【发布时间】:2018-07-01 19:31:01
【问题描述】:
在 asp.net core web api 中,如何检索 JWT 令牌的自定义用户属性?
我可以使用本教程 https://fullstackmark.com/post/13/jwt-authentication-with-aspnet-core-2-web-api-angular-5-net-core-identity-and-facebook-login 进行身份验证,但想在我的网站标题中显示用户的全名和指向他们个人资料图片的链接。
我已扩展 AppUser 模型以包含这些字段,并将它们保存在数据库中。
从 JWT 令牌中,我可以获取用户 ID 或电子邮件,然后查找数据库以获取他们的全名和个人资料图片,但我认为将其作为自定义声明会更有效,尽管我没有不知道该怎么做。
这是我的startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddSingleton<IConfiguration>(Configuration);
services.AddSingleton<IJwtFactory, JwtFactory>();
services.AddIdentity<AppUser, IdentityRole>
(options =>
{
// configure identity options
options.Password.RequireDigit = false;
options.Password.RequireLowercase = false;
options.Password.RequireUppercase = false;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequiredLength = 6;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// jwt wire up
// Get options from app settings
var jwtAppSettingOptions = Configuration.GetSection(nameof(JwtIssuerOptions));
// Configure JwtIssuerOptions
services.Configure<JwtIssuerOptions>(options =>
{
options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)];
options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256);
});
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)],
ValidateAudience = true,
ValidAudience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)],
ValidateIssuerSigningKey = true,
IssuerSigningKey = _signingKey,
RequireExpirationTime = false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(configureOptions =>
{
configureOptions.ClaimsIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
configureOptions.TokenValidationParameters = tokenValidationParameters;
configureOptions.SaveToken = true;
});
// api user claim policy
services.AddAuthorization(options =>
{
options.AddPolicy("ApiUser", policy => policy.RequireClaim(Constants.Strings.JwtClaimIdentifiers.Rol, Constants.Strings.JwtClaims.ApiAccess));
});
services.AddMvc();
}
}
【问题讨论】:
-
你可以参考这个:github.com/neville-nazerane/netcore-jwt-sample/blob/master/… 虽然这是手动生成和验证的方式
-
我没有看到在该示例中令牌中存储了自定义属性的位置?
-
对了,你需要fb的头像吗?
-
在我分享的链接中,有一个带有声明的生成函数,它会根据您提供的任何声明生成 JWT
-
个人资料图片存储在应用程序中。我搜索了您链接的网站,但找不到您描述的功能!
标签: angular asp.net-core jwt