ASP.NET Core 托管 Blazor 模板中的授权问题
我在 api 的控制器函数上使用[Authorize]属性,它总是显示数据,这些属性不起作用,当我调试身份用户时,我发现它没有经过身份验证,但它总是发送 json 数据,而它应该发送未经身份验证的响应,任何帮助知道为什么授权属性不起作用吗?
using System;
using System.IO.Compression;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.ResponseCompression;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Newtonsoft.Json.Serialization;
using System.Linq;
using System.Security.Cryptography.X509Certificates;
using MedicalDivision.Server.Security;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection.Extensions;
namespace test.Server
{
public class Startup
{
private X509Certificate2 Cert { get; }
private IConfiguration Configuration { get; }
private IWebHostEnvironment Env { get; }
private ITokenProvider TokenProvider { get; }
private PasswordHelper PasswordHelper { get; }
private IHttpContextAccessor httpContextAccessor { get; }
private IServiceProvider ServiceProvider { get; }
public readonly string _myAllowSpecificOrigins = "_myAllowSpecificOrigins";
public Startup(IConfiguration configuration,IWebHostEnvironment env,IServiceProvider serviceProvider)
{
ServiceProvider = serviceProvider;
Configuration = configuration;
Env = env;
Cert = new X509Certificate2(Convert.FromBase64String(Configuration["Auth:Cert:Data"]), Configuration["Auth:Cert:Password"], X509KeyStorageFlags.MachineKeySet);
TokenProvider =new JwtTokenProvider(Cert, Configuration,env);
PasswordHelper = new PasswordHelper();
httpContextAccessor = ServiceProvider.GetService<IHttpContextAccessor>();
}
大话西游6662回答
-
慕容708150
后面需要配置aut&auth的中间件:public void Configure(IApplicationBuilder app, IWebHostEnvironment env){ // not here // app.UseAuthentication(); // app.UseAuthorization(); app.UseResponseCompression(); if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseBlazorDebugging(); } app.UseCors(_myAllowSpecificOrigins); app.UseStaticFiles(); app.UseClientSideBlazorFiles<Client.Startup>(); app.UseRouting(); // but here app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapDefaultControllerRoute(); endpoints.MapFallbackToClientSideBlazor<Client.Startup>("index.html"); });}它们必须添加到路由下方(在路由之后执行)。 -
温温酱
也许你需要这样的东西:services.AddMvcCore(options =>{ var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); options.Filters.Add(new AuthorizeFilter(policy));});
随时随地看视频慕课网APP
相关分类
C#