重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
怎么在ASP.NET Core中实现一个身份认证功能?针对这个问题,这篇文章详细介绍了相对应的分析和解答,希望可以帮助更多想解决这个问题的小伙伴找到更简单易行的方法。
创新互联建站是专业的榆林网站建设公司,榆林接单;提供网站建设、成都网站制作,网页设计,网站设计,建网站,PHP网站建设等专业做网站服务;采用PHP框架,可快速的进行榆林网站开发网页制作和功能扩展;专业做搜索引擎喜爱的网站,专业的做网站团队,希望更多企业前来合作!创建项目:
在VS中新建项目,项目类型选择ASP.NET Core Web Application (.NET Core), 输入项目名称为TestBasicAuthor。
接下来选择 Web Application, 右侧身份认证选择:No Authentication
打开Startup.cs
在ConfigureServices方法中加入如下代码:
services.AddAuthorization();
在Configure方法中加入如下代码:
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Cookie", LoginPath = new PathString("/Account/Login"), AccessDeniedPath = new PathString("/Account/Forbidden"), AutomaticAuthenticate = true, AutomaticChallenge = true });
完整的代码应该是这样:
public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddAuthorization(); } public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Cookie", LoginPath = new PathString("/Account/Login"), AccessDeniedPath = new PathString("/Account/Forbidden"), AutomaticAuthenticate = true, AutomaticChallenge = true }); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); }); }
你或许会发现贴进去的代码是报错的,这是因为还没有引入对应的包,进入报错的这一行,点击灯泡,加载对应的包就可以了。
在项目下创建一个文件夹命名为Model,并向里面添加一个类User.cs
代码应该是这样
public class User { public string UserName { get; set; } public string Password { get; set; } }
创建一个控制器,取名为:AccountController.cs
在类中贴入如下代码:
[HttpGet] public IActionResult Login() { return View(); } [HttpPost] public async TaskLogin(User userFromFore) { var userFromStorage = TestUserStorage.UserList .FirstOrDefault(m => m.UserName == userFromFore.UserName && m.Password == userFromFore.Password); if (userFromStorage != null) { //you can add all of ClaimTypes in this collection var claims = new List () { new Claim(ClaimTypes.Name,userFromStorage.UserName) //,new Claim(ClaimTypes.Email,"emailaccount@microsoft.com") }; //init the identity instances var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SuperSecureLogin")); //signin await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false }); return RedirectToAction("Index", "Home"); } else { ViewBag.ErrMsg = "UserName or Password is invalid"; return View(); } } public async Task Logout() { await HttpContext.Authentication.SignOutAsync("Cookie"); return RedirectToAction("Index", "Home"); }
相同的文件里让我们来添加一个模拟用户存储的类
//for simple, I'm not using the database to store the user data, just using a static class to replace it. public static class TestUserStorage { public static ListUserList { get; set; } = new List () { new User { UserName = "User1",Password = "112233"} }; }
接下来修复好各种引用错误。
完整的代码应该是这样
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using TestBasicAuthor.Model; using System.Security.Claims; using Microsoft.AspNetCore.Http.Authentication; // For more information on enabling MVC for empty projects, visit http://go.microsoft.com/fwlink/?LinkID=397860 namespace TestBasicAuthor.Controllers { public class AccountController : Controller { [HttpGet] public IActionResult Login() { return View(); } [HttpPost] public async TaskLogin(User userFromFore) { var userFromStorage = TestUserStorage.UserList .FirstOrDefault(m => m.UserName == userFromFore.UserName && m.Password == userFromFore.Password); if (userFromStorage != null) { //you can add all of ClaimTypes in this collection var claims = new List () { new Claim(ClaimTypes.Name,userFromStorage.UserName) //,new Claim(ClaimTypes.Email,"emailaccount@microsoft.com") }; //init the identity instances var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SuperSecureLogin")); //signin await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false }); return RedirectToAction("Index", "Home"); } else { ViewBag.ErrMsg = "UserName or Password is invalid"; return View(); } } public async Task Logout() { await HttpContext.Authentication.SignOutAsync("Cookie"); return RedirectToAction("Index", "Home"); } } //for simple, I'm not using the database to store the user data, just using a static class to replace it. public static class TestUserStorage { public static List UserList { get; set; } = new List () { new User { UserName = "User1",Password = "112233"} }; } }
在Views文件夹中创建一个Account文件夹,在Account文件夹中创建一个名位index.cshtml的View文件。
贴入如下代码:
@model TestBasicAuthor.Model.User@using (Html.BeginForm()) {
@ViewBag.ErrMsg | |
UserName | @Html.TextBoxFor(m => m.UserName) |
Password | @Html.PasswordFor(m => m.Password) |
打开HomeController.cs
添加一个Action, AuthPage.
[Authorize] [HttpGet] public IActionResult AuthPage() { return View(); }
在Views/Home下添加一个视图,名为AuthPage.cshtml
Auth page
if you are not authorized, you can't visit this page.
到此,一个基础的身份认证就完成了,核心登陆方法如下:
await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false });
启用验证如下:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Cookie", LoginPath = new PathString("/Account/Login"), AccessDeniedPath = new PathString("/Account/Forbidden"), AutomaticAuthenticate = true, AutomaticChallenge = true }); }
关于怎么在ASP.NET Core中实现一个身份认证功能问题的解答就分享到这里了,希望以上内容可以对大家有一定的帮助,如果你还有很多疑惑没有解开,可以关注创新互联行业资讯频道了解更多相关知识。