我使用Web API和Angular 8。 我尝试保护服务器端安全,但随后出现未授权错误 我发送的每个令牌。
我试图在互联网上寻找解决方案,但没有找到任何东西。
那是我的代码
C#:
public string GenerateTokenForUser(UsersDTO user)
{
var signingKey = "xxxxxxxxxxxxxxxxxxxxxx";
var now = DateTime.UtcNow;
var key = new SymmetricSecurityKey(Encoding.Default.GetBytes(signingKey));
var creds = new SigningCredentials(key,
SecurityAlgorithms.HmacSha256);
var claimsIdentity = new ClaimsIdentity(new List<Claim>()
{
new Claim(ClaimTypes.Name, user.id.ToString())
}, "custom");
var securityTokenDescriptor = new SecurityTokenDescriptor()
{
Issuer = "self",
Subject = claimsIdentity,
SigningCredentials = creds,
Expires = now.AddHours(5)
};
var tokenHandler = new JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
var signedAndEncodedToken = tokenHandler.WriteToken(plainToken);
return signedAndEncodedToken;
}
Web API:
[Authorize]
[Route("GetLearnedPagesCount/{userId}")]
public IHttpActionResult GetLearnedPagesCount(int userId)
{
...
}
角度:
httpOptions = {
headers: new HttpHeaders({
'Authorization': `Bearer `+this.cookieService.get('token')
})
};
GetLearnedPages(): Observable<Array<MyPages>> {
return this.httpClient.get<Array<MyPages>>(this.serverServ.URL + "Controller/GetLearnedPages/"
+ this.user.id, this.httpOptions);
}
我获得了正确的令牌,我也从cookie中获得了令牌。
我的问题是什么?
谢谢!