<tfoot id='NJLwB'></tfoot>

    • <bdo id='NJLwB'></bdo><ul id='NJLwB'></ul>
    <legend id='NJLwB'><style id='NJLwB'><dir id='NJLwB'><q id='NJLwB'></q></dir></style></legend>
  • <small id='NJLwB'></small><noframes id='NJLwB'>

      <i id='NJLwB'><tr id='NJLwB'><dt id='NJLwB'><q id='NJLwB'><span id='NJLwB'><b id='NJLwB'><form id='NJLwB'><ins id='NJLwB'></ins><ul id='NJLwB'></ul><sub id='NJLwB'></sub></form><legend id='NJLwB'></legend><bdo id='NJLwB'><pre id='NJLwB'><center id='NJLwB'></center></pre></bdo></b><th id='NJLwB'></th></span></q></dt></tr></i><div id='NJLwB'><tfoot id='NJLwB'></tfoot><dl id='NJLwB'><fieldset id='NJLwB'></fieldset></dl></div>

        .NET Core 2.0 身份和 jwt?

        时间:2023-06-01
        • <i id='EoEcd'><tr id='EoEcd'><dt id='EoEcd'><q id='EoEcd'><span id='EoEcd'><b id='EoEcd'><form id='EoEcd'><ins id='EoEcd'></ins><ul id='EoEcd'></ul><sub id='EoEcd'></sub></form><legend id='EoEcd'></legend><bdo id='EoEcd'><pre id='EoEcd'><center id='EoEcd'></center></pre></bdo></b><th id='EoEcd'></th></span></q></dt></tr></i><div id='EoEcd'><tfoot id='EoEcd'></tfoot><dl id='EoEcd'><fieldset id='EoEcd'></fieldset></dl></div>
            <tbody id='EoEcd'></tbody>

          <small id='EoEcd'></small><noframes id='EoEcd'>

            <bdo id='EoEcd'></bdo><ul id='EoEcd'></ul>
          • <legend id='EoEcd'><style id='EoEcd'><dir id='EoEcd'><q id='EoEcd'></q></dir></style></legend>

                  <tfoot id='EoEcd'></tfoot>
                  本文介绍了.NET Core 2.0 身份和 jwt?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

                  问题描述

                  限时送ChatGPT账号..

                  我一直在四处寻找并尝试对 .NET Core Identity 进行更多研究(https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio%2Caspnetcore2x)和 Jwt(json 网络令牌).我一直在我的 .NET Core 2.0 应用程序中使用默认身份作为身份验证/授权,到目前为止它运行良好.

                  I've been looking around and trying to do more research on .NET Core Identity (https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio%2Caspnetcore2x) and Jwt (json web tokens). I've been rolling with the default Identity as authentication/authorization in my .NET Core 2.0 app and it has been working well so far.

                  我遇到了障碍,我认为这是我理解 .NET Core 身份和 jwt 的方式.我的应用程序有 MVC 和 web api.我理想地希望保护 web api,但我听说现在最好的方法是通过 jwt.好 - 酷.

                  I'm running into a roadblock and I think it's the way of my understanding of .NET Core identity and jwt. My application has MVC and an web api. I would ideally like to secure the web api, but I hear the best way to do that now is through jwt. Good - cool.

                  我可以继续配置 jwt,然后将其用作我的身份验证/授权 (https://blogs.msdn.microsoft.com/webdev/2017/04/06/jwt-validation-and-authorization-in-asp-net-core/),但是 - 我需要继续启动一个新服务器作为 jwt 的授权服务器吗?如果是这样,我不会那样做(太贵了).

                  I can go ahead and configure jwt and then use it as my authentication/authorization (https://blogs.msdn.microsoft.com/webdev/2017/04/06/jwt-validation-and-authorization-in-asp-net-core/), but - do I need to go ahead and spin up a new server to serve as the authorization server for jwt? If so, I'm not going to do that (too expensive).

                  如果我确实使用 jwt,我的 .NET Core 身份代码会怎样?那是不是必须要走了?如果它可以共存,我如何使用 Identity 授权我的 MVC 页面并使用 jwt 授权我的 api 端点?

                  What about my .NET Core identity code if I do go with jwt? Does that have to go away then? If it can co-exist, how might I authorize my MVC pages with Identity and my api endpoints with jwt?

                  我知道这是一个开放式问题,但它的核心是:

                  I realize this is an open-ended question, but the core of it is:

                  .NET Core Identity 和 JWT 可以共存吗?还是我必须选择其中一个?我有 MVC 和一个 web api,并希望保护两者.

