将UserStore注册到DI系统中:
public void ConfigureServices(IServiceCollection services) { ... services.AddSingleton<UserStore>(); }由于我们并没有使用MVC,而使用字符串拼接的形式返回HTML较为费劲,在这里定义几个生成HTML的扩展方法:
public static class HttpResponseExtensions { public static async Task WriteHtmlAsync(this HttpResponse response, Func<HttpResponse, Task> writeContent) { var bootstrap = "<link rel=http://www.likecs.com/\"stylesheet\" href=http://www.likecs.com/\"https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css\" integrity=http://www.likecs.com/\"sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u\" crossorigin=http://www.likecs.com/\"anonymous\">"; response.ContentType = "text/html"; await response.WriteAsync($"<!DOCTYPE html><html lang=http://www.likecs.com/\"zh-CN\"><head><meta charset=http://www.likecs.com/\"UTF-8\">{bootstrap}</head><body><div class=http://www.likecs.com/\"container\">"); await writeContent(response); await response.WriteAsync("</div></body></html>"); } public static async Task WriteTableHeader(this HttpResponse response, IEnumerable<string> columns, IEnumerable<IEnumerable<string>> data) { await response.WriteAsync("<table class=http://www.likecs.com/\"table table-condensed\">"); await response.WriteAsync("<tr>"); foreach (var column in columns) { await response.WriteAsync($"<th>{HtmlEncode(column)}</th>"); } await response.WriteAsync("</tr>"); foreach (var row in data) { await response.WriteAsync("<tr>"); foreach (var column in row) { await response.WriteAsync($"<td>{HtmlEncode(column)}</td>"); } await response.WriteAsync("</tr>"); } await response.WriteAsync("</table>"); } public static string HtmlEncode(string content) => string.IsNullOrEmpty(content) ? string.Empty : HtmlEncoder.Default.Encode(content); } 认证流程接下来,便可以在我们的应用程序中愉快的使用认证系统了。在本文中只是最简单的演示,便不使用MVC了,而是在Configure中通过中间件的形式来实现。
登录首先,我们定义一个登录的页面以及登录成功后身体令牌的发放:
app.Map("/Account/Login", builder => builder.Run(async context => { if (context.Request.Method == "GET") { await context.Response.WriteHtmlAsync(async res => { await res.WriteAsync($"<form method=http://www.likecs.com/\"post\">"); await res.WriteAsync($"<input type=http://www.likecs.com/\"hidden\" name=http://www.likecs.com/\"returnUrl\" value=http://www.likecs.com/\"{HttpResponseExtensions.HtmlEncode(context.Request.Query["ReturnUrl"])}\"/>"); await res.WriteAsync($"<div class=http://www.likecs.com/\"form-group\"><label>用户名:<input type=http://www.likecs.com/\"text\" name=http://www.likecs.com/\"userName\" class=http://www.likecs.com/\"form-control\"></label></div>"); await res.WriteAsync($"<div class=http://www.likecs.com/\"form-group\"><label>密码:<input type=http://www.likecs.com/\"password\" name=http://www.likecs.com/\"password\" class=http://www.likecs.com/\"form-control\"></label></div>"); await res.WriteAsync($"<button type=http://www.likecs.com/\"submit\" class=http://www.likecs.com/\"btn btn-default\">登录</button>"); await res.WriteAsync($"</form>"); }); } else { var userStore = context.RequestServices.GetService<UserStore>(); var user = userStore.FindUser(context.Request.Form["userName"], context.Request.Form["password"]); if (user == null) { await context.Response.WriteHtmlAsync(async res => { await res.WriteAsync($"<h1>用户名或密码错误。</h1>"); await res.WriteAsync("<a class=http://www.likecs.com/\"btn btn-default\" href=http://www.likecs.com/\"/Account/Login\">返回</a>"); }); } else { var claimIdentity = new ClaimsIdentity("Cookie"); claimIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())); claimIdentity.AddClaim(new Claim(ClaimTypes.Name, user.Name)); claimIdentity.AddClaim(new Claim(ClaimTypes.Email, user.Email)); claimIdentity.AddClaim(new Claim(ClaimTypes.MobilePhone, user.PhoneNumber)); claimIdentity.AddClaim(new Claim(ClaimTypes.DateOfBirth, user.Birthday.ToString())); var claimsPrincipal = new ClaimsPrincipal(claimIdentity); // 在上面注册AddAuthentication时,指定了默认的Scheme,在这里便可以不再指定Scheme。 await context.SignInAsync(claimsPrincipal); if (string.IsNullOrEmpty(context.Request.Form["ReturnUrl"])) context.Response.Redirect("http://www.likecs.com/"); else context.Response.Redirect(context.Request.Form["ReturnUrl"]); } } }));