如何在ASP.NET Core中實現一個基礎的身份認證
注:本文提到的代碼示例下載地址> How to achieve a basic authorization in ASP.NET Corehtml
如何在ASP.NET Core中實現一個基礎的身份認證
ASP.NET終於能夠跨平臺了,可是不是咱們經常使用的ASP.NET, 而是叫一個ASP.NET Core的新平臺,他能夠跨Windows, Linux, OS X等平臺來部署你的web應用程序,你能夠理解爲,這個框架就是ASP.NET的下一個版本,相對於傳統ASP.NET程序,它仍是有一些不一樣的地方的,好比不少類庫在這兩個平臺之間是不通用的。web
今天首先咱們在ASP.NET Core中來實現一個基礎的身份認證,既登錄功能。app
前期準備:框架
1.推薦使用 VS 2015 Update3 做爲你的IDE,下載地址:www.visualstudio.comasync
2.你須要安裝.NET Core的運行環境以及開發工具,這裏提供VS版:www.microsoft.com/net/coreide
建立項目:工具
在VS中新建項目,項目類型選擇ASP.NET Core Web Application (.NET Core), 輸入項目名稱爲TestBasicAuthor。開發工具
接下來選擇 Web Application, 右側身份認證選擇:No Authenticationui
打開Startup.csthis
在ConfigureServices方法中加入以下代碼:
services.AddAuthorization();
在Configure方法中加入以下代碼:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookie", LoginPath = new PathString("/Account/Login"), AccessDeniedPath = new PathString("/Account/Forbidden"), AutomaticAuthenticate = true, AutomaticChallenge = true });
完整的代碼應該是這樣:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthorization();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Cookie", LoginPath = new PathString("/Account/Login"), AccessDeniedPath = new PathString("/Account/Forbidden"), AutomaticAuthenticate = true, AutomaticChallenge = true }); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); }); }
你或許會發現貼進去的代碼是報錯的,這是由於尚未引入對應的包,進入報錯的這一行,點擊燈泡,加載對應的包就能夠了。
在項目下建立一個文件夾命名爲Model,並向裏面添加一個類User.cs
代碼應該是這樣
public class User
{
public string UserName { get; set; } public string Password { get; set; } }
建立一個控制器,取名爲:AccountController.cs
在類中貼入以下代碼:
[HttpGet]
public IActionResult Login() { return View(); } [HttpPost] public async Task<IActionResult> Login(User userFromFore) { var userFromStorage = TestUserStorage.UserList .FirstOrDefault(m => m.UserName == userFromFore.UserName && m.Password == userFromFore.Password); if (userFromStorage != null) { //you can add all of ClaimTypes in this collection var claims = new List<Claim>() { new Claim(ClaimTypes.Name,userFromStorage.UserName) //,new Claim(ClaimTypes.Email,"emailaccount@microsoft.com") }; //init the identity instances var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SuperSecureLogin")); //signin await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false }); return RedirectToAction("Index", "Home"); } else { ViewBag.ErrMsg = "UserName or Password is invalid"; return View(); } } public async Task<IActionResult> Logout() { await HttpContext.Authentication.SignOutAsync("Cookie"); return RedirectToAction("Index", "Home"); }
相同的文件裏讓咱們來添加一個模擬用戶存儲的類
//for simple, I'm not using the database to store the user data, just using a static class to replace it.
