【问题标题】:How to use swagger to set the global JWT in asp.net core?asp.net core中如何使用swagger设置全局JWT?
【发布时间】:2022-02-01 15:33:58
【问题描述】:

我重新学习了asp.net core,在我的个人项目中,我使用了swagger接口文档。我遵循这个文档,它工作正常,https://docs.microsoft.com/en-us/aspnet/core/tutorials/web-api-help-pages-using-swagger?view=aspnetcore-3.1。但是我有个疑问,就是token怎么用,我用的是asp.net core 3.1版本。如图,虽然不是asp.net core做的,但是.net core怎么实现呢?

enter image description here

当我访问一个界面时,我需要一个登录令牌,因为我没有权限。我可以在 asp.net core 中使用全局令牌吗?

【问题讨论】:

标签: asp.net-core swagger token


【解决方案1】:

你想通过登录生成一个token,然后传入这个token来访问一些权限API,对吧?

你可以参考这段代码:

services.AddSwaggerGen(config =>
            {   
                      ////Name the security scheme
                config.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
                {
                    Description = "JWT Authorization",
                    Name = "Authorization",
                    In = ParameterLocation.Header,
                    Type = SecuritySchemeType.ApiKey,
                    Scheme = "bearer",
                    BearerFormat="JWT"
                });

                config.AddSecurityRequirement(new OpenApiSecurityRequirement()
{
    {
        new OpenApiSecurityScheme
        {
            Reference = new OpenApiReference
            {
                Type = ReferenceType.SecurityScheme,

           //The name of the previously defined security scheme.
                Id = "Bearer"
            }

        },
        new List<string>()
    }
});

生成令牌的代码:

appsettings.json:

 "Jwt": {
    "Issuer": "testUser",
    "Audience": "user",
    "Key": "this is my custom Secret key for authnetication"
  },

 private string GerarTokenJWT()
        {
            var issuer = _config["Jwt:Issuer"];
            var audience = _config["Jwt:Audience"];
            var expiry = DateTime.Now.AddMinutes(120);
            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
            var token = new JwtSecurityToken(issuer: issuer, audience: audience,
expires: expiry, signingCredentials: credentials);
            var tokenHandler = new JwtSecurityTokenHandler();
            var stringToken = tokenHandler.WriteToken(token);
            return stringToken;
        }

登录生成令牌:

然后验证:

【讨论】:

  • 这行得通,谢谢。顺便问一下,你将如何存储和管理生成的令牌?
猜你喜欢
  • 2016-12-11
  • 2018-09-12
  • 2022-11-18
  • 2017-09-12
  • 1970-01-01
  • 2019-04-13
  • 1970-01-01
  • 2018-10-08
  • 2016-12-14
相关资源
最近更新 更多