.Net Core3.1 MVC + EF Core+ AutoFac+LayUI+Sqlserver的框架搭建--------JWT权限认证

     JWT权限认证是目前系统开发常用的组件，接下来我们就给webAPI项目集成一下JWT，至于JWT实现的原理百度一大堆，自己可以找有针对性的文章，看一下就行了。

     创建一个简单的POCO类，用来存储签发或者验证jwt时用到的信息：

 public class TokenManagement
    {
        /// 

        /// 
        /// 
        [JsonProperty("secret")]
        public string Secret { get; set; }
        /// 

        /// 
        /// 
        [JsonProperty("issuer")]

        public string Issuer { get; set; }
        /// 

        /// 
        /// 

        [JsonProperty("audience")]
        public string Audience { get; set; }
        /// 

        /// 
        /// 

        [JsonProperty("accessExpiration")]
        public int AccessExpiration { get; set; }
        /// 

        /// 
        /// 

        [JsonProperty("refreshExpiration")]
        public int RefreshExpiration { get; set; }
    }

然后创建一个接口，用来实现依赖注入：

 public interface IAuthenticateService
        {
            /// 

            /// 
            /// 
            /// 
            /// 
            /// 
            bool IsAuthenticated(LoginRequest request, out string token);
        }

创建一个实现类来集成IAuthenticateService:

  public class TokenAuthenticationService : IAuthenticateService
    {
        private readonly TokenManagement _tokenManagement;
        /// 

        /// /
        /// 
        /// 
        public TokenAuthenticationService(IOptions tokenManagement)
        {
            _tokenManagement = tokenManagement.Value;
        }
        /// 

        /// 
        /// 
        /// 
        /// 
        /// 
       
        public bool IsAuthenticated(LoginRequest request, out string token)
        {
            token = string.Empty;
            // if (!_userService.IsValid(request))
            //    return false;
            var claims = new[]
            {
                new Claim(ClaimTypes.Name,request.Username)
            };
            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenManagement.Secret));
            var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
            var jwtToken = new JwtSecurityToken(_tokenManagement.Issuer, _tokenManagement.Audience, claims, expires: DateTime.Now.AddMinutes(_tokenManagement.AccessExpiration), signingCredentials: credentials);
            token = new JwtSecurityTokenHandler().WriteToken(jwtToken);

            return true;
        }
    }

然后在startup中ConfigureServices方法中注册：

   //JWT注册
            services.Configure(Configuration.GetSection("tokenManagement"));
            var token = Configuration.GetSection("tokenManagement").Get();
            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(token.Secret)),
                    ValidIssuer = token.Issuer,
                    ValidAudience = token.Audience,
                    ValidateIssuer = false,
                    ValidateAudience = false
                };
            });
            services.AddScoped();
            services.AddHealthChecks(); //添加健康检查，.net core自带的
        

appsettings.json配置：

  "tokenManagement": {
    "secret": "123456123456123456",
    "issuer": "webapi.cn",
    "audience": "WebApi",
    "accessExpiration": 30,
    "refreshExpiration": 60
  },

 用户登录认证模型：

    public class LoginRequest
    {
        /// 

        /// /
        /// 
        [Required]
        [JsonProperty("username")]
        public string Username { get; set; }
        /// 

        /// 
        /// 
        [Required]
        [JsonProperty("password")]
        public string Password { get; set; }
    }

控制器：

using Core.Net.Common.Core.Net.Core.Security;
using Core.Net.IServices;
using Core.Net.Model.System;
using Core.Net.WebApi.Common.JWT;
using Core.Net.WebApi.Dtos.Login;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace Core.Net.WebApi.Controllers.Login
{
    /// 

    /// 
    /// 
    [Route("api/[controller]/[action]")]
    [ApiController]
    public class AuthenticationController : ControllerBase
    {
        [JsonIgnore]
        private readonly IAuthenticateService _authService;
        [JsonIgnore]
        private readonly ICoreNetSystemUserServices _coreNetSystemUserServices;
        /// 

        /// 
        /// 
        /// 
        /// 
        public AuthenticationController(IAuthenticateService authService, ICoreNetSystemUserServices coreNetSystemUserServices)
        {
            _authService = authService;
            _coreNetSystemUserServices = coreNetSystemUserServices;
        }
        /// 

        /// 
        /// 
        /// 
        /// 
        [AllowAnonymous]
        [HttpPost]
        public ActionResult RequestToken([FromBody] LoginRequest request)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest("Invalid Request");
            }

            string token;
            CoreNetSystemUser user = _coreNetSystemUserServices.GetEntityOne(p => p.UserName == request.Username);
            string password = Md5.Md5Upper32(request.Password);
            if (user != null && password == user.Passward && user.IsUse == 1)
            {
                if (_authService.IsAuthenticated(request, out token))
                {
                    return Ok(token);
                }
            }
            else
            {
                return BadRequest("用户名和密码错误！");
            }


            return BadRequest("认证失败");

        }
    }
}

using Core.Net.Common.Core.Net.Core;
using Core.Net.IServices;
using Core.Net.Model.System;
using Core.Net.WebApi.Dtos;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace Core.Net.WebApi.Controllers.Login
{
  
        /// 

        /// 登录功能
        /// 
        [Route("api/[controller]/[action]")]
        [ApiController]

        public class LoginController : Controller
        {
        /// 

        /// 用户
        /// 
        [JsonIgnore]
        public readonly ICoreNetSystemUserServices _coreNetSystemUserServices;
            /// 

            /// 依赖注入对象实例
            /// 
            /// 
            public LoginController(ICoreNetSystemUserServices coreNetSystemUserServices)
            {
                _coreNetSystemUserServices = coreNetSystemUserServices;
            }
            /// 

            /// 登录方法
            /// 
            /// 
            [HttpGet]
            public IActionResult Index()
            {
                return Ok(_coreNetSystemUserServices.FindList("UserId",false).ToJson());
            }
            /// 

            /// /
            /// 
            /// 用户实体
            /// 
            [HttpGet]
            [Authorize]
            public WebApiCallBack Index1([FromBody] CoreNetSystemUser entity)
            {
                var jm = new WebApiCallBack();
                jm.status = true;
                jm.msg = "请求成功!";
                return jm;
            }


        }
  
}

如何哪一个api接口需要认证的话，只需要将方法上面加上[Authorize]

运行后效果是：