asp. Core is compatible with both JWT authentication and cookies authentication

Python Wechat ordering applet course video

https://edu.csdn.net/course/detail/36074

Python Actual quantitative transaction financial management system

https://edu.csdn.net/course/detail/35475
In practical use , May come across ,aspi Interface verification and view Login verification of the page .asp.core It also supports two compatible .

First, in the startup.cs Enable Authentication .

 var secrityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecurityKey"]));
 services.AddSingleton(secrityKey);
 services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
 .AddCookie(option => //cookies  The way 
 {
 option.LoginPath = "/Login"; 
 })
 .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => //jwt  The way 
 {
 options.TokenValidationParameters = new TokenValidationParameters
 {
 ValidateIssuer = true,// Whether the validation Issuer
 ValidateAudience = true,// Whether the validation Audience
 ValidateLifetime = true,// Is the failure time verified 
 ClockSkew = TimeSpan.FromSeconds(30),
 ValidateIssuerSigningKey = true,// Whether the validation SecurityKey
 ValidAudience = Configuration["JWTDomain"],//Audience
 ValidIssuer = Configuration["JWTDomain"],//Issuer
 IssuerSigningKey = secrityKey// Get SecurityKey
 };
 });

Configure Method must be added

  app.UseAuthentication(); // to grant authorization 
  app.UseAuthorization(); // authentication   Authentication methods include user name and password authentication 

 app.MapWhen(context =>
 {
 var excludeUrl = new string[] { "/api/login/getinfo", "/api/login/login", "/api/login/modifypwd" }; // Pay attention to lowercase 
 return context.Request.Path.HasValue
 && context.Request.Path.Value.Contains("Login")
 && context.Request.Headers.ContainsKey("Authorization")
 && !(excludeUrl.Contains(context.Request.Path.Value.ToLower()));
 }, \_app =>
 {
 \_app.Use(async (context, next) =>
 {
 context.Response.StatusCode = 401;
 });
 });

stay login page , Background code

?

| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 | varuid = Request.Form[``"code"``] +""``;``varpwd = Request.Form[``"pwd"``] +""``; varinfo = _mysql.users.Where(m => m.user_code == uid&&m.delflag==0).FirstOrDefault();``if(info ==null``)``{``returnnewJsonResult(``new``{``success =false``,``msg =" The user doesn't exist "``});``}``if(info.pwd != pwd)``{``returnnewJsonResult(``new``{``success =false``,``msg =" Incorrect user password "``});``} // Create an authentication ``varclaims =newList() {``newClaim(ClaimTypes.Sid,info.id),// user ID``newClaim(ClaimTypes.Name,info.user_code)// User name ``};``varclaimsIdentity =newClaimsIdentity(``claims, CookieAuthenticationDefaults.AuthenticationScheme);``//var identity = new ClaimsIdentity(claims, "Login");``//var userPrincipal = new ClaimsPrincipal(identity);``//HttpContext.SignInAsync("MyCookieAuthenticationScheme", userPrincipal, new AuthenticationProperties``//{``//    ExpiresUtc = DateTime.UtcNow.AddMinutes(30),``//    IsPersistent = true``//}).Wait(); varauthProperties =newAuthenticationProperties``{``//AllowRefresh = ,``// Refreshing the authentication session should be allowed.``ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60),``// The time at which the authentication ticket expires. A// value set here overrides the ExpireTimeSpan option of// CookieAuthenticationOptions set with AddCookie.``IsPersistent =true``,``// Whether the authentication session is persisted across// multiple requests. When used with cookies, controls``// whether the cookie's lifetime is absolute (matching the``// lifetime of the authentication ticket) or session-based. //IssuedUtc = ,``// The time at which the authentication ticket was issued. //RedirectUri =// The full path or absolute URI to be used as an http// redirect response value.``}; await HttpContext.SignInAsync(``CookieAuthenticationDefaults.AuthenticationScheme,``newClaimsPrincipal(claimsIdentity),``authProperties); |

Controler Controller part , Login code ：

?

| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 | [HttpPost(``"Login"``)]``publicasync Task Login(getdata \_getdata)``{``varuserName = _getdata.username;``varpassWord = _getdata.password;``varinfo = _mysql.users.Where(m => m.user_code == userName && m.delflag == 0).FirstOrDefault();``if(info ==null``)``{``returnnewJsonResult(``new``{``state =false``,``code = -1,``data =""``,``msg =" The username does not exist !"``});``}``if(CommonOp.MD5Hash(info.pwd).ToLower() != passWord)``{``returnnewJsonResult(``new``{``state =false``,``code = -2,``data =""``,``msg =" Incorrect user password !"``});``} #region Identity authentication processing ``varsecrityKey =newSymmetricSecurityKey(Encoding.UTF8.GetBytes(_config[``"SecurityKey"``]));``List claims =newList();``claims.Add(``newClaim(``"user_code"``, info.user_code));``claims.Add(``newClaim(``"id"``, info.id)); varcreds =newSigningCredentials(secrityKey, SecurityAlgorithms.HmacSha256);``vartoken =newJwtSecurityToken(``issuer: _config[``"JWTDomain"``],``audience: _config[``"JWTDomain"``],``claims: claims,``expires: DateTime.Now.AddMinutes(120),``signingCredentials: creds); returnnewJsonResult(``new``{``state =true``,``code = 0,``data =newJwtSecurityTokenHandler().WriteToken(token),``msg =" obtain token success " });``#endregion``} |

Be careful , Authenticated controller part , Add the following attribute header , It will take effect .

?

| 12345 | **[Authorize(AuthenticationSchemes =**"Bearer,Cookies"``)]``publicclassControllerCommonBase : ControllerBase``{  } |

Such a Controler controller , It can be compatible with two modes .