我使用 blazor 作为前端,api 已完成 JWT 配置。前端可以创建用户帐户并登录API,但现在我的前端httpclient没有设置JWT令牌,所以如果我在Api控制器中设置[授权],前端将无法访问它。
api程序代码如下
builder.Services.AddIdentity<IdentityUser, IdentityRole>().AddEntityFrameworkStores<DBContext>();//add user model,role model and connect toDbcontext
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
options.TokenValidationParameters = new TokenValidationParameters() {
ValidateIssuer = true,
ValidIssuer = builder.Configuration["Authentication:Issuer"],
ValidateAudience = true,
ValidAudience = builder.Configuration["Authentication:Audience"],
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Authentication:SecretKey"]))
};
});
控制器代码如下
[HttpGet("all")]
[HttpHead]
//[Authorize(AuthenticationSchemes = "Bearer")]
[Authorize]
public async Task<ActionResult<IEnumerable<Quiz>>> GetQuizzesDetailsAsync() {
var quizzes= await _quizzesRepository.GetQuizzesDetailsAsync( );
var quizDtos=_mapper.Map<IEnumerable<QuizOverviewDto>>(quizzes);
return Ok(quizDtos);
}
前端 Blazor 程序代码如下
builder.Services.AddHttpClient<IQuizService, QuizService>(
client => client.BaseAddress = new Uri("https://localhost:7172"))
.AddHttpMessageHandler<CustomAuthorizationMessageHandler>();
和“CustomAuthorizationMessageHandler”代码如下。 …