public static class TestUserStorage
{
public static List<User> UserList { get; set; } = new List<User>() { new User { UserName = "User1",Password = "112233"} }; }
接下來修復好各類引用錯誤。
完整的代碼應該是這樣
using System;
using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using TestBasicAuthor.Model; using System.Security.Claims; using Microsoft.AspNetCore.Http.Authentication; // For more information on enabling MVC for empty projects, visit http://go.microsoft.com/fwlink/?LinkID=397860 namespace TestBasicAuthor.Controllers { public class AccountController : Controller { [HttpGet] public IActionResult Login() { return View(); } [HttpPost] public async Task<IActionResult> Login(User userFromFore) { var userFromStorage = TestUserStorage.UserList .FirstOrDefault(m => m.UserName == userFromFore.UserName && m.Password == userFromFore.Password); if (userFromStorage != null) { //you can add all of ClaimTypes in this collection var claims = new List<Claim>() { new Claim(ClaimTypes.Name,userFromStorage.UserName) //,new Claim(ClaimTypes.Email,"emailaccount@microsoft.com") }; //init the identity instances var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SuperSecureLogin")); //signin await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false }); return RedirectToAction("Index", "Home"); } else { ViewBag.ErrMsg = "UserName or Password is invalid"; return View(); } } public async Task<IActionResult> Logout() { await HttpContext.Authentication.SignOutAsync("Cookie"); return RedirectToAction("Index", "Home"); } } //for simple, I'm not using the database to store the user data, just using a static class to replace it. public static class TestUserStorage { public static List<User> UserList { get; set; } = new List<User>() { new User { UserName = "User1",Password = "112233"} }; } }
在Views文件夾中建立一個Account文件夾,在Account文件夾中建立一個名位index.cshtml的View文件。
貼入以下代碼:
@model TestBasicAuthor.Model.User
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
</head>
<body> @using (Html.BeginForm()) { <table> <tr> <td></td> <td>@ViewBag.ErrMsg</td> </tr> <tr> <td>UserName</td> <td>@Html.TextBoxFor(m => m.UserName)</td> </tr> <tr> <td>Password</td> <td>@Html.PasswordFor(m => m.Password)</td> </tr> <tr> <td></td> <td><button>Login</button></td> </tr> </table> } </body> </html>
打開HomeController.cs
添加一個Action, AuthPage.
[Authorize]
[HttpGet]
public IActionResult AuthPage() { return View(); }
在Views/Home下添加一個視圖,名爲AuthPage.cshtml
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
</head>
<body>
<h1>Auth page</h1>
<p>if you are not authorized, you can't visit this page.</p>
</body>
</html>
到此,一個基礎的身份認證就完成了,核心登錄方法以下:
await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false });
啓用驗證以下:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Cookie", LoginPath = new PathString("/Account/Login"), AccessDeniedPath = new PathString("/Account/Forbidden"), AutomaticAuthenticate = true, AutomaticChallenge = true }); }
在某個Controller或Action添加[Author],便可配置位須要登錄驗證的頁面。
最後:如何運行這個Sample以及下載完整的代碼請訪問:How to achieve a basic authorization in ASP.NET Core
相關文章
- 1. 在ASP.NET Core中實現一個Token base的身份認證
- 2. [轉]NET Core中實現一個Token base的身份認證
- 3. ASP.NET Core編程實現基本身份認證
- 4. ASP.NET Core WebAPI基於IdentityServer4實現Token令牌身份認證
- 5. ASP.NET Core系列:JWT身份認證
- 6. asp.net core 登陸身份認證(Cookie)
- 7. Asp.Net Core 利用Cookie作身份認證
- 8. ASP.NET Core 身份認證 (Identity、Authentication)
- 9. ASP.NET MVC 中實現真實世界中的 OAuth 身份認證
- 10. ASP.NET Core身份驗證
- 更多相關文章...
- • 現實生活中的 XML - XML 教程
- • XSD 如何使用? - XML Schema 教程
- • ☆基於Java Instrument的Agent實現
- • TiDB 在摩拜單車在線數據業務的應用和實踐
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 安裝cuda+cuDNN
- 2. GitHub的使用說明
- 3. phpDocumentor使用教程【安裝PHPDocumentor】
- 4. yarn run build報錯Component is not found in path 「npm/taro-ui/dist/weapp/components/rate/index「
- 5. 精講Haproxy搭建Web集羣
- 6. 安全測試基礎之MySQL
- 7. C/C++編程筆記:C語言中的複雜聲明分析,用實例帶你完全讀懂
- 8. Python3教程(1)----搭建Python環境
- 9. 李宏毅機器學習課程筆記2:Classification、Logistic Regression、Brief Introduction of Deep Learning
- 10. 阿里雲ECS配置速記
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 在ASP.NET Core中實現一個Token base的身份認證
- 2. [轉]NET Core中實現一個Token base的身份認證
- 3. ASP.NET Core編程實現基本身份認證
- 4. ASP.NET Core WebAPI基於IdentityServer4實現Token令牌身份認證
- 5. ASP.NET Core系列:JWT身份認證
- 6. asp.net core 登陸身份認證(Cookie)
- 7. Asp.Net Core 利用Cookie作身份認證
- 8. ASP.NET Core 身份認證 (Identity、Authentication)
- 9. ASP.NET MVC 中實現真實世界中的 OAuth 身份認證
- 10. ASP.NET Core身份驗證