2回答

小怪兽爱吃肉

如果您使用自己的自定义令牌，您可以这样做：客户端（.NET，但我想你会理解的）：var connection = new HubConnection("url", "CustomToken=SomeToken");connection.Start().Wait();服务器：    public override Task OnConnected()    {        if(Context.QueryString["CustomToken"] != "CorrectToken")        {            ///Forcefully close the connection            HttpContext.Current.Response.Close();        }        return base.OnConnected();    }

0 0

0

有只小跳蛙

在这种情况下，您可以使用 JWT 令牌。配置非常简单：您Program.cs应该配置 JWT：JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();&nbsp; &nbsp; &nbsp; &nbsp; services&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .AddAuthentication(options =>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; })&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .AddJwtBearer(cfg =>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cfg.RequireHttpsMetadata = false;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cfg.SaveToken = true;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cfg.TokenValidationParameters = new TokenValidationParameters&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ValidIssuer = configuration["Jwt:Issuer"],&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ValidAudience = configuration["Jwt:Issuer"],&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Jwt:Key"])),&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ClockSkew = TimeSpan.Zero&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; };&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cfg.Events = new JwtBearerEvents&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; OnMessageReceived = context =>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if (context.Request.Query.TryGetValue("token", out var token)&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; )&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; context.Token = token;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; return Task.CompletedTask;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; };&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; });配置文件：&nbsp;"Jwt": {&nbsp; &nbsp; "Key": "someKey",&nbsp; &nbsp; "Issuer": "http://yourdomain.com",&nbsp; &nbsp; "ExpireDays": 0,&nbsp; &nbsp; "ExpireHours": 1,&nbsp; &nbsp; "ExpireMinutes": 0},在 Angular 中，您应该创建拦截器，它将向每个请求添加 Authentications 标头：@Injectable()export class JwtInterceptor implements HttpInterceptor {&nbsp; &nbsp; constructor(private userContext: UserContext) { }intercept(&nbsp; &nbsp; request: HttpRequest<any>,&nbsp; &nbsp; next: HttpHandler): Observable<HttpEvent<any>> {&nbsp; &nbsp; const authToken = this.userContext.getToken();&nbsp; &nbsp; if (!!authToken) {&nbsp; &nbsp; &nbsp; &nbsp; request = request.clone({&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; setHeaders: {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Authorization: `Bearer ${authToken}`&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; });&nbsp; &nbsp; }&nbsp; &nbsp; return next.handle(request);&nbsp; &nbsp; }}

0 0

0