1、在Startup类的Configure方法,添加身份验证的中间件AuthenticationMiddleware
app.UseAuthentication();
2、在Startup类的ConfigureServices方法,添加Cookie验证的服务,使用Cookies验证体系,
CookieAuthenticationDefaults.AuthenticationScheme="Cookies"
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.AccessDeniedPath = "/Sys/Home/Index";
options.LoginPath = "/Sys/Home/Login";
options.Cookie.Name = "AuthCookie";
options.Cookie.Path = "/";
options.Cookie.Expiration = TimeSpan.FromMinutes();
});
3、添加登录action,ClaimsIdentity(string authenticationType)的authenticationType必须和service设置的验证体系一样,才能正常验证,
[HttpPost]
[AllowAnonymous]
public async Task<ActionResult> Login()
{
string AdminAccount = Request.Form["AdminAccount"];
string Password = Request.Form["Password"];
if (string.IsNullOrWhiteSpace(AdminAccount))
{
return JsonError("账号不能为空");
}
if (string.IsNullOrWhiteSpace(Password))
{
return JsonError("密码不能为空");
}
Admin admin = _context.Admins.FirstOrDefault(c => c.AdminAccount == AdminAccount && c.Password == Password);
if (admin == null)
{
return JsonError("用户名或者密码错误");
}
ClaimsIdentity identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
identity.AddClaim(new Claim(ClaimTypes.Name, admin.Id.ToString()));
await HttpContext.SignInAsync(new ClaimsPrincipal(identity));
return JsonSuccess();
}
4、在需要验证的控制器上加[AuthorizeAttribute]特性,通过HttpContext.User.Identity.IsAuthenticated可判断用户是否已通过验证
5、退出登录Action
/// <summary>
/// 退出登录
/// </summary>
/// <returns></returns>
public async Task<ActionResult> SignOut()
{
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
return JsonSuccess();
}