平常做項(xiàng)目使用mvc+webapi，采取前后端分離的方式，后臺提供API接口給前端開發(fā)人員。這個(gè)過程中遇到一個(gè)問題后臺開發(fā)人員怎么提供接口說明文檔給前端開發(fā)人員。為了解決這個(gè)問題，項(xiàng)目中引用swagger(我比較喜歡戲稱為“絲襪哥”)。

列出所有API控制器和控制器描述

那么既然是api，肯定涉及到安全驗(yàn)證問題，那么怎么在測試文檔增加添加Token安全驗(yàn)證呢；

下面我們來看看

1、定義swagger請求頭

using Microsoft.AspNetCore.Authorization;using Swashbuckle.AspNetCore.Swagger;using Swashbuckle.AspNetCore.SwaggerGen;using System.Collections.Generic;using System.Linq;using System.Reflection;namespace CompanyName.ProjectName.HttpApi.Host.Code{ /// /// swagger請求頭 /// public class HttpHeaderOperationFilter : IOperationFilter { /// /// /// /// /// public void Apply(Operation operation, OperationFilterContext context) { #region 新方法 if (operation.Parameters == null) { operation.Parameters = new List(); } if (context.ApiDescription.TryGetMethodInfo(out MethodInfo methodInfo)) { if (methodInfo.CustomAttributes.All(t => t.AttributeType != typeof(AllowAnonymousAttribute)) && !(methodInfo.ReflectedType.CustomAttributes.Any(t => t.AttributeType == typeof(AuthorizeAttribute)))) { operation.Parameters.Add(new NonBodyParameter { Name = "Authorization", In = "header", Type = "string", Required = true, Description = "請輸入Token，格式為bearer XXX" }); } } #endregion 新方法 } }}

2、在ConfigureServices方法添加OperationFilter

/// /// /// /// // This method gets called by the runtime. Use this method to add services to the container. public IServiceProvider ConfigureServices(IServiceCollection services) { services.Replace(ServiceDescriptor.Transient()); services.AddMvc().AddJsonOptions(options => { options.SerializerSettings.NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore; options.SerializerSettings.Converters.Add( new Newtonsoft.Json.Converters.IsoDateTimeConverter() { DateTimeFormat = "yyyy-MM-dd HH:mm:ss" } ); //小寫 options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver(); options.SerializerSettings.ContractResolver = new DefaultContractResolver(); // // options.SerializerSettings.DateFormatString = "yyyy-MM-dd"; }); // services.AddMvc().AddXmlSerializerFormatters(); // services.AddMvc().AddXmlDataContractSerializerFormatters(); services.AddLogging(); services.AddCors(options => options.AddPolicy("AllowSameDomain", builder => builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader() )); services.Configure(options => { options.Filters.Add(new CorsAuthorizationFilterFactory("AllowSameDomain")); }); #region Swagger services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Version = "v1", Title = "接口文檔", Description = "接口文檔-基礎(chǔ)", TermsOfService = "https://example.com/terms", Contact = new Contact { Name = "XXX1111", Email = "XXX1111@qq.com", Url = "https://example.com/terms" } , License = new License { Name = "Use under LICX", Url = "https://example.com/license", } }); c.SwaggerDoc("v2", new Info { Version = "v2", Title = "接口文檔", Description = "接口文檔-基礎(chǔ)", TermsOfService = "https://example.com/terms", Contact = new Contact { Name = "XXX2222", Email = "XXX2222@qq.com", Url = "https://example.com/terms" } , License = new License { Name = "Use under LICX", Url = "https://example.com/license", } }); c.OperationFilter(); c.DocumentFilter(); var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"; var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile); c.IncludeXmlComments(xmlPath); c.IncludeXmlComments(Path.Combine(AppContext.BaseDirectory, $"CompanyName.ProjectName.ICommonServer.xml")); }); #endregion Swagger #region MiniProfiler if (bool.Parse(Configuration["IsUseMiniProfiler"])) { //https://www.cnblogs.com/lwqlun/p/10222505.html services.AddMiniProfiler(options => options.RouteBasePath = "/profiler" ).AddEntityFramework(); } #endregion MiniProfiler services.AddDbContext(options => options.UseMySql(Configuration["Data:MyCat:ConnectionString"])); var container = AutofacExt.InitAutofac(services, Assembly.GetExecutingAssembly()); return new AutofacServiceProvider(container); }

3、定義一個(gè)ActionFilterAttribute

using CompanyName.ProjectName.Core;using Microsoft.AspNetCore.Mvc;using Microsoft.AspNetCore.Mvc.Filters;using Newtonsoft.Json;using System.Security.Principal;namespace CompanyName.ProjectName.HttpApi.Host{ /// /// 權(quán)限 /// public class BasicAuth : ActionFilterAttribute { /// /// /// /// public override void OnActionExecuting(ActionExecutingContext context) { if (context.HttpContext.Request != null && context.HttpContext.Request.Headers != null && context.HttpContext.Request.Headers["Authorization"].Count > 0) { var token = context.HttpContext.Request.Headers["Authorization"]; if (string.IsNullOrWhiteSpace(token)) { ResultDto meta = ResultDto.Err("Unauthorized"); JsonResult json = new JsonResult(new { Meta = meta } ); JsonSerializerSettings jsetting = new JsonSerializerSettings(); jsetting.NullValueHandling = NullValueHandling.Ignore; jsetting.Converters.Add( new Newtonsoft.Json.Converters.IsoDateTimeConverter() { DateTimeFormat = "yyyy-MM-dd HH:mm:ss" } ); json.SerializerSettings = jsetting; json.ContentType = "application/json; charset=utf-8"; context.Result = json; } else { GenericIdentity ci = new GenericIdentity(token); ci.Label = "conan1111111"; context.HttpContext.User = new GenericPrincipal(ci, null); } } else { ResultDto meta = ResultDto.Err("Unauthorized"); JsonResult json = new JsonResult(new { Meta = meta } ); JsonSerializerSettings jsetting = new JsonSerializerSettings(); jsetting.NullValueHandling = NullValueHandling.Ignore; jsetting.Converters.Add( new Newtonsoft.Json.Converters.IsoDateTimeConverter() { DateTimeFormat = "yyyy-MM-dd HH:mm:ss" } ); json.SerializerSettings = jsetting; json.ContentType = "application/json; charset=utf-8"; context.Result = json; } base.OnActionExecuting(context); } }}

4、最后在需要的地方使用 ?[BasicAuth]

/// /// 添加 /// /// /// 主鍵id [BasicAuth] [ModelValidationAttribute] [ApiExplorerSettings(GroupName = "v1")] [HttpPost, Route("Create")] public async Task> CreateAsync([FromBody]CreateWebConfigDto model) { return await _webConfigApp.CreateAsync(model, new Core.CurrentUser()); }

我們就可以看到Authorization - 請輸入Token，格式為bearer XXX

源碼地址：

https://github.com/conanl5566/Sampleproject/tree/master/src/03%20Host/CompanyName.ProjectName.HttpApi.Host

總結(jié)

以上是生活随笔為你收集整理的token验证_Swagger中添加Token验证的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。