netcore发布到iis,webapi实例教程
部署NuGet包
Microsoft.aspnet core.authentic ation.jwt bearer
Swashbuckle.AspNetCore.Swagger
swash buckle.aspnet core.swagger ui
2 .代码配置
appsettings.json
{ ' logging ' : { ' log level ' : } ' default ' : ' information '、' Microsoft': 'Warning '、' Microsoft.} ' jwt settings ' : { ' issuer ' : ' http://localhost 336044349/',' audience ' : ' ' secret key ' : ' a1 s 2123 d
using Common; using Microsoft.aspnet core.builder; using Microsoft.aspnet core.hosting; using Microsoft.aspnet core.https policy; using Microsoft.extensions.configuration; using Microsoft.extensions.dependency injection; using Microsoft.extensions.hosting; 用户系统; using system.collections.generic; using System.Linq; using System.Threading.Tasks; using System.Text; using Microsoft.identity model.tokens; using System.Text; using Microsoft.aspnet core.authentic ation.jwt bearer; using System.IO; using Microsoft.OpenApi.Models; using System.Reflection; using System.Runtime.Loader; namespacenetcorestudy {公共类启动}公共启动{ iconfiguration configuration } { configuration=configuration; } publiciconfigurationconfiguration { get; //thismethodgetscalledbytheruntime.usethismethodtoaddservicestothecontainer.publicvoidconfigureservices (iservicecolecoleces #region JWT认证appsettings.json的JwtSettings子文件导入JwtSettings中并使用services.configurejwtsettings (configuration.getsection 使用绑定检索配置//将配置绑定到JwtSettings实例的var jwtSettings=new JwtSettings (; configuration.bind(jwtSettings,jwtsettings ); services.addauthentication (options={//认证middleware配置options.defaultauthenticatescheme=jwtbearerderdefaults.aults ) }.addjwtbearer(o={//主要是jwt token参数设置
o.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { //Token颁发机构 ValidIssuer = jwtSettings.Issuer, //颁发给谁 ValidAudience = jwtSettings.Audience, //这里的key要进行加密,需要引用Microsoft.IdentityModel.Tokens IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.SecretKey)) //ValidateIssuerSigningKey=true, 是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比 //ValidateLifetime=true, 允许的服务器时间偏移量 //ClockSkew=TimeSpan.Zero }; }); #endregion #region 跨域 services.AddCors(options => { options.AddPolicy("CorsPolicy", builder => builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()); }); #endregion #region Swagger //注册Swagger生成器,定义一个和多个Swagger 文档 services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Version = "v1", //版本 Title = "我的API", //标题 Description = "API描述",//描述 Contact = new OpenApiContact //联系人信息 { Name = "联系人", Email = "我的邮箱", } }); // 为 Swagger JSON and UI设置xml文档注释路径 var basePath = Path.GetDirectoryName(typeof(Program).Assembly.Location); var xmlPath = Path.Combine(basePath, "NetCoreStudy.xml");//xml路径名称 c.IncludeXmlComments(xmlPath); }); #endregion services.AddMvc(options => options.EnableEndpointRouting = false); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } //跳转https //app.UseHttpsRedirection(); //静态文件 app.UseStaticFiles(); app.UseRouting(); #region JWT //1.先开启认证 app.UseAuthentication(); //2.再开启授权 app.UseAuthorization(); #endregion #region 跨域 app.UseCors("CorsPolicy"); #endregion #region Swagger app.UseSwagger(); app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "我的API文档 v1")); #endregion //路由 app.UseEndpoints(endpoints => { endpoints.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); }); } }}3.使用
使用时在Controller /action 上打上特性 [Authorize]
可以单独在Action上打上特性[Authorize] 不需要检查授权认证的话打上特性: [AllowAnonymous]
两个特性类都在如下命名空间下:using Microsoft.AspNetCore.Authorization;
4.获取token
5.登录后调用其他接口
200 ok
无权限 401
附:
源代码:https://download.csdn.net/download/sunwork888/14907148
Postman 工具下载: https://www.onlinedown.net/soft/971602.htm
HTTP状态码: https://baike.baidu.com/item/HTTP%E7%8A%B6%E6%80%81%E7%A0%81/5053660?fr=aladdin