前置笔记:
长轮询问题在ABP中的解决方案,SignalR_董厂长的博客-CSDN博客
关于SignalR的内容延续:1.协商协议 2.分布式部署_董厂长的博客-CSDN博客
- 1、目前SignalR问题:谁都能连。讲JWT方案。
- 2、配置SigningKey、ExpireSeconds。创建配置类JWTOptions。
- 3、NuGet:Microsoft.AspNetCore.Authentication.JwtBearer
var services = builder.Services;
services.Configure<JWTOptions>(builder.Configuration.GetSection("JWT"));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(x =>
{
var jwtOpt = builder.Configuration.GetSection("JWT").Get<JWTOptions>();
byte[] keyBytes = Encoding.UTF8.GetBytes(jwtOpt.SigningKey);
var secKey = new SymmetricSecurityKey(keyBytes);
x.TokenValidationParameters = new() {ValidateIssuer = false,
ValidateAudience = false, ValidateLifetime = true,
ValidateIssuerSigningKey = true, ssuerSigningKey = secKey};
// 新增的部分
x.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
var accessToken = context.Request.Query["access_token"];
var path = context.HttpContext.Request.Path;
if (!string.IsNullOrEmpty(accessToken) &&
(path.StartsWithSegments("/Hubs/ChatRoomHub"))) context.Token = accessToken;
return Task.CompletedTask;
}
};
});
5、app.UseAuthorization()这行代码之前添加app.UseAuthentication()。
6、在控制器类Test1Controller中增加登录并且创建JWT令牌的操作方法Login。返回JWT。
7、在需要登录才能访问的集线器类上或者方法上添加[Authorize]。也支持角色等设置,可以设置到Hub或者方法上。
const startConn = async function () {
const transport = signalR.HttpTransportType.WebSockets;
const options = { skipNegotiation: true, transport: transport };
// 这一行 很重要 看一下 啊啊啊啊啊!!!!!
options.accessTokenFactory = () => state.accessToken;
connection = new signalR.HubConnectionBuilder()
.withUrl('https://localhost:7047/Hubs/ChatRoomHub', options)
.withAutomaticReconnect().build();
await connection.start();
connection.on('ReceivePublicMessage', msg => {
state.messages.push(msg);
});
alert("登陆成功可以聊天了");
};