asp.netcoreMVC中的所有身份验证选项是什么?
asp.net core MVC提供了多种身份验证选项。以下是常见的身份验证选项及其对应的代码示例:
- Cookies认证: 使用Cookies-based认证系统,可以直接在代码中添加认证授权逻辑。示例代码如下:
// Startup.cs public void ConfigureServices(IServiceCollection services) { services.ConfigureApplicationCookie(options => { options.Cookie.HttpOnly = true; options.ExpireTimeSpan = TimeSpan.FromDays(30); options.LoginPath = "/Account/Login"; options.AccessDeniedPath = "/Account/AccessDenied"; options.SlidingExpiration = true; });
// ...
}
// AccountController.cs
public async Task
// Issue authentication cookie with custom claims
var claims = new List
{
new Claim(ClaimTypes.Name, user.FullName),
new Claim(ClaimTypes.Email, user.Email)
// ...
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
IsPersistent = model.RememberMe,
ExpiresUtc = DateTimeOffset.UtcNow.AddHours(1),
AllowRefresh = true
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
// ...
}
- JWT认证: 使用基于JSON web tokens的身份验证系统,可以添加授权令牌以及进行身份验证。示例代码如下:
// Startup.cs public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = "mydomain.com", ValidAudience = "mydomain.com", IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JwtKey"])) };