1. 将认证添加到服务中
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
//登入地址
options.LoginPath = "/Account/FcbLogin/";
//登出地址
options.LogoutPath = "/Account/FcbLogout/";
//设置cookie过期时长
//options.ExpireTimeSpan = TimeSpan.FromSeconds(10);
});
所有CookieAuthenticationOptions 属性可以查看微软官方文档
2. 注入管道
这里认证要在授权之前注入
app.UseAuthentication();
3. 添加登入和登出
这里我没有验证用户账号密码,只是写了登入和登出的相关代码,这里也可以喝注入认证那里一样,这是票证过期时间
[HttpPost]
public async Task<ActionResult> Login(UserLogin model)
{
//这里的scheme一定要和注入服务的scheme一样
var identity = new ClaimsIdentity(new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme));
//自定义的claim信息
identity.AddClaim(new Claim("abc", "123"));
AuthenticationProperties properties = new AuthenticationProperties()
{
//设置cookie票证的过期时间
ExpiresUtc = DateTime.Now.AddDays(1),
RedirectUri = model.ReturnUrl
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity), properties);
if (string.IsNullOrEmpty(model.ReturnUrl))
{
return LocalRedirect("/");
}
return LocalRedirect(model.ReturnUrl);
}
[HttpGet]
public ActionResult FcbLoginOut()
{
//AuthenticationProperties properties = new AuthenticationProperties()
//{
// ExpiresUtc = DateTime.Now.AddDays(-100)
//};
HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
return Ok();
}