角色不适用于控制器。 .NET 核心 API
Roles not working on controller. .NET Core API
我正在尝试授权我的 AuthController 的方法,我是这样实现的:
AuthController.cs
[HttpPost("register")]
[Authorize]
[EnableCors("AllowAllHeaders")]
public async Task<IActionResult> Register(UserForRegisterDto userForRegisterDto)
{
// bla bla bla
}
没有[授权]的方法确实有效。在我的 Startup.cs 上,我有以下配置
Startup.cs
IdentityBuilder builder = services.AddIdentityCore<User>(options =>
{
options.Password.RequiredLength = 4;
options.Password.RequireDigit = false;
options.Password.RequireUppercase = false;
options.Password.RequireNonAlphanumeric = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
builder.AddEntityFrameworkStores<DataContext>();
builder.AddRoleValidator<RoleValidator<Role>>();
builder.AddRoleManager<RoleManager<Role>>();
builder.AddSignInManager<SignInManager<User>>();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII
.GetBytes(Configuration.GetSection("AppSettings:Token").Value)),
ValidateIssuer = false,
ValidateAudience = false
};
});
services.AddControllers(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddNewtonsoftJson(opt =>
{
opt.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
配置方法
app.UseAuthorization();
app.UseAuthentication();
是否还缺少某些配置?
我想在这里完成的是使用 Roles = "Admin" 授权以注册一个帐户,但除了 401,我没有任何其他响应。
这是在我的登录方法上生成的令牌,我在授权时使用它 header:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiIxMSIsInVuaXF1ZV9uYW1lIjoiQXpyYWVsIiwicm9sZSI6WyJBZG1pbiIsIkVtcGxveWVlIl0sIm5iZiI6MTU4NTQzNzgzNywiZXhwIjoxNTg1NTI0MjM3LCJpYXQiOjE1ODU0Mzc4Mzd9.DwDCeMXBrgzGeI1w2PgnIlYeccma73BaFuN2p1ryzlwCJr815V6Q3hYMzX-PXfmOr_94fQnM4PHbJPwRNoTItw
Configure 方法中 UseAuthentication() 和 UseAuthorization() 的顺序不正确。应先认证后授权:
app.UseAuthentication();
app.UseAuthorization();
我正在尝试授权我的 AuthController 的方法,我是这样实现的:
AuthController.cs
[HttpPost("register")]
[Authorize]
[EnableCors("AllowAllHeaders")]
public async Task<IActionResult> Register(UserForRegisterDto userForRegisterDto)
{
// bla bla bla
}
没有[授权]的方法确实有效。在我的 Startup.cs 上,我有以下配置
Startup.cs
IdentityBuilder builder = services.AddIdentityCore<User>(options =>
{
options.Password.RequiredLength = 4;
options.Password.RequireDigit = false;
options.Password.RequireUppercase = false;
options.Password.RequireNonAlphanumeric = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
builder.AddEntityFrameworkStores<DataContext>();
builder.AddRoleValidator<RoleValidator<Role>>();
builder.AddRoleManager<RoleManager<Role>>();
builder.AddSignInManager<SignInManager<User>>();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII
.GetBytes(Configuration.GetSection("AppSettings:Token").Value)),
ValidateIssuer = false,
ValidateAudience = false
};
});
services.AddControllers(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddNewtonsoftJson(opt =>
{
opt.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
配置方法
app.UseAuthorization();
app.UseAuthentication();
是否还缺少某些配置?
我想在这里完成的是使用 Roles = "Admin" 授权以注册一个帐户,但除了 401,我没有任何其他响应。
这是在我的登录方法上生成的令牌,我在授权时使用它 header:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiIxMSIsInVuaXF1ZV9uYW1lIjoiQXpyYWVsIiwicm9sZSI6WyJBZG1pbiIsIkVtcGxveWVlIl0sIm5iZiI6MTU4NTQzNzgzNywiZXhwIjoxNTg1NTI0MjM3LCJpYXQiOjE1ODU0Mzc4Mzd9.DwDCeMXBrgzGeI1w2PgnIlYeccma73BaFuN2p1ryzlwCJr815V6Q3hYMzX-PXfmOr_94fQnM4PHbJPwRNoTItw
Configure 方法中 UseAuthentication() 和 UseAuthorization() 的顺序不正确。应先认证后授权:
app.UseAuthentication();
app.UseAuthorization();