重构代码：重写BootstrapAdminAuthorizeFilter逻辑，准备使用jwt认证方式保护webapi

2018-09-11 19:58:12 +08:00 · 2018-09-11 19:58:12 +08:00 · 56c21208a1
parent fa80df6049
commit 56c21208a1
3 changed files with 11 additions and 16 deletions
--- a/Bootstrap.Admin/Controllers/Api/LoginController.cs
+++ b/Bootstrap.Admin/Controllers/Api/LoginController.cs
@ -1,10 +1,7 @@
 using Bootstrap.Security;
-using Longbow.Cache;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Newtonsoft.Json.Linq;
-using System;
-using System.Linq;

 namespace Bootstrap.Admin.Controllers.Api
 {
@ -17,12 +14,6 @@ namespace Bootstrap.Admin.Controllers.Api
    [Route("api/[controller]")]
    public class LoginController : Controller
    {
-        [HttpGet]
-        public object Get()
-        {
-            var token = Request.Headers["Token"];
-            return new { UserName = User.Identity.Name, Token = token };
-        }
        /// <summary>
        /// 
        /// </summary>
@ -30,18 +21,17 @@ namespace Bootstrap.Admin.Controllers.Api
        /// <returns></returns>
        [AllowAnonymous]
        [HttpPost]
-        public object Post([FromBody]JObject value)
+        public ActionResult Post([FromBody]JObject value)
        {
            dynamic user = value;
            string userName = user.userName;
            string password = user.password;
            if (BootstrapUser.Authenticate(userName, password))
            {
-                var token = CacheManager.AddOrUpdate(string.Format("WebApi-{0}", userName), k => new { UserName = userName, Token = Guid.NewGuid().ToString() }, (k, info) => info, "WebApi");
-                CacheManager.AddOrUpdate(token.Token, k => token, (k, info) => info, "Token");
-                return token;
+                var token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
+                return new JsonResult(new { token });
            }
-            return new { UserName = userName };
+            return new NoContentResult();
        }
        /// <summary>
        /// 
--- a/Bootstrap.Admin/Startup.cs
+++ b/Bootstrap.Admin/Startup.cs
@ -79,7 +79,6 @@ namespace Bootstrap.Admin
            app.UseCors(builder => builder.WithOrigins(Configuration["AllowOrigins"].Split(',', StringSplitOptions.RemoveEmptyEntries)).AllowAnyHeader().AllowAnyMethod().AllowCredentials());
            app.UseHttpsRedirection();
            app.UseStaticFiles();
-            app.UseCookiePolicy();
            app.UseAuthentication();
            app.UseBootstrapRoleAuthorization();
            app.UseWebSocketHandler(options => options.UseAuthentication = true, WSHelper.WebSocketMessageHandler);
@ -92,4 +91,4 @@ namespace Bootstrap.Admin
            });
        }
    }
-}
+}
--- a/Bootstrap.Admin/appsettings.json
+++ b/Bootstrap.Admin/appsettings.json
@ -15,6 +15,12 @@
  "ConnectionStrings": {
    "ba": "Data Source=.;Initial Catalog=BootstrapAdmin;User ID=sa;Password=sa"
  },
+  "TokenValidateOption": {
+    "Issuer": "BA",
+    "Audience": "api",
+    "Expires": 5,
+    "SecurityKey": "BootstrapAdmin-V1.1"
+  },
  "ApplicationName": "__bd__",
  "ApplicationDiscriminator": "BootstrapAdmin",
  "KeyPath": "D:\\App\\Web-App\\keys",