关于SignalR的身份认证问题

来源：筏尚旅游网

前置笔记：

var services = builder.Services;
services.Configure<JWTOptions>(builder.Configuration.GetSection("JWT"));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(x =>
{
	var jwtOpt = builder.Configuration.GetSection("JWT").Get<JWTOptions>();
	byte[] keyBytes = Encoding.UTF8.GetBytes(jwtOpt.SigningKey);
	var secKey = new SymmetricSecurityKey(keyBytes);
	x.TokenValidationParameters = new() {ValidateIssuer = false,
		ValidateAudience = false, ValidateLifetime = true,
		ValidateIssuerSigningKey = true, ssuerSigningKey = secKey};

    // 新增的部分
    x.Events = new JwtBearerEvents
    {
        OnMessageReceived = context =>
        {
            var accessToken = context.Request.Query["access_token"];
            var path = context.HttpContext.Request.Path;
            if (!string.IsNullOrEmpty(accessToken) &&
                (path.StartsWithSegments("/Hubs/ChatRoomHub"))) context.Token = accessToken;
           return Task.CompletedTask;
        }
    };
});

5、app.UseAuthorization()这行代码之前添加app.UseAuthentication()。

6、在控制器类Test1Controller中增加登录并且创建JWT令牌的操作方法Login。返回JWT。

7、在需要登录才能访问的集线器类上或者方法上添加[Authorize]。也支持角色等设置，可以设置到Hub或者方法上。

const startConn = async function () {
	const transport = signalR.HttpTransportType.WebSockets;
	const options = { skipNegotiation: true, transport: transport };
    // 这一行 很重要  看一下 啊啊啊啊啊！！！！！
	options.accessTokenFactory = () => state.accessToken;
	connection = new signalR.HubConnectionBuilder()
		.withUrl('https://localhost:7047/Hubs/ChatRoomHub', options)
		.withAutomaticReconnect().build();
	await connection.start();
	connection.on('ReceivePublicMessage', msg => {
 		state.messages.push(msg);
 	});
 	alert("登陆成功可以聊天了");
 };

因篇幅问题不能全部显示，请点此查看更多更全内容

查看全文