luoqian
a9abd90874
- 新增 API 端 JWT 登录、refresh token 轮换和退出登录流程 - 新增 refresh token 实体、DbSet 配置和 EF Core 迁移 - 新增 PC 端授权码登录、本地全局 token 刷新、登出和鉴权服务 - 扩展统一端点模型,支持宿主过滤、角色鉴权、OpenAPI 元数据和 DI 服务处理器 - API 启用 JwtBearer 认证、Swagger UI 和认证端点注册 - PC 端注册认证服务,并按宿主过滤桌面拦截端点
73 lines
3.0 KiB
C#
73 lines
3.0 KiB
C#
using Avalonia_API.Authentication;
|
||
using Avalonia_EFCore.Database;
|
||
using Avalonia_Services.Core;
|
||
using Avalonia_Services.Endpoints;
|
||
using Avalonia_Services.Services;
|
||
using Avalonia_Services.Services.AuthService;
|
||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||
using Microsoft.IdentityModel.Tokens;
|
||
using System.Text;
|
||
|
||
namespace Avalonia_API.Configuration
|
||
{
|
||
public static class ServicesConfiguration
|
||
{
|
||
/// <summary>
|
||
/// 注册统一端点及其依赖的服务(含数据库)。
|
||
/// 所有业务端点定义在 Avalonia-Services/Endpoints/AppEndpoints.cs。
|
||
/// </summary>
|
||
public static IServiceCollection AddUnifiedApiServices(this IServiceCollection services, IConfiguration configuration)
|
||
{
|
||
// ---- 数据库 ----
|
||
// 从 appsettings.json 读取 DatabaseConfiguration 节
|
||
// 注册默认数据库提供程序(SQLite / MySQL / PostgreSQL / SqlServer)
|
||
DatabaseProviderRegistry.RegisterDefaults();
|
||
|
||
var databaseConfig = configuration
|
||
.GetSection(nameof(DatabaseConfiguration))
|
||
.Get<DatabaseConfiguration>()
|
||
?? DatabaseConfiguration.ForSQLite("app.db");
|
||
|
||
// 注册 AppDataContext(共享数据上下文)
|
||
services.AddAppDatabase<AppDataContext>(databaseConfig);
|
||
|
||
// ---- 业务服务 ----
|
||
services.AddScoped<WeatherForecastService>();
|
||
|
||
// ---- API 鉴权 ----
|
||
var jwtSection = configuration.GetSection("Jwt");
|
||
services.Configure<JwtOptions>(jwtSection);
|
||
var jwtOptions = jwtSection.Get<JwtOptions>() ?? new JwtOptions();
|
||
services
|
||
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
||
.AddJwtBearer(options =>
|
||
{
|
||
options.TokenValidationParameters = new TokenValidationParameters
|
||
{
|
||
ValidateIssuer = true,
|
||
ValidateAudience = true,
|
||
ValidateLifetime = true,
|
||
ValidateIssuerSigningKey = true,
|
||
ValidIssuer = jwtOptions.Issuer,
|
||
ValidAudience = jwtOptions.Audience,
|
||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOptions.SigningKey)),
|
||
ClockSkew = TimeSpan.FromMinutes(1),
|
||
};
|
||
});
|
||
services.AddAuthorization();
|
||
services.AddScoped<JwtTokenService>();
|
||
services.AddScoped<RefreshTokenService>();
|
||
services.AddScoped<IApiAuthEndpointService, ApiAuthEndpointService>();
|
||
|
||
// ---- 统一端点 ----
|
||
var endpointBuilder = new ServiceEndpointBuilder();
|
||
AppEndpoints.Configure(endpointBuilder);
|
||
AuthEndpoints.ConfigureApi(endpointBuilder);
|
||
var endpoints = endpointBuilder.Build();
|
||
services.AddSingleton(endpoints);
|
||
|
||
return services;
|
||
}
|
||
}
|
||
}
|