.NET Core 2.1 个人账号邮递员登录

Question

Using Visual Studio 2019, and setting up a new .NET Core 2.1 Project using "Individual User Accounts" everything works great.使用 Visual Studio 2019，并使用“个人用户帐户”设置新的 .NET Core 2.1 项目，一切正常。 I can register new users, login with them etc using the built in scaffolding.我可以使用内置的脚手架注册新用户、使用他们登录等。 However... how do I login from Postman or any external method?但是......我如何从邮递员或任何外部方法登录？ Where/how can I pass the username/password?我在哪里/如何传递用户名/密码？

Here is the Startup.cs (mostly default):这是 Startup.cs（大部分是默认的）：

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.Configure<CookiePolicyOptions>(options =>
        {
            // This lambda determines whether user consent for non-essential cookies is needed for a given request.
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddDbContext<ApplicationDbContext>(options =>
            options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

        services.AddDefaultIdentity<IdentityUser>().AddEntityFrameworkStores<ApplicationDbContext>();

        services.AddMvc()
       .AddRazorPagesOptions(options =>
       {
           options.Conventions.AuthorizePage("/About", "RequireAdministratorRole");
           options.Conventions.AuthorizeAreaPage("Identity", "/Account/Register");
       })
        .SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
            services.AddSingleton<Settings>();
            //services.AddSingleton<Tools>();
            Tools tools = new Tools(Configuration);
        services.Configure<IdentityOptions>(options =>
        {
            // Password settings.
            options.Password.RequireDigit = true;
            options.Password.RequireLowercase = true;
            options.Password.RequireNonAlphanumeric = true;
            options.Password.RequireUppercase = true;
            options.Password.RequiredLength = 9;
            options.Password.RequiredUniqueChars = 1;

            // Lockout settings.
            options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
            options.Lockout.MaxFailedAccessAttempts = 5;
            options.Lockout.AllowedForNewUsers = true;

            // User settings.
            options.User.AllowedUserNameCharacters =
            "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";
            options.User.RequireUniqueEmail = false;
        });

        services.ConfigureApplicationCookie(options =>
        {
            // Cookie settings
            options.Cookie.HttpOnly = true;
            options.ExpireTimeSpan = TimeSpan.FromMinutes(5);

            options.LoginPath = "/Identity/Account/Login";
            options.AccessDeniedPath = "/Identity/Account/AccessDenied";
            options.SlidingExpiration = true;
        });
    }


    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();
        app.UseAuthentication();


        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}

Answer 1

You've now configured your application to use Cookie authentication.您现在已将应用程序配置为使用 Cookie 身份验证。 It is not a recommended method to use for API apps like in your scenario, you want to login using Postman.不推荐用于 API 应用程序的方法，例如在您的场景中，您想使用 Postman 登录。 Token or JWT authentication is the recommended one.令牌或 JWT 身份验证是推荐的一种。 Here is some Microsoft documentation on working with Single Page Application authentication and authorization这是一些关于使用单页应用程序身份验证和授权的Microsoft 文档

And by external systems you mean social media providers?外部系统是指社交媒体提供商吗？ You will be able to see the documentation on configuring social media login in ASP.NET Core.您将能够看到有关在 ASP.NET Core 中配置社交媒体登录的文档。

Answer 2

how do I login from Postman or any external method?如何从 Postman 或任何外部方法登录？ Where/how can I pass the username/password?我在哪里/如何传递用户名/密码？

In my understanding you want to directly post username/password to identity for login ?据我了解，您想直接将用户名/密码发布到身份以进行登录？ ASP.NET Core Identity by default prevent cross-site request forgery and you shouldn't directly pass username/password to asp.net core identity for sign in . ASP.NET Core 标识默认防止跨站点请求伪造，您不应直接将用户名/密码传递给 ASP.NET 核心标识进行登录。

.NET Core 2.1 个人账号邮递员登录

问题描述

2 个解决方案

解决方案1
1 已采纳 2020-04-01 23:13:22

解决方案2
0 2020-04-02 03:00:37

.NET Core 2.1 个人账号邮递员登录

问题描述

2 个解决方案

解决方案1 1 已采纳 2020-04-01 23:13:22

解决方案2 0 2020-04-02 03:00:37

解决方案1
1 已采纳 2020-04-01 23:13:22

解决方案2
0 2020-04-02 03:00:37