c# - 我应该如何处理 Nancy 的身份验证？

Question

我开始为 Nancy 编写 LoginModule 代码，但我突然想到我可能需要以不同的方式执行身份验证。在 Nancy 中是否有公认的身份验证方式？我现在正在计划两个项目:web 和 json 服务。两者都需要授权。

Answer 1

正如 Steven 所写，Nancy 支持开箱即用的基本身份验证和表单例份验证。看看这两个演示应用程序，了解每个应用程序的操作方法:https://github.com/NancyFx/Nancy/tree/master/samples/Nancy.Demo.Authentication.Forms和 https://github.com/NancyFx/Nancy/tree/master/samples/Nancy.Demo.Authentication.Basic

这里的第二个演示是一个需要授权的模块:

namespace Nancy.Demo.Authentication.Forms
{
  using Nancy;
  using Nancy.Demo.Authentication.Forms.Models;
  using Nancy.Security;

  public class SecureModule : NancyModule
  {
    public SecureModule() : base("/secure")
    {
        this.RequiresAuthentication();

        Get["/"] = x => {
            var model = new UserModel(Context.CurrentUser.UserName);
            return View["secure.cshtml", model];
        };
    }
  }
}

以及在请求管道中设置表单例份验证的 Bootstrap 片段:

    protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
    {
        // At request startup we modify the request pipelines to
        // include forms authentication - passing in our now request
        // scoped user name mapper.
        //
        // The pipelines passed in here are specific to this request,
        // so we can add/remove/update items in them as we please.
        var formsAuthConfiguration =
            new FormsAuthenticationConfiguration()
            {
                RedirectUrl = "~/login",
                UserMapper = requestContainer.Resolve<IUserMapper>(),
            };

        FormsAuthentication.Enable(pipelines, formsAuthConfiguration);
    }