【发布时间】:2021-06-17 21:40:15
【问题描述】:
我在下面的代码中给出了 IActionResult 登录方法,这是这里的主要重点。我想在发布此方法后返回特定类型的响应。响应应该看起来像这样......
{
"token" : Token Id must be displayed here,
"user" : {
UserName : user name must appear here
UserRole : user role appears here
}
}
当我使用(例如)用户名 -> 管理员和密码 -> 1234 登录时,它必须从与给定凭据匹配的列表中提取用户名和用户角色。请帮帮我,我对 ASP.NET 有点陌生。
[ApiController]
[Route("api/LoginController")]
public class LoginController : Controller
{
private readonly IList<Credential> appUsers = new List<Credential>
{
new Credential { FullName = "Admin User", UserName = "admin", Password = "1234", UserRole = "Admin" },
new Credential { FullName = "Test User", UserName = "user", Password = "1234", UserRole = "User" }
};
[HttpPost]
[AllowAnonymous]
public IActionResult Login(Credential credential)
{
var user = appUsers.FirstOrDefault(x => x.UserName == credential.UserName && x.Password == credential.Password);
if (user != null)
{
var tokenString = GenerateJWTToken(user);
var response = new { token = tokenString };
return Ok(response);
}
else
{
string message = "enter correct credentials";
return Ok(message);
}
}
private string GenerateJWTToken(Credential credential)
{
const string ENCRYPTION_KEY = "xecretKeywqejane";
const string JWT_ISSUER = "https://localhost:44331/";
const string JWT_AUDIENCE = "https://localhost:44331/";
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ENCRYPTION_KEY));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim (JwtRegisteredClaimNames.Sub, credential.UserName),
new Claim ("fullName", credential.FullName),
new Claim ("role", credential.UserRole),
new Claim (JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
};
var token = new JwtSecurityToken(
issuer: JWT_ISSUER,
audience: JWT_AUDIENCE,
claims: claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: signingCredentials
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
}
【问题讨论】:
标签: asp.net asp.net-web-api jwt webapi