.Net Core 接口添加 jwt 验证

1. 说明

• 因需要，需要对每个接口添加 jwt 验证，在添加过程中，遇到一些问题，这里作个记录，方便日后参考

• 如何在 .net core （3.1）添加 jwt 验证并不是这篇日志的重点（不过，这里可以给出几篇博客）

• .Net Core 集成JWT授权验证 从页面到API详解

• .Net Core之JWT认证方案

2. 操作

• 结合进项目后，需要在对应的接口上添加（ [Authorize] ）过滤器

[HttpGet]
[Authorize]
public ActionResult GetGradeList()
{
    ResponseData result = new ResponseData();
    try
    {
        result.ErrorCode = 0;
        result.Message = "操作成功";
        result.DataList = new ModelData
        {
            DataList = models
        };
        return new JsonResult(result);
    }
    catch (Exception ex)
    {
        return this.ControllerExHandler(result, "GetGradeList", ex);

    }

}

• postman 中调用获取token 接口

获取token

• 我们如果直接调用接口会收到 401 的错误

调用接口401

• 加入token 再次请求

加入token请求

• 有效的访问令牌仍然获得401，查看后台代码

Startup.cs 文件

app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
                 {
                     endpoints.MapControllers();
                     endpoints.MapControllerRoute(
                         name: "default",
                         pattern: "{controller=Home}/{action=Index}/{id?}");
                 });
app.UseMvc();

• 必须在MVC之前设置身份验证的中间件。

app.UserAuthentication（）; 
app.UseMvc（）;

• 请注意上面的顺序，这是我最终对了之后的顺序，下面我针对遇到的错误进行记录和解释

3. 错误

• 错误1

<pre class="md-fences md-end-block ty-contain-cm modeLoaded" spellcheck="false" lang="" cid="n21" mdtype="fences" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative !important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit; color: rgb(51, 51, 51); font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;">System.InvalidOperationException: Endpoint WebApi.Controllers.RoleController.GetGradeList (WebApi) contains authorization metadata, but a middleware was not found that supports authorization.
Configure your application startup by adding app.UseAuthorization() inside the call to Configure(..) in the application startup code. The call to app.UseAuthorization() must appear between app.UseRouting() and app.UseEndpoints(...).
 at Microsoft.AspNetCore.Routing.EndpointMiddleware.ThrowMissingAuthMiddlewareException(Endpoint endpoint)
 at Microsoft.AspNetCore.Routing.EndpointMiddleware.Invoke(HttpContext httpContext)
 at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.Invoke(HttpContext context, ICorsPolicyProvider corsPolicyProvider)
 at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass4_1.<UseMiddleware>b__2(HttpContext context)
 at Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware.Invoke(HttpContext httpContext)
 at Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context)
 at Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context)
 at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

HEADERS
=======
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/json
Accept: */*
Accept-Encoding: gzip, deflate
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJJc0FkbWluIjpmYWxzZSwiVXNlck5hbWUiOiJzYSIsIkxvZ2luQ29kZSI6InNhIiwiQ3VzdENvZGUiOiJhZG1pbiIsIkNvbXBhbnlDb2RlIjoiU3lzdGVtLk9iamVjdCIsIlJvbGVDb2RlIjoiMDIiLCJSb2xlUHJpb3JpdHkiOiIwIiwiTG9naW5OYW1lIjoi57O757uf566h55CG5ZGYIiwibmJmIjoxNjcwODI4OTEyLCJleHAiOjE2NzEwMjg5MTIsImlzcyI6Imp3dElzc3VlclVwbHVzIiwiYXVkIjoiand0QXVkaWVuY2VVcGx1cyJ9.g7woaHP5gm7Hqs_TIKm6CNl_el2DFct9ZKCwamNl06Q
Host: 192.168.1.109:5003
User-Agent: PostmanRuntime/7.1.1
Postman-Token: 108206ea-ef02-44ba-880f-fbebdfedbbf4
</pre>

• 上面这个错误是因为 顺序问题错误写法

错误顺序

• 正确顺序

app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
                 {
                     endpoints.MapControllers();
                     endpoints.MapControllerRoute(
                         name: "default",
                         pattern: "{controller=Home}/{action=Index}/{id?}");
                 });
app.UseMvc();