如何让ASP.NET Core MVC项目中的相关项目受到一次授权保护?集中式认证和授权系统。无需第三方应用程序的参与。
最简单的例子。提前非常感谢您。
Program.csbuilder.Services.AddAuthorization();
builder.Services.AddAuthorization();
// ...
app.UseAuthentication();
app.UseAuthorization();
AccountControllerpublic class AccountController : Controller
{
private readonly UserManager<IdentityUser> _userManager;
private readonly SignInManager<IdentityUser> _signInManager;
public AccountController(UserManager<IdentityUser> userManager,
SignInManager<IdentityUser> signInManager)
{
_userManager = userManager;
_signInManager = signInManager;
}
// ...
}
Program.csbuilder.Services.AddAuthorization();
builder.Services.AddAuthorization();
// ...
app.UseAuthentication();
app.UseAuthorization();
HomeControllerpublic class HomeController : Controller
{
[Authorize]
public IActionResult Index()
{
return View();
}
}
在所有应用程序中配置具有相同名称和加密密钥的共享 cookie。一个项目中的 ASP.NET Core Identity 应发出 cookie,其他项目应接受相同的 cookie 进行身份验证。
Program.cs(身份项目):
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
var connectionString = builder.Configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");
builder.Services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(connectionString));
builder.Services.AddDatabaseDeveloperPageExceptionFilter();
builder.Services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
builder.Services.AddControllersWithViews();
// Configure cookie authentication for shared cookie
builder.Services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(@"c:\PATH TO COMMON KEY RING FOLDER"))
.SetApplicationName("SharedCookieApp");
builder.Services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseMigrationsEndPoint();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.MapRazorPages();
app.Run();
Program.cs(其他项目):
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllersWithViews();
builder.Services.AddAuthentication("Identity.Application") // Identity cookie scheme
.AddCookie("Identity.Application", options =>
{
options.Cookie.Name = ".AspNet.SharedCookie"; // Must match the identity project's cookie name
});
builder.Services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(@"c:\PATH TO COMMON KEY RING FOLDER"))
.SetApplicationName("SharedCookieApp");
builder.Services.AddAuthorization();
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.Run();