静态文件 - asp.net web api core 2.1 身份验证方案 Bearer
static files - asp.net web api core 2.1 authentication scheme Bearer
如何避免静态文件被认证?
对于静态文件(图像、.js、.css 等)的每个请求,都会记录一条消息 "AuthenticationScheme: "Bearer" was not authenticated."。虽然当配置设置为调试时,消息只是被记录下来,但浪费在这上面的资源是不必要的。
一切正常,我只是想避免检查这些请求的身份验证。有没有办法禁用它?我已经尝试了几种关于在 Configure 方法上设置身份验证的变体,但没有任何效果。
这是我当前的配置:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
var locOptions = app.ApplicationServices.GetService<IOptions<RequestLocalizationOptions>>();
app.UseRequestLocalization(locOptions.Value);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
}
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseCors("default");
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action=Index}/{id?}");
});
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
DataAccessLayer.WebHelpers.Configure(app.ApplicationServices.GetRequiredService<IHttpContextAccessor>());
}
好的,通过分支请求管道得到它,仅将授权应用于“/api”路径:
//app.UseAuthentication();
app.MapWhen(x => x.Request.Path.Value.StartsWith("/api"), builder =>
{
builder.UseAuthentication();
builder.UseMvcWithDefaultRoute();
});
app.MapWhen(x => !x.Request.Path.Value.StartsWith("/api"), builder =>
{
builder.UseMvcWithDefaultRoute();
builder.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
});
如何避免静态文件被认证?
对于静态文件(图像、.js、.css 等)的每个请求,都会记录一条消息 "AuthenticationScheme: "Bearer" was not authenticated."。虽然当配置设置为调试时,消息只是被记录下来,但浪费在这上面的资源是不必要的。
一切正常,我只是想避免检查这些请求的身份验证。有没有办法禁用它?我已经尝试了几种关于在 Configure 方法上设置身份验证的变体,但没有任何效果。
这是我当前的配置:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
var locOptions = app.ApplicationServices.GetService<IOptions<RequestLocalizationOptions>>();
app.UseRequestLocalization(locOptions.Value);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
}
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseCors("default");
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action=Index}/{id?}");
});
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
DataAccessLayer.WebHelpers.Configure(app.ApplicationServices.GetRequiredService<IHttpContextAccessor>());
}
好的,通过分支请求管道得到它,仅将授权应用于“/api”路径:
//app.UseAuthentication();
app.MapWhen(x => x.Request.Path.Value.StartsWith("/api"), builder =>
{
builder.UseAuthentication();
builder.UseMvcWithDefaultRoute();
});
app.MapWhen(x => !x.Request.Path.Value.StartsWith("/api"), builder =>
{
builder.UseMvcWithDefaultRoute();
builder.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
});