那些遇到过的问题

小编Hun*_*ach的帖子

我们可以在Asp.NET Core中销毁/无效JWT令牌吗?

我使用ASP.NET Core和ASP.NET核心Identity来生成JWT令牌.

在客户端,我的react(SPA)应用程序调用API来创建令牌,然后包含Authorization: Bearer tokenFromApi在子请求中.

当我想注销时如何立即使服务器端的令牌过期?

目前我只是bear在客户端删除令牌而不包含在下一个请求中?

参考:https://blogs.msdn.microsoft.com/webdev/2017/04/06/jwt-validation-and-authorization-in-asp-net-core/

守则ConfigureStartup.cs 

app.UseJwtBearerAuthentication(new JwtBearerOptions
{
    AutomaticAuthenticate = true,
    AutomaticChallenge = true,
    TokenValidationParameters = new TokenValidationParameters
    {
        ValidIssuer = "MySite",
        ValidAudience = "MySite",
        ValidateIssuerSigningKey = true,
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("VERYL0NGKEYV@LUETH@TISSECURE")),
        ValidateLifetime = true
    }
});
Run Code Online (Sandbox Code Playgroud)

用于创建令牌的API

[HttpPost("Token")]
public async Task<IActionResult> CreateToken([FromBody] LoginModel model)
{
    try
    {
        var user = await userManager.FindByNameAsync(model.Email);
        if (passwordHasher.VerifyHashedPassword(user, user.PasswordHash, model.Password) == PasswordVerificationResult.Success)
        {

            var claims = new[]
            { …
Run Code Online (Sandbox Code Playgroud)

authentication jwt .net-core asp.net-core asp.net-core-identity

Hun*_*ach
2019 02-14
9
推荐指数
1
解决办法
8080
查看次数

将.NET Core重新定位到net471,net 472

我的.Netcore 2.0项目可以定位net471.但是当我升级到.NET 2.1时,我无法重新定位net471net472

我可以在最新版本的.NET核心中重新定位吗?

Severity Code Description Project File Line Suppression State
Error NU1202 Package Microsoft.AspNetCore.App 2.1.0 is not compatible with net471 (.NETFramework,Version=v4.7.1). Package Microsoft.AspNetCore.App 2.1.0 supports: netcoreapp2.1 (.NETCoreApp,Version=v2.1)
Run Code Online (Sandbox Code Playgroud) 

Severity Code Description Project File Line Suppression State
Error NU1202 Package Microsoft.AspNetCore.App 2.1.0 is not compatible with net472 (.NETFramework,Version=v4.7.2). Package Microsoft.AspNetCore.App 2.1.0 supports: netcoreapp2.1 (.NETCoreApp,Version=v2.1)
Run Code Online (Sandbox Code Playgroud)

.net-core asp.net-core asp.net-core-2.0 .net-core-2.1

Hun*_*ach
2018 06-20
9
推荐指数
1
解决办法
6120
查看次数

如果用户登录在Asp.Net Core标识中连续失败,如何禁用帐户

目前,我在我的系统中使用Asp.net核心1.1,EF核心和Asp.net核心身份.我在startup.cs课堂上有一个配置密码策略.

是否有配置在用户连续登录失败时禁用帐户?

services.Configure<IdentityOptions>(options =>
{
    // Password settings
    options.Password.RequireDigit = true;
    options.Password.RequiredLength = 6;
    options.Password.RequireNonAlphanumeric = true;
    options.Password.RequireUppercase = true;
    options.Password.RequireLowercase = true;
}
Run Code Online (Sandbox Code Playgroud)

c# asp.net-identity entity-framework-core asp.net-core asp.net-core-identity

Hun*_*ach
lucky-day
2
推荐指数
1
解决办法
613
查看次数

标签 统计

asp.net-core ×3

.net-core ×2

asp.net-core-identity ×2

.net-core-2.1 ×1

asp.net-core-2.0 ×1

asp.net-identity ×1

authentication ×1

c# ×1

entity-framework-core ×1

jwt ×1