Asp.Net Core中虽然集成了许多常用的身份认证,但很多时候,我们还是需要实现自己的身份认证接口,本文这里就简单的介绍下如何实现自定义身份认证接口。
首先写一个简单的接口。
[Authorize]
[HttpGet]
public object Foo()
{
return DateTime.Now.ToString();
}
由于有Authorize标记,访问函数体前会判断用户是否通过认证,由于这里没有通过认证,会的得到一个500错误。
自定义认证处理类:
实现一个IAuthenticationHandler接口即可:
1 public class MyAuthHandler : IAuthenticationHandler 2 { 3 public const string SchemeName = "MyAuth"; 4 5 AuthenticationScheme _scheme; 6 HttpContext _context; 7 8 /// <summary> 9 /// 初始化认证 10 /// </summary> 11 public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context) 12 { 13 _scheme = scheme; 14 _context = context; 15 return Task.CompletedTask; 16 } 17 18 /// <summary> 19 /// 认证处理 20 /// </summary> 21 public Task<AuthenticateResult> AuthenticateAsync() 22 { 23 var req = _context.Request.Query; 24 var isLogin = req["isLogin"].FirstOrDefault(); 25 26 if (isLogin != "true") 27 { 28 return Task.FromResult(AuthenticateResult.Fail("未登陆")); 29 } 30 31 var ticket = GetAuthTicket("test", "test"); 32 return Task.FromResult(AuthenticateResult.Success(ticket)); 33 } 34 35 AuthenticationTicket GetAuthTicket(string name, string role) 36 { 37 var claimsIdentity = new ClaimsIdentity(new Claim[] 38 { 39 new Claim(ClaimTypes.Name, name), 40 new Claim(ClaimTypes.Role, role), 41 }, "My_Auth"); 42 43 var principal = new ClaimsPrincipal(claimsIdentity); 44 return new AuthenticationTicket(principal, _scheme.Name); 45 } 46 47 /// <summary> 48 /// 权限不足时的处理 49 /// </summary> 50 public Task ForbidAsync(AuthenticationProperties properties) 51 { 52 _context.Response.StatusCode = (int)HttpStatusCode.Forbidden; 53 return Task.CompletedTask; 54 } 55 56 /// <summary> 57 /// 未登录时的处理 58 /// </summary> 59 public Task ChallengeAsync(AuthenticationProperties properties) 60 { 61 _context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; 62 return Task.CompletedTask; 63 } 64 }