Web API 身份验证 不记名令牌验证 Bearer Token Authentication
时间:2014-05-15 07:45:25
收藏:0
阅读:1512
1. Startup.Auth.cs文件
添加属性
1 |
public
static OAuthBearerAuthenticationOptions OAuthBearerOptions { get ; private
set ; } |
添加静态构造函数
1
2
3
4
5
6
7 |
/// <summary> /// 构造函数 /// </summary> static
Startup() { OAuthBearerOptions = new
OAuthBearerAuthenticationOptions(); } |
方法ConfigureAuth中添加
1
2 |
// 使用不记名身份验证 app.UseOAuthBearerAuthentication(OAuthBearerOptions); |
2. WebApiConfig.cs文件
方法Register中添加
1
2 |
config.SuppressDefaultHostAuthentication(); config.Filters.Add( new
HostAuthenticationFilter( "Bearer" )); |
3. 创建身份验证方法(Web API)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33 |
[HttpPost] public
async Task<String> Authenticate( string
userName, string
password) { if
( string .IsNullOrEmpty(userAccount) || string .IsNullOrEmpty(password)) { return
string .Empty; }<br> // 用户查找失败 User user = await UserManager.FindAsync(userName, password); if
(user == null ) { return
string .Empty; } // 身份验证票证包括角色或者可以换成用户名 var
identity = new
ClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType); identity.AddClaim( new
Claim(ClaimTypes.NameIdentifier, user.Id.ToString())); if
(UserManager.SupportsUserRole) { IList< string > roles = await UserManager.GetRolesAsync(user.Id).ConfigureAwait( false ); foreach
( string
roleName in
roles) { identity.AddClaim( new
Claim(ClaimTypes.Role, roleName, ClaimValueTypes.String)); } } AuthenticationTicket ticket = new
AuthenticationTicket(identity, new
AuthenticationProperties()); var
currentUtc = DateTime.UtcNow; ticket.Properties.IssuedUtc = currentUtc; ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(1)); // 返回值 return
Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket); } |
4. 为需要身份验证的控制器或方法添加标记
1
2
3
4 |
[Authorize(Roles = "Admin" )] public
class UsersController : ApiController { } |
测试:
在请求头部中添加令牌,格式如下:
Authorization: Bearer boQtj0SCGz2GFGz...
Web API 身份验证 不记名令牌验证 Bearer Token Authentication,布布扣,bubuko.com
评论(0)