以admin控制器为要认证的控制器举例
1.对控制器设置权限特性
//a 认证命名空间using Microsoft.AspNetCore.Authorization;using Microsoft.AspNetCore.Mvc;namespace CookieBasedAuth.Controllers{ ???//b 认证特性 ???[Authorize] ???public class AdminController : Controller ???{ ???????public IActionResult Index() ???????{ ???????????return View(); ???????} ???}}在加了Authorize特性之后,访问admin控制器的index方法,页面会显示异常,异常告诉我们,没有指定认证框架,它不知道如何来认证挑战
2.为程序注入Cookie认证框架
a.首先要引入两个程序集
//1 为了Cookie认证证明 引入的以下两个命名空间 ?认证命名空间 和 认证Cookie命名空间using Microsoft.AspNetCore.Authentication;using Microsoft.AspNetCore.Authentication.Cookies;
b.在服务中注入认证
public void ConfigureServices(IServiceCollection services) ???????{ ???????????services.Configure<CookiePolicyOptions>(options => ???????????{ ???????????????// This lambda determines whether user consent for non-essential cookies is needed for a given request. ???????????????options.CheckConsentNeeded = context => true; ???????????????options.MinimumSameSitePolicy = SameSiteMode.None; ???????????}); ???????????//2 CookieAuthenticationDefaults.AuthenticationScheme的值是一个字符串常量 "Cookies" ???????????//AddAuthentication 方法要求传入的是一个字符串 我传入的字符串是Cookies 就是说 使用Cookie 认证 ???????????services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(); ???????????services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); ???????}此时再访问admin控制器的index方法,已经不报异常了,而是直接跳转到account/login
http://localhost:60208/Account/Login?ReturnUrl=%2Fadmin
3.创建Account控制器 在此不挑战,直接授予权限
//引入认证相关的命名空间using Microsoft.AspNetCore.Authentication;using Microsoft.AspNetCore.Authentication.Cookies;using Microsoft.AspNetCore.Mvc;using System.Collections.Generic;//引入安全相关的命名空间using System.Security.Claims;namespace CookieBasedAuth.Controllers{ ???public class AccountController : Controller ???{ ???????public IActionResult Login() ???????{ ???????????var claims = new List<Claim>{ ???????????????new Claim(ClaimTypes.Name,"应龙"), ???????????????new Claim(ClaimTypes.Role,"国王") ???????????}; ???????????//千万要注意下面的new ClaimsIdentity的构造函数,第二个参数要指明认证框架,要和服务中注入的框架一致 都是cookie ???????????var claimIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); ???????????HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimIdentity)); ???????????return Ok(); ???????} ???}}即便授权了,我们请求admin控制器的index方法,会跳转到account控制器的login方法。按想象的此时授权了,就应该可以访问admin控制器的index了,然而我们会发现没有用,也就是说没有授权,还是会跳转到account/login
4.将cookie验证加入到中间件
public void Configure(IApplicationBuilder app, IHostingEnvironment env) ???????{ ???????????if (env.IsDevelopment()) ???????????{ ???????????????app.UseDeveloperExceptionPage(); ???????????} ???????????else ???????????{ ???????????????app.UseExceptionHandler("/Home/Error"); ???????????} ???????????app.UseStaticFiles(); ???????????app.UseCookiePolicy(); ???????????//将认证中间件弄进来 使得我们的请求会进入认证管道 ???????????app.UseAuthentication(); ???????????app.UseMvc(routes => ???????????{ ???????????????routes.MapRoute( ???????????????????name: "default", ???????????????????template: "{controller=Home}/{action=Index}/{id?}"); ???????????}); ???????}完成 !
在asp.net core中使用cookie认证
原文地址:https://www.cnblogs.com/wholeworld/p/9950823.html