【发布时间】:2018-08-14 20:46:41
【问题描述】:
我的项目在 DotNet Core Web Api 中。为了授权,我使用 JWT ant Identity 框架。首先,它仅适用于 JWT 和控制器的 [Authorize] 属性:
[HttpGet]
[Authorize]
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2", "value3" };
}
添加身份后,[Authorize] 属性不检查请求。 我的 Startup.cs 文件:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<PaszoDbContext>();
services.AddIdentity<IdentityUser, IdentityRole>(o => {
o.Password.RequireDigit = false;
o.Password.RequiredLength = 1;
o.Password.RequireLowercase = false;
o.Password.RequireUppercase = false;
o.Password.RequireNonAlphanumeric = false;
})
.AddEntityFrameworkStores<PaszoDbContext>()
.AddDefaultTokenProviders();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["Jwt:Issuer"],
ValidAudience = Configuration["Jwt:Issuer"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"]))
};
});
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseAuthentication();
app.UseMvc();
}
}
services.AddIdentity 是否与 services.AddAuthentication 和 app.UseAuthentication(); 冲突?
【问题讨论】: