RuoVea.ExJwtBearer
10.0.0.3
dotnet add package RuoVea.ExJwtBearer --version 10.0.0.3
NuGet\Install-Package RuoVea.ExJwtBearer -Version 10.0.0.3
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="RuoVea.ExJwtBearer" Version="10.0.0.3" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="RuoVea.ExJwtBearer" Version="10.0.0.3" />
<PackageReference Include="RuoVea.ExJwtBearer" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add RuoVea.ExJwtBearer --version 10.0.0.3
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: RuoVea.ExJwtBearer, 10.0.0.3"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package RuoVea.ExJwtBearer@10.0.0.3
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=RuoVea.ExJwtBearer&version=10.0.0.3
#tool nuget:?package=RuoVea.ExJwtBearer&version=10.0.0.3
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
📋 RuoVea.ExJwtBearer 组件概览
RuoVea.ExJwtBearer 是一个功能全面的 JWT 认证和授权组件,支持多种认证方式,包括 JWT 鉴权、Basic 认证、IdentityServer4 Client 认证和 Authing 认证。
🏗️ 核心架构
1. 认证方式枚举 (IdentifyEnum)
public enum IdentifyEnum
{
JwtBearer, // JWT Bearer 认证
BasicAuth, // Basic 认证
IdentityServer4, // IdentityServer4 认证
Authing // Authing 认证
}
🔧 核心配置
1. JWT 配置
{
"Jwt": {
"ValidateIssuerSigningKey": true,
"IssuerSigningKey": "3c1cbc3f546eda35168c3aa3cb91780fbe703f0996c6d123ea96dc85c70bbc0a",
"ValidateIssuer": true,
"ValidIssuer": "SecurityDemo.Authentication.JWT",
"ValidateAudience": true,
"ValidAudience": "jwtAudience",
"ValidateLifetime": true,
"ExpiredTime": 1440,
"ClockSkew": 5
}
}
2. Basic 认证配置
{
"BasicAuth": {
"ShowFrom": true,
"users": [
{
"username": "admin",
"password": "admin",
"role": "admin"
}
]
}
}
3. IdentityServer4 配置
{
"Ids4Client": {
"AuthorizationUrl": "http://localhost:5004",
"ApiName": "api1"
}
}
🚀 完整使用示例
1. 启动配置
Program.cs 配置
var builder = WebApplication.CreateBuilder(args);
// 添加认证
builder.Services.AddAuthenticationSetup(IdentifyEnum.JwtBearer);
// 添加授权
builder.Services.AddAuthorizationSetup<MyPermission>();
// 添加 JWT 设置
builder.Services.AddJwtSetup();
// 添加控制器
builder.Services.AddControllers();
var app = builder.Build();
// 使用认证和授权中间件
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
2. 自定义权限处理器
public class MyPermission : ApplicationPermission
{
private readonly ICurrentUser _currentUser;
private readonly IPermissionService _permissionService;
public MyPermission(ICurrentUser currentUser, IPermissionService permissionService)
{
_currentUser = currentUser;
_permissionService = permissionService;
}
public override async Task<bool> VerifyPermissionAsync(DefaultHttpContext httpContext, string permission)
{
long userId = _currentUser.UserId;
// 获取用户所有权限
var userPermissions = await _permissionService.GetUserPermissionsAsync(userId);
// 验证当前请求的权限
return userPermissions.Contains(permission);
}
}
// 权限服务实现
public class PermissionService : IPermissionService
{
public async Task<List<string>> GetUserPermissionsAsync(long userId)
{
// 从数据库或缓存获取用户权限
// 这里只是示例,实际应该从数据源获取
return await Task.FromResult(new List<string>
{
"api:user:get",
"api:order:create",
"api:product:read"
});
}
}
3. 用户信息服务
public class AspNetUser : ICurrentUser
{
private readonly IHttpContextAccessor _httpContextAccessor;
public AspNetUser(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
public long UserId
{
get
{
var claim = _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.CLAINM_USERID);
return claim != null ? long.Parse(claim.Value) : 0;
}
}
public string Account
{
get
{
var claim = _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.CLAINM_ACCOUNT);
return claim?.Value;
}
}
public string Name
{
get
{
var claim = _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.CLAINM_NAME);
return claim?.Value;
}
}
public bool IsAdmin
{
get
{
var claim = _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.CLAINM_ISADMIN);
return claim != null && bool.Parse(claim.Value);
}
}
public bool IsSuperAdmin
{
get
{
var claim = _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.CLAINM_SUPERADMIN);
return claim != null && bool.Parse(claim.Value);
}
}
public long? TenantId
{
get
{
var claim = _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.TENANT_ID);
return claim != null ? long.Parse(claim.Value) : null;
}
}
}
4. 登录服务
public class LoginService
{
private readonly IJwtHelper _jwtHelper;
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly IUserService _userService;
public LoginService(IJwtHelper jwtHelper, IHttpContextAccessor httpContextAccessor, IUserService userService)
{
_jwtHelper = jwtHelper;
_httpContextAccessor = httpContextAccessor;
_userService = userService;
}
// 方式一:使用 UserVo 对象生成 Token
public async Task<LoginResult> LoginWithUserVoAsync(string account, string password)
{
// 验证用户凭证
var user = await _userService.ValidateUserAsync(account, password);
if (user == null)
{
return new LoginResult { Success = false, Message = "用户名或密码错误" };
}
// 生成 Token
var accessToken = _jwtHelper.CreateToken(user, extend: null);
// 设置 Swagger 自动登录
_httpContextAccessor.HttpContext.SigninToSwagger(accessToken);
// 生成刷新 Token(可选)
var refreshToken = _jwtHelper.GenerateRefreshToken(accessToken, 30);
return new LoginResult
{
Success = true,
AccessToken = accessToken,
RefreshToken = refreshToken,
User = user
};
}
// 方式二:使用字典生成 Token
public async Task<LoginResult> LoginWithDictionaryAsync(string account, string password)
{
// 验证用户凭证
var user = await _userService.ValidateUserAsync(account, password);
if (user == null)
{
return new LoginResult { Success = false, Message = "用户名或密码错误" };
}
// 生成 Token
var accessToken = _jwtHelper.Encrypt(new Dictionary<string, object>
{
{ ClaimConst.CLAINM_USERID, user.Id },
{ ClaimConst.TENANT_ID, user.TenantId },
{ ClaimConst.CLAINM_ACCOUNT, user.Account },
{ ClaimConst.CLAINM_NAME, user.Name },
{ ClaimConst.CLAINM_SUPERADMIN, user.AdminType },
{ ClaimConst.CLAINM_ROLEIDS, string.Join(",", user.RoleIds) }
});
// 设置 Swagger 自动登录
_httpContextAccessor.HttpContext.SigninToSwagger(accessToken);
return new LoginResult
{
Success = true,
AccessToken = accessToken,
User = user
};
}
// Token 刷新
public async Task<RefreshTokenResult> RefreshTokenAsync(string accessToken, string refreshToken)
{
try
{
var newAccessToken = await _jwtHelper.ExchangeAsync(accessToken, refreshToken);
return new RefreshTokenResult
{
Success = true,
AccessToken = newAccessToken
};
}
catch (Exception ex)
{
return new RefreshTokenResult
{
Success = false,
Message = ex.Message
};
}
}
}
public class LoginResult
{
public bool Success { get; set; }
public string Message { get; set; }
public string AccessToken { get; set; }
public string RefreshToken { get; set; }
public UserVo User { get; set; }
}
public class RefreshTokenResult
{
public bool Success { get; set; }
public string Message { get; set; }
public string AccessToken { get; set; }
}
5. 控制器使用示例
[ApiController]
[Route("api/[controller]")]
public class AuthController : ControllerBase
{
private readonly LoginService _loginService;
public AuthController(LoginService loginService)
{
_loginService = loginService;
}
[HttpPost("login")]
[AllowAnonymous] // 允许匿名访问
public async Task<IActionResult> Login([FromBody] LoginRequest request)
{
var result = await _loginService.LoginWithUserVoAsync(request.Account, request.Password);
if (result.Success)
{
return Ok(new
{
success = true,
accessToken = result.AccessToken,
refreshToken = result.RefreshToken,
user = result.User
});
}
return Unauthorized(new { success = false, message = result.Message });
}
[HttpPost("refresh-token")]
[AllowAnonymous]
public async Task<IActionResult> RefreshToken([FromBody] RefreshTokenRequest request)
{
var result = await _loginService.RefreshTokenAsync(request.AccessToken, request.RefreshToken);
if (result.Success)
{
return Ok(new
{
success = true,
accessToken = result.AccessToken
});
}
return BadRequest(new { success = false, message = result.Message });
}
[HttpPost("logout")]
[Authorize] // 需要认证
public IActionResult Logout()
{
// 退出 Swagger 登录
HttpContext.SignoutToSwagger();
return Ok(new { success = true, message = "退出成功" });
}
}
public class LoginRequest
{
public string Account { get; set; }
public string Password { get; set; }
}
public class RefreshTokenRequest
{
public string AccessToken { get; set; }
public string RefreshToken { get; set; }
}
6. 受保护的 API 控制器
[ApiController]
[Route("api/[controller]")]
[Authorize] // 全局需要认证
public class UserController : ControllerBase
{
private readonly IUserService _userService;
private readonly ICurrentUser _currentUser;
public UserController(IUserService userService, ICurrentUser currentUser)
{
_userService = userService;
_currentUser = currentUser;
}
[HttpGet("profile")]
public async Task<IActionResult> GetProfile()
{
var user = await _userService.GetUserByIdAsync(_currentUser.UserId);
return Ok(user);
}
[HttpPut("profile")]
public async Task<IActionResult> UpdateProfile([FromBody] UpdateProfileRequest request)
{
await _userService.UpdateUserProfileAsync(_currentUser.UserId, request);
return Ok(new { success = true, message = "更新成功" });
}
[HttpGet("permissions")]
[Authorize(Roles = "admin")] // 需要 admin 角色
public async Task<IActionResult> GetPermissions()
{
var permissions = await _userService.GetUserPermissionsAsync(_currentUser.UserId);
return Ok(permissions);
}
[HttpGet("admin-only")]
[BearerAuthorize] // 使用 BearerAuthorize 特性
public IActionResult AdminOnly()
{
return Ok(new { message = "这是管理员专属区域" });
}
}
[ApiController]
[Route("api/[controller]")]
public class PublicController : ControllerBase
{
[HttpGet("info")]
[AllowAnonymous] // 允许匿名访问
public IActionResult GetInfo()
{
return Ok(new { message = "这是公开信息" });
}
[HttpGet("protected")]
[NonAplSafe] // 不进行接口安全校验
public IActionResult GetProtected()
{
return Ok(new { message = "这个接口跳过了安全校验" });
}
}
7. JWT 工具类扩展使用
public class JwtTokenService
{
private readonly IJwtHelper _jwtHelper;
public JwtTokenService(IJwtHelper jwtHelper)
{
_jwtHelper = jwtHelper;
}
// 验证 Token 有效性
public async Task<bool> ValidateTokenAsync(string token)
{
var (isValid, _, _) = await _jwtHelper.ValidateAsync(token);
return isValid;
}
// 读取 Token 信息(不验证)
public JsonWebToken ReadToken(string token)
{
return _jwtHelper.ReadJwtToken(token);
}
// 从 HTTP 上下文获取 Token
public string GetTokenFromContext(DefaultHttpContext httpContext)
{
return _jwtHelper.GetJwtBearerToken(httpContext);
}
// 创建自定义 Token
public string CreateCustomToken(Dictionary<string, object> claims, long? expiredMinutes = null)
{
return _jwtHelper.Encrypt(claims, expiredMinutes);
}
// 自动刷新 Token(用于中间件)
public async Task<bool> AutoRefreshTokenInMiddleware(AuthorizationHandlerContext context, DefaultHttpContext httpContext)
{
return await _jwtHelper.AutoRefreshTokenAsync(context, httpContext);
}
}
8. 权限常量定义
public static class Permissions
{
public const string Name = "Permission";
// 用户管理权限
public static class User
{
public const string Get = "api:user:get";
public const string Create = "api:user:create";
public const string Update = "api:user:update";
public const string Delete = "api:user:delete";
public const string List = "api:user:list";
}
// 订单管理权限
public static class Order
{
public const string Get = "api:order:get";
public const string Create = "api:order:create";
public const string Update = "api:order:update";
public const string Delete = "api:order:delete";
public const string List = "api:order:list";
}
// 产品管理权限
public static class Product
{
public const string Get = "api:product:get";
public const string Create = "api:product:create";
public const string Update = "api:product:update";
public const string Delete = "api:product:delete";
public const string List = "api:product:list";
}
}
// 在控制器中使用权限常量
[ApiController]
[Route("api/[controller]")]
[Authorize(Policy = Permissions.Name)]
public class AdminController : ControllerBase
{
[HttpGet("users")]
[Authorize(Policy = Permissions.User.List)]
public IActionResult GetUsers()
{
return Ok(new { message = "获取用户列表" });
}
[HttpPost("users")]
[Authorize(Policy = Permissions.User.Create)]
public IActionResult CreateUser()
{
return Ok(new { message = "创建用户" });
}
}
9. 多认证方式配置
public class MultiAuthSetup
{
public static void ConfigureServices(IServiceCollection services, IConfiguration configuration)
{
// 根据配置选择认证方式
var authType = configuration.GetValue<string>("Authentication:Type") ?? "JwtBearer";
var identifyEnum = authType switch
{
"Basic" => IdentifyEnum.BasicAuth,
"IdentityServer4" => IdentifyEnum.IdentityServer4,
"Authing" => IdentifyEnum.Authing,
_ => IdentifyEnum.JwtBearer
};
// 添加认证
services.AddAuthenticationSetup(identifyEnum);
// 添加授权
services.AddAuthorizationSetup<MyPermission>();
// 如果是 JWT,添加 JWT 设置
if (identifyEnum == IdentifyEnum.JwtBearer)
{
services.AddJwtSetup();
}
}
}
🎯 核心特性
1. 多种认证方式支持
- JWT Bearer 认证
- Basic 认证
- IdentityServer4 集成
- Authing 认证
2. 灵活的权限控制
- 基于角色的授权
- 基于策略的授权
- 自定义权限验证
- 细粒度权限控制
3. Token 管理
- Access Token 生成
- Refresh Token 支持
- Token 自动刷新
- Token 验证和解析
4. 开发友好
- Swagger 自动登录集成
- 丰富的扩展方法
- 清晰的错误信息
- 多语言支持
5. 安全可靠
- 强类型配置验证
- 安全的密钥管理
- 防止 Token 篡改
- 支持时钟容错
这个 JWT 认证组件为 ASP.NET Core 应用提供了完整、安全、灵活的认证授权解决方案,适用于各种规模的应用程序。
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net10.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 10.0.1)
- NetDevPack.Security.JwtExtensions (>= 8.0.0)
- Newtonsoft.Json (>= 13.0.3)
- RuoVea.ExConfig (>= 10.0.0)
- RuoVea.ExDto (>= 10.0.0.3)
NuGet packages (7)
Showing the top 5 NuGet packages that depend on RuoVea.ExJwtBearer:
| Package | Downloads |
|---|---|
|
RuoVea.OmiApi.UserRoleMenu
用户角色菜单管理 |
|
|
RuoVea.OmiApi.SystemApp
系统应用管理 |
|
|
RuoVea.OmiApi.UserRole
用户角色管理 |
|
|
RuoVea.OmiApi.User
用户管理 |
|
|
RuoVea.OmiApi.Auth
认证授权模块 |
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 10.0.0.3 | 89 | 1/28/2026 |
| 10.0.0.2 | 133 | 1/26/2026 |
| 9.0.0.4 | 98 | 1/28/2026 |
| 9.0.0.3 | 161 | 1/26/2026 |
| 9.0.0.2 | 223 | 10/23/2025 |
| 8.0.0.9 | 93 | 1/28/2026 |
| 8.0.0.8 | 281 | 1/26/2026 |
| 8.0.0.7 | 1,759 | 10/23/2025 |
| 8.0.0.6 | 743 | 9/16/2025 |
| 7.0.0.9 | 86 | 1/28/2026 |
| 7.0.0.8 | 323 | 1/26/2026 |
| 7.0.0.7 | 2,087 | 10/23/2025 |
| 7.0.0.6 | 866 | 9/16/2025 |
| 6.0.12.9 | 95 | 1/28/2026 |
| 6.0.12.8 | 382 | 1/26/2026 |
| 6.0.12.7 | 2,655 | 10/23/2025 |
| 6.0.12.6 | 1,031 | 9/16/2025 |
| 5.0.1.6 | 87 | 1/28/2026 |
| 5.0.1.5 | 87 | 1/26/2026 |
| 5.0.1.4 | 219 | 10/23/2025 |
Loading failed