-
创建一个 ASP.NET Core MVC 项目。
-
添加 NuGet 包:
- Microsoft.AspNetCore.Authentication.JwtBearer:用于支持 JWT 的身份验证。
- System.IdentityModel.Tokens.Jwt:用于生成和验证 JWT。
-
在
Startup.cs
文件中做如下修改:
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Text;public class Startup
{// 省略其他代码public void ConfigureServices(IServiceCollection services){// 省略其他服务配置// 配置身份验证服务services.AddAuthentication(options =>{options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;}).AddJwtBearer(options =>{options.TokenValidationParameters = new TokenValidationParameters{ValidateIssuer = true,ValidateAudience = true,ValidateLifetime = true,ValidIssuer = "your_issuer",ValidAudience = "your_audience",IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("your_secret_key"))};});// 省略其他代码}public void Configure(IApplicationBuilder app, IWebHostEnvironment env){// 省略其他配置app.UseRouting();// 启用身份验证中间件app.UseAuthentication();app.UseAuthorization();// 省略其他配置}
}
请注意,在上述代码中,您需要将以下参数替换为实际的值:
"your_issuer"
:发行者的标识符。"your_audience"
:接收者的标识符。"your_secret_key"
:用于签名和验证令牌的密钥。
- 创建一个控制器,并添加以下代码:
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;public class HomeController : Controller
{[Authorize]public IActionResult Index(){// 从用户声明中获取用户名string username = User.Identity.Name;return View();}[Authorize(Roles = "Admin")]public IActionResult AdminOnlyAction(){return View();}[HttpPost("token")]public IActionResult GenerateToken(){// 在用户登录成功后生成并返回 JWTvar claims = new[]{new Claim(ClaimTypes.Name, "john.doe@example.com"),new Claim(ClaimTypes.Role, "Admin")};var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("your_secret_key"));var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);var expires = DateTime.Now.AddDays(1);var token = new JwtSecurityToken(issuer: "your_issuer",audience: "your_audience",claims: claims,expires: expires,signingCredentials: credentials);string accessToken = new JwtSecurityTokenHandler().WriteToken(token);return Ok(new { AccessToken = accessToken });}
}