浅谈如何在ASP.NET Core中实现一个基础的身份认证

时间:2022-08-26 11:41:28

ASP.NET终于可以跨平台了,但是不是我们常用的ASP.NET, 而是叫一个ASP.NET Core的新平台,他可以跨Windows, Linux, OS X等平台来部署你的web应用程序,你可以理解为,这个框架就是ASP.NET的下一个版本,相对于传统ASP.NET程序,它还是有一些不同的地方的,比如很多类库在这两个平台之间是不通用的。

今天首先我们在ASP.NET Core中来实现一个基础的身份认证,既登陆功能。

前期准备:

1.推荐使用 VS 2015 Update3 作为你的IDE

2.你需要安装.NET Core的运行环境以及开发工具

创建项目:

在VS中新建项目,项目类型选择ASP.NET Core Web Application (.NET Core), 输入项目名称为TestBasicAuthor。

浅谈如何在ASP.NET Core中实现一个基础的身份认证

接下来选择 Web Application, 右侧身份认证选择:No Authentication

浅谈如何在ASP.NET Core中实现一个基础的身份认证

打开Startup.cs

在ConfigureServices方法中加入如下代码:

?
1
services.AddAuthorization();

在Configure方法中加入如下代码:

?
1
2
3
4
5
6
7
8
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
  AuthenticationScheme = "Cookie",
  LoginPath = new PathString("/Account/Login"),
  AccessDeniedPath = new PathString("/Account/Forbidden"),
  AutomaticAuthenticate = true,
  AutomaticChallenge = true
});

完整的代码应该是这样:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
public void ConfigureServices(IServiceCollection services)
{
  services.AddMvc();
 
  services.AddAuthorization();
}
 
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
  app.UseCookieAuthentication(new CookieAuthenticationOptions
  {
    AuthenticationScheme = "Cookie",
    LoginPath = new PathString("/Account/Login"),
    AccessDeniedPath = new PathString("/Account/Forbidden"),
    AutomaticAuthenticate = true,
    AutomaticChallenge = true
  });
 
  app.UseMvc(routes =>
  {
    routes.MapRoute(
       name: "default",
       template: "{controller=Home}/{action=Index}/{id?}");
  });
}

你或许会发现贴进去的代码是报错的,这是因为还没有引入对应的包,进入报错的这一行,点击灯泡,加载对应的包就可以了。

浅谈如何在ASP.NET Core中实现一个基础的身份认证

在项目下创建一个文件夹命名为Model,并向里面添加一个类User.cs

代码应该是这样

?
1
2
3
4
5
public class User
{
  public string UserName { get; set; }
  public string Password { get; set; }
}

创建一个控制器,取名为:AccountController.cs

在类中贴入如下代码:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
[HttpGet]
public IActionResult Login()
{
  return View();
}
 
[HttpPost]
public async Task<IActionResult> Login(User userFromFore)
{
  var userFromStorage = TestUserStorage.UserList
    .FirstOrDefault(m => m.UserName == userFromFore.UserName && m.Password == userFromFore.Password);
 
  if (userFromStorage != null)
  {
    //you can add all of ClaimTypes in this collection
    var claims = new List<Claim>()
    {
      new Claim(ClaimTypes.Name,userFromStorage.UserName)
      //,new Claim(ClaimTypes.Email,"emailaccount@microsoft.com")
    };
 
    //init the identity instances
    var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SuperSecureLogin"));
 
    //signin
    await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties
    {
      ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
      IsPersistent = false,
      AllowRefresh = false
    });
 
    return RedirectToAction("Index", "Home");
  }
  else
  {
    ViewBag.ErrMsg = "UserName or Password is invalid";
 
    return View();
  }
}
 
public async Task<IActionResult> Logout()
{
  await HttpContext.Authentication.SignOutAsync("Cookie");
 
  return RedirectToAction("Index", "Home");
}

相同的文件里让我们来添加一个模拟用户存储的类

?
1
2
3
4
5
6
7
//for simple, I'm not using the database to store the user data, just using a static class to replace it.
public static class TestUserStorage
{
  public static List<User> UserList { get; set; } = new List<User>() {
    new User { UserName = "User1",Password = "112233"}
  };
}

