Home > Back-end >  How can I use multiple authentication in ASP.NET Core 3.1?
How can I use multiple authentication in ASP.NET Core 3.1?

Time:03-30

I want to use JWT authentication and cookie authentication in my project, but when add authentication configs to my startup, one of them doesn't work.

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
           .AddCookie(option =>
           {
               option.LoginPath = "/Login";
               option.LogoutPath = "/Logout";
               option.ExpireTimeSpan = TimeSpan.FromDays(500);
           });

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
             .AddJwtBearer(options =>
             {
                 options.TokenValidationParameters = new TokenValidationParameters()
                 {
                     ValidateIssuer = true,
                     ValidateAudience = false,
                     ValidateLifetime = true,
                     ValidateIssuerSigningKey = true,
                     ValidIssuer = "https://localhost:44382",
                     IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("xxxxxxx"))
                 };
             });

CodePudding user response:

I think you have no need to add authentication separately but you can just do it in simple way and it will work fine for you.

  services.AddAuthentication()
    .AddCookie(options => {
        here configuration for  cookie
        options.LoginPath = "/Account/login";
        options.LogoutPath = "/Account/Forbidden/";
    })
     .AddJwtBearer(options => {
        here configuration for jwt 
        options.Audience = "";
        options.Authority = "";
    });

CodePudding user response:

You can set your config file like this(Here I am using .Net6)

builder.Services.AddAuthentication(options => {
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidateLifetime = true,
            ValidateIssuerSigningKey = true,
            ValidIssuer = builder.Configuration["Jwt:Issuer"],
            ValidAudience = builder.Configuration["Jwt:Audience"],
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))

        };
    })
    .AddCookie(x=> {
        x.LoginPath = "/api/Hello";
    });

Then you can choose one or all of them to validate

//use all of them
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
[Authorize(AuthenticationSchemes = CookieAuthenticationDefaults.AuthenticationScheme)] 
[Route("[controller]")]
[ApiController]
public class UsersController : ControllerBase
{
    //...... 
}

//just use cookie authentication
[Authorize(AuthenticationSchemes = CookieAuthenticationDefaults.AuthenticationScheme)] 
    [Route("[controller]")]
    [ApiController]
    public class UsersController : ControllerBase
    {
        //...... 
    }

Page link:https//www.codepudding.com/Backend/353861.html

Prev:Multiple Controllers in .net core
Next:Return custom formatted JSON in exception handling
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding