使用以下内容。

    var authorization = Request.Headers[HeaderNames.Authorization];
    if (AuthenticationHeaderValue.TryParse(authorization, out var headerValue))
    {
        // we have a valid AuthenticationHeaderValue that has the following details:
         var scheme = headerValue.Scheme;
         var JWTToken = headerValue.Parameter;
    
         var token = new JwtSecurityToken(jwtEncodedString: JWTToken);
         string name = token.Claims.First(c => c.Type == "CreatedBy").Value;       
        _club.CreatedBy = name;
     }
    

    【讨论】:

      猜你喜欢
      • 2016-12-22
      • 2015-07-20
      • 2012-07-28
      • 2021-05-31
      • 2017-06-28
      • 2022-01-27
      • 2018-01-28
      • 2017-11-24
      相关资源
      最近更新 更多