接下来修复好各种引用错误。

完整的代码应该是这样

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using TestBasicAuthor.Model;
using System.Security.Claims;
using Microsoft.AspNetCore.Http.Authentication;
 
// For more information on enabling MVC for empty projects, visit http://go.microsoft.com/fwlink/?LinkID=397860
 
namespace TestBasicAuthor.Controllers
{
  public class AccountController : Controller
  {
    [HttpGet]
    public IActionResult Login()
    {
      return View();
    }
 
    [HttpPost]
    public async Task<IActionResult> Login(User userFromFore)
    {
      var userFromStorage = TestUserStorage.UserList
        .FirstOrDefault(m => m.UserName == userFromFore.UserName && m.Password == userFromFore.Password);
 
      if (userFromStorage != null)
      {
        //you can add all of ClaimTypes in this collection
        var claims = new List<Claim>()
        {
          new Claim(ClaimTypes.Name,userFromStorage.UserName)
          //,new Claim(ClaimTypes.Email,"emailaccount@microsoft.com")
        };
 
        //init the identity instances
        var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SuperSecureLogin"));
 
        //signin
        await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties
        {
          ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
          IsPersistent = false,
          AllowRefresh = false
        });
 
        return RedirectToAction("Index", "Home");
      }
      else
      {
        ViewBag.ErrMsg = "UserName or Password is invalid";
 
        return View();
      }
    }
 
    public async Task<IActionResult> Logout()
    {
      await HttpContext.Authentication.SignOutAsync("Cookie");
 
      return RedirectToAction("Index", "Home");
    }
  }
 
  //for simple, I'm not using the database to store the user data, just using a static class to replace it.
  public static class TestUserStorage
  {
    public static List<User> UserList { get; set; } = new List<User>() {
    new User { UserName = "User1",Password = "112233"}
  };
  }
}

在Views文件夹中创建一个Account文件夹,在Account文件夹中创建一个名位index.cshtml的View文件。

贴入如下代码:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
@model TestBasicAuthor.Model.User
 
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title></title>
</head>
<body>
  @using (Html.BeginForm())
  {
    <table>
      <tr>
        <td></td>
        <td>@ViewBag.ErrMsg</td>
      </tr>
      <tr>
        <td>UserName</td>
        <td>@Html.TextBoxFor(m => m.UserName)</td>
      </tr>
      <tr>
        <td>Password</td>
        <td>@Html.PasswordFor(m => m.Password)</td>
      </tr>
      <tr>
        <td></td>
        <td><button>Login</button></td>
      </tr>
    </table>
  }
</body>
</html>

打开HomeController.cs

添加一个Action, AuthPage.

?
1
2
3
4
5
6
[Authorize]
[HttpGet]
public IActionResult AuthPage()
{
  return View();
}

在Views/Home下添加一个视图,名为AuthPage.cshtml

?
1
2
3
4
5
6
7
8
9
10
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title></title>
</head>
<body>
  <h1>Auth page</h1>
 
  <p>if you are not authorized, you can't visit this page.</p>
</body>
</html>

到此,一个基础的身份认证就完成了,核心登陆方法如下:

?
1
2
3
4
5
6
await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties
{
  ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
  IsPersistent = false,
  AllowRefresh = false
});

启用验证如下:

?
1
2
3
4
5
6
7
8
9
10
11
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
  app.UseCookieAuthentication(new CookieAuthenticationOptions
  {
    AuthenticationScheme = "Cookie",
    LoginPath = new PathString("/Account/Login"),
    AccessDeniedPath = new PathString("/Account/Forbidden"),
    AutomaticAuthenticate = true,
    AutomaticChallenge = true
  });
}

在某个Controller或Action添加[Author],即可配置位需要登陆验证的页面。

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。

原文链接:http://www.cnblogs.com/onecodeonescript/p/6015512.html

标签:

相关文章