我正在尝试授权AuthController的方法,我已经通过以下方式实现了它:
AuthController.cs
[HttpPost("register")]
[Authorize]
[EnableCors("AllowAllHeaders")]
public async Task<IActionResult> Register(UserForRegisterDto userForRegisterDto)
{
// bla bla bla
}
没有[Authorize]的方法实际上有效。在我的Startup.cs上,我具有以下配置
Startup.cs
IdentityBuilder builder = services.AddIdentityCore<User>(options =>
{
options.Password.RequiredLength = 4;
options.Password.RequireDigit = false;
options.Password.RequireUppercase = false;
options.Password.RequireNonAlphanumeric = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
builder.AddEntityFrameworkStores<DataContext>();
builder.AddRoleValidator<RoleValidator<Role>>();
builder.AddRoleManager<RoleManager<Role>>();
builder.AddSignInManager<SignInManager<User>>();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII
.GetBytes(Configuration.GetSection("AppSettings:Token").Value)),
ValidateIssuer = false,
ValidateAudience = false
};
});
services.AddControllers(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddNewtonsoftJson(opt =>
{
opt.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
配置方法
app.UseAuthorization();
app.UseAuthentication();
是否仍然缺少某些配置?
我想在这里完成的任务是使用Roles =“ Admin”进行授权以注册帐户,但是除了401,我没有其他回复。
这是在登录方法上生成的令牌,我在授权标头上使用它:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiIxMSIsInVuaXF1ZV9uYW1lIjoiQXpyYWVsIiwicm9sZSI6WyJBZG1pbiIsIkVtcGxveWVlIl0sIm5iZiI6MTU4NTQzNzgzNywiZXhwIjoxNTg1NTI0MjM3LCJpYXQiOjE1ODU0Mzc4Mzd9.DwDCeMXBrgzGeI1w2PgnIlYeccma73BaFuN2p1ryzlwCJr815V6Q3hYMzX-PXfmOr_94fQnM4PHbJPwRNoTItw
UseAuthentication()和UseAuthorization()的顺序在Configure方法中不正确。身份验证应该首先,然后是授权: