什么网站比较好,网站建设积分,视频拍摄脚本怎么写,北京的制作网站的公司在哪里在ASP.NET Core中关于Security有两个容易混淆的概念一个是Authentication#xff08;认证#xff09;#xff0c;一个是Authorization#xff08;授权#xff09;。而前者是确定用户是谁的过程#xff0c;后者是围绕着他们允许做什么#xff0c;今天的主题就是关于在ASP…在ASP.NET Core中关于Security有两个容易混淆的概念一个是Authentication认证一个是Authorization授权。而前者是确定用户是谁的过程后者是围绕着他们允许做什么今天的主题就是关于在ASP.NET Core 2.0中如何使用CookieAuthentication认证。
在ASP.NET Core 2.0中使用CookieAuthentication跟在1.0中有些不同需要在ConfigureServices和Configure中分别设置前者我们叫注册服务后者我们叫注册中间件 public void ConfigureServices(IServiceCollection services){ services.AddCookieAuthentication(); services.AddMvc(options { var policy new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); // 因为是后台系统必须登陆以后才能操作 options.Filters.Add(new AuthorizeFilter(policy)); });} public void Configure(IApplicationBuilder app, IHostingEnvironment env){ if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler(/Home/Error); } app.UseStaticFiles(); // 使用Authentication中间件 app.UseAuthentication(); app.UseMvc(routes { routes.MapRoute( name: default, template: {controllerHome}/{actionIndex}/{id?}); });} 在上面的services.AddCookieAuthentication中没有任何参数系统会为某些属性指定默认值 public static class CookieAuthenticationDefaults{ /// summary /// The default value used for CookieAuthenticationOptions.AuthenticationScheme /// /summary public const string AuthenticationScheme Cookies; /// summary /// The prefix used to provide a default CookieAuthenticationOptions.CookieName /// /summary public static readonly string CookiePrefix .AspNetCore.; /// summary /// The default value used by CookieAuthenticationMiddleware for the /// CookieAuthenticationOptions.LoginPath /// /summary public static readonly PathString LoginPath new PathString(/Account/Login); /// summary /// The default value used by CookieAuthenticationMiddleware for the /// CookieAuthenticationOptions.LogoutPath /// /summary public static readonly PathString LogoutPath new PathString(/Account/Logout); /// summary /// The default value used by CookieAuthenticationMiddleware for the /// CookieAuthenticationOptions.AccessDeniedPath /// /summary public static readonly PathString AccessDeniedPath new PathString(/Account/AccessDenied); /// summary /// The default value of the CookieAuthenticationOptions.ReturnUrlParameter /// /summary public static readonly string ReturnUrlParameter ReturnUrl;} 根据微软的命名规范在ConfigureServices统一使用Add***,在Configure统一使用Use***
登陆代码 public async TaskIActionResult LoginDo(){ var user new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, bob) }, CookieAuthenticationDefaults.AuthenticationScheme)); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, user, new AuthenticationProperties { IsPersistent true, ExpiresUtc DateTimeOffset.Now.Add(TimeSpan.FromDays(180)) }); return Redirect(/);}
登出代码 public async TaskIActionResult Logout(){ await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return Redirect(/);} 原文地址http://www.cnblogs.com/bidianqing/p/6870163.html .NET社区新闻深度好文微信中搜索dotNET跨平台或扫描二维码关注
