当前位置：首页 > news >正文

.net9.0 JWT AUTH2.0 添加身份认证授权

news 2026/6/12 6:21:36

1、添加 Microsoft.AspNetCore.Authentication.JwtBearer 包（9.0.9）

2、
添加类
public class TokenParameter
{
public const string Issuer = "aa";//颁发者
public const string Audience = "bb";//接收者
public const string Secret = "1234567891234567978912345678912345679789";//签名秘钥
public const int AccessExpiration = 30;//AccessToken过期时间（分钟）
}

3、添加获取token的接口
///

/// 获取Token
///

///
[HttpGet]
[Route("token")]
public ActionResult GetAccessToken(string username, string password)
{
//这儿在做用户的帐号密码校验。我这儿略过了。
if (username != "admin" || password != "admin")
return BadRequest("Invalid Request");

 var claims = new[]{new Claim(ClaimTypes.Name, username),new Claim(ClaimTypes.Role, ""),

};

 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter.Secret));var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);var jwtToken = new JwtSecurityToken(TokenParameter.Issuer, TokenParameter.Audience, claims, expires: DateTime.UtcNow.AddMinutes(TokenParameter.AccessExpiration), signingCredentials: credentials);var token = new JwtSecurityTokenHandler().WriteToken(jwtToken);return Ok(token);

}

4、注入service

builder.Services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,//是否调用对签名securityToken的SecurityKey进行验证
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(TokenParameter.Secret)),//签名秘钥
ValidateIssuer = true,//是否验证颁发者
ValidIssuer = TokenParameter.Issuer, //颁发者
ValidateAudience = true, //是否验证接收者
ValidAudience = TokenParameter.Audience,//接收者
ValidateLifetime = true,//是否验证失效时间
};
});