                  推荐答案

                  是的,你可以.逻辑过程在这个方法中:

                  Yes, you can. The logic process is in this method:

                  第 1 步:获取用户声明

                  var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);

                  • 您将进入 GetClaimsIdentity

                  • Into GetClaimsIdentity you will

                  private async Task<ClaimsIdentity> GetClaimsIdentity(string userName, string password)
                  {
                      if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password))
                          return await Task.FromResult<ClaimsIdentity>(null);
                  
                      var userToVerify = await _userManager.FindByNameAsync(userName);                
                  
                      if (userToVerify == null) {
                          userToVerify = await _userManager.FindByEmailAsync(userName);
                          if (userToVerify == null)  {
                              return await Task.FromResult<ClaimsIdentity>(null);
                          }
                      }
                      // check the credentials
                      if (await _userManager.CheckPasswordAsync(userToVerify, password))
                      {
                          _claims = await _userManager.GetClaimsAsync(userToVerify);
                  
                          return await Task.FromResult(_jwtFactory.GenerateClaimsIdentity(userToVerify.UserName, userToVerify.Id, _claims));
                      }
                      // Credentials are invalid, or account doesn't exist
                      return await Task.FromResult<ClaimsIdentity>(null);
                  }
                  

                  第 2 步:将您需要添加到令牌的所有用户声明分组 - 使用 System.Security.Claims

                   public ClaimsIdentity GenerateClaimsIdentity(string userName, string id, IList<Claim> claims)
                      {
                          claims.Add(new Claim(Helpers.Constants.Strings.JwtClaimIdentifiers.Id, id));
                  
                          // If your security is role based you can get then with the RoleManager and add then here as claims
                  
                          // Ask here for all claims your app need to validate later 
                  
                          return new ClaimsIdentity(new GenericIdentity(userName, "Token"), claims);
                      }
                  

                  第 3 步:然后返回您的方法,您必须生成并返回 JWT 令牌

                  jwt = await jwtFactory.GenerateEncodedToken(userName, identity);
                  return new OkObjectResult(jwt);
                  

                  • 要生成令牌,请执行以下操作:

                    • To generate token do something like this:

                      public async Task<string> GenerateEncodedToken(string userName, ClaimsIdentity identity)
                      {
                          List<Claim> claims = new List<Claim>();
                          //Config claims
                          claims.Add(new Claim(JwtRegisteredClaimNames.Sub, userName));
                          claims.Add(new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()));
                          claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64));
                          //End Config claims
                          claims.AddRange(identity.FindAll(Helpers.Constants.Strings.JwtClaimIdentifiers.Roles));
                          claims.AddRange(identity.FindAll("EspecificClaimName"));
                      
                      
                          // Create the JWT security token and encode it.
                          var jwt = new JwtSecurityToken(
                              issuer: _jwtOptions.Issuer,
                              audience: _jwtOptions.Audience,
                              claims: claims,
                              notBefore: _jwtOptions.NotBefore,
                              expires: _jwtOptions.Expiration,
                              signingCredentials: _jwtOptions.SigningCredentials);
                      
                          var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
                      
                          return encodedJwt;
                      }
                      

                    • 有很多方法可以做到这一点.最常见的是:验证身份用户 --> 获取用户标识符 --> 根据标识符生成并返回令牌 --> 对端点使用授权

                      There are many ways to do this. The most common is: Validate Identity User --> Get User identifiers --> Generate and Return Token Based on Identifiers --> Use Authorization for endpoints

                      希望有帮助

                      这篇关于.NET Core 2.0 身份和 jwt?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!

                  上一篇:如何在 asp.net core 2.2 中实现 Cookie 基本身份验证和 下一篇:无法使用 Google Calendar API 加载 System.Threading.Task

                  相关文章

                  最新文章

                  1. <small id='t5Y9Z'></small><noframes id='t5Y9Z'>

                    1. <i id='t5Y9Z'><tr id='t5Y9Z'><dt id='t5Y9Z'><q id='t5Y9Z'><span id='t5Y9Z'><b id='t5Y9Z'><form id='t5Y9Z'><ins id='t5Y9Z'></ins><ul id='t5Y9Z'></ul><sub id='t5Y9Z'></sub></form><legend id='t5Y9Z'></legend><bdo id='t5Y9Z'><pre id='t5Y9Z'><center id='t5Y9Z'></center></pre></bdo></b><th id='t5Y9Z'></th></span></q></dt></tr></i><div id='t5Y9Z'><tfoot id='t5Y9Z'></tfoot><dl id='t5Y9Z'><fieldset id='t5Y9Z'></fieldset></dl></div>
                        <bdo id='t5Y9Z'></bdo><ul id='t5Y9Z'></ul>

                      <tfoot id='t5Y9Z'></tfoot>
                      <legend id='t5Y9Z'><style id='t5Y9Z'><dir id='t5Y9Z'><q id='t5Y9Z'></q></dir></style></legend>