前言:
如今看官们对“aspnet插入字符”大致比较重视,看官们都需要了解一些“aspnet插入字符”的相关资讯。那么小编同时在网络上网罗了一些关于“aspnet插入字符””的相关知识,希望兄弟们能喜欢,大家快快来了解一下吧!这个代码段演示了如何为一个ASP.NET Core项目中添加Apikey验证支持。
首先,通过下面的代码创建项目
dotnet new webapi -minimal -o yourwebapi
然后修改已经生成的 builder.Services.AddSwaggerGen 这个方法,以便在Swagger 的页面可以输入ApiKey进行调试。
builder.Services.AddSwaggerGen((options) =>{ options.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme { Type = SecuritySchemeType.ApiKey, In = ParameterLocation.Header, Name = "ApiKey" }); options.AddSecurityRequirement(new OpenApiSecurityRequirement { { new OpenApiSecurityScheme { Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "ApiKey" } }, new string[] {} } });});
在 var app = builder.Build(); 这一行下方添加一个中间件,用来验证ApiKey。请注意,这里特意跳过了swagger目录。另外,这里的密钥校验是硬编码的,你可以修改成自己需要的方式。
app.Use(async (context, next) =>{ var found = context.Request.Headers.TryGetValue("ApiKey", out var key); if (context.Request.Path.StartsWithSegments("/swagger") || (found && key == "abc")) { await next(context); } else { context.Response.StatusCode = 401; await context.Response.WriteAsync("没有合法授权"); return; }});
通过 dotnet watch run 将应用运行起来,并且访问 /swagger/index.html 这个网页,可以看到当前API项目的所有方法,并且可以输入ApiKey
然后你就可以在swagger 中进行API 调用测试了,当然你也可以通过 postman 等工具来测试。这里就不展开了。
完整代码如下,请参考
using Microsoft.OpenApi.Models;var builder = WebApplication.CreateBuilder(args);// Add services to the container.// Learn more about configuring Swagger/OpenAPI at ;builder.Services.AddSwaggerGen((options) =>{ options.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme { Type = SecuritySchemeType.ApiKey, In = ParameterLocation.Header, Name = "ApiKey" }); options.AddSecurityRequirement(new OpenApiSecurityRequirement { { new OpenApiSecurityScheme { Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "ApiKey" } }, new string[] {} } });});var app = builder.Build();app.Use(async (context, next) =>{ var found = context.Request.Headers.TryGetValue("ApiKey", out var key); if (context.Request.Path.StartsWithSegments("/swagger") || (found && key == "abc")) { await next(context); } else { context.Response.StatusCode = 401; await context.Response.WriteAsync("没有合法授权"); return; }});// Configure the HTTP request pipeline.if (app.Environment.IsDevelopment()){ app.UseSwagger(); app.UseSwaggerUI();}app.UseHttpsRedirection();var summaries = new[]{ "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"};app.MapGet("/weatherforecast", () =>{ var forecast = Enumerable.Range(1, 5).Select(index => new WeatherForecast ( DateTime.Now.AddDays(index), Random.Shared.Next(-20, 55), summaries[Random.Shared.Next(summaries.Length)] )) .ToArray(); return forecast;}).WithName("GetWeatherForecast");app.Run();record WeatherForecast(DateTime Date, int TemperatureC, string? Summary){ public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);}
文章来自
版权声明:
本站文章均来自互联网搜集,如有侵犯您的权益,请联系我们删除,谢谢。
标签: #aspnet插入字符