ASP.NETCore6基本身份验证问题Postman提交方法
在ASP.NET Core 6中,开发人员可能遇到使用Postman进行基本身份验证的问题。当使用Postman提交一个包含基本身份验证标头的POST请求时,服务器会返回401未经授权的状态码。
解决此问题的方法是在Startup.cs文件中添加以下代码:
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.OpenApi.Models; using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks;
namespace YourProjectNamespace { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; }
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
ValidIssuer = Configuration["Jwt:Issuer"],
ValidAudience = Configuration["Jwt:Issuer"],
ValidateIssuer = true,
ValidateAudience = true,
IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Configuration["Jwt:Key"]))
};
});
services.AddControllers();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
}
这个代码对JWT身份验证作了如下配置:
-
首先,我们在 services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) 中添加JWT身份验证;
-
然后,配置JWT身份验证选项。包括Issuer和Audience的检查,以及IssuerSigningKey的使用。
-
最后,在Configure方法中使用app.UseAuthentication();添加身份验证中间件,以确保每次发送请求