在.NET Core Web API中使用登录和注册-Java 学习之路

我正在Asp.Net Web API Core 1.1中实现身份验证和授权角色 . 我正在使用JWT令牌生成令牌并验证请求，但我仍然坚持将用户名和密码与Identity的现有数据库默认生成表进行匹配 . 如何将密码与PasswordHash匹配并注册新用户 . 是否在.Net Core 1.1中实现登录和注册api的任何示例？

2 回答

0

您可以使用UserManager使用方法创建新用户
public virtual Task<IdentityResult> CreateAsync(TUser user, string password) 和

SignInManager使用方法使用给定密码登录：
public virtual Task<SignInResult> PasswordSignInAsync(TUser user, string password, bool isPersistent, bool lockoutOnFailure)

回复于 2024-04-27T16:14:43+08:00

[HttpPost]
    public async Task<IActionResult> Register([FromBody]UserModel model)
    {

        IdentityResult result;

        if (!ModelState.IsValid) return BadRequest(ModelState);

        var user = new ApplicationUser { UserName = model.UserName, Email = model.UserName };

             result = await _userManager.CreateAsync(user, model.Password);

        if (! result.Succeeded) return  BadRequest(ModelState);

        return Ok(new {userCreated=true, userName= model.UserName });
    }

 [HttpPost("login")]
    public async Task<IActionResult> Login([FromBody]UserModel loginViewModel)
    {
        if (ModelState.IsValid)
        {
            var userFound = await _userManager.FindByNameAsync(loginViewModel.UserName);

            if (userFound == null) return Unauthorized();

            var userId = userFound?.Id;

            // Claims, we endow this user
            var claims = new[]
            {

            new Claim(Helpers.Constants.Strings.JwtClaimIdentifiers.Id, userId),
            new Claim(Helpers.Constants.Strings.JwtClaimIdentifiers.Rol, Helpers.Constants.Strings.JwtClaims.ApiAccess),
            new Claim("test2", "test2")
         };


            // Get options from app settings
            var options = _configuration.GetSection(nameof(JwtIssuerOptions));

            SymmetricSecurityKey _signingKey =  new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_configuration["SecretKey"]));

            // Configure JwtIssuerOptions


            var token = new JwtSecurityToken
            (
                issuer: options[nameof(JwtIssuerOptions.Issuer)],
                audience: options[nameof(JwtIssuerOptions.Audience)],
                claims: claims,
                expires: DateTime.UtcNow.AddMinutes(60), // token works 1 hour! (then invalidates)
                notBefore: DateTime.UtcNow,
                signingCredentials: new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256)
            );

            return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) });
        }

        return BadRequest();
    }

回复于 2024-04-27T16:14:43+08:00

在.NET Core Web API中使用登录和注册

2 回答

相关问题