时间戳

首页 > 解决方案 > API 不返回 CurrentUser。返回 500 内部服务器错误

asp.net-core - API 不返回 CurrentUser。返回 500 内部服务器错误

问题描述

Startup.cs 文件配置

        public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<DataContext>(options =>
        {
            options.UseSqlite(Configuration.GetConnectionString("DefaultConnection"));
        });
        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy", policy =>
            {
                policy.AllowAnyHeader().AllowAnyMethod().WithOrigins("http://localhost:3000");
            });
        });
        services.AddMediatR(typeof(list.Handler).Assembly);
        services.AddMvc(opt => {
            var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();
            opt.Filters.Add(new AuthorizeFilter(policy));
        })
        .AddFluentValidation(cfg => cfg.RegisterValidatorsFromAssemblyContaining<create>());
        var builder = services.AddIdentityCore<AppUser>();
        var identityBuilder = new IdentityBuilder(builder.UserType, builder.Services);
        identityBuilder.AddEntityFrameworkStores<DataContext>();
        identityBuilder.AddSignInManager<SignInManager<AppUser>>();

        services.AddScoped<IJwtGenerator, JwtGenerator>();
        services.AddScoped<IUserAccessor, UserAccessor>();
        
        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["TokenKey"]));
        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(
            opt => {
                opt.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = key,
                    ValidateAudience = false,
                    ValidateIssuer = false 
                };
            }
        );
    }

我的 UserDefine 中间件

public class ErrorHandlingMiddleware
{
    private readonly RequestDelegate _next;
    private readonly ILogger<ErrorHandlingMiddleware> _logger;
    public ErrorHandlingMiddleware(RequestDelegate next, ILogger<ErrorHandlingMiddleware> logger)
    {
        _logger = logger;
        _next = next;
    }

    public async Task Invoke(HttpContext context)
    {
        try
        {
            await _next(context);
        }
        catch (Exception ex)
        {
            
            await HandleExceptionAsync(context, ex, _logger);
        }
    }

    private async Task HandleExceptionAsync(HttpContext context, Exception ex, 
    ILogger<ErrorHandlingMiddleware> logger)
    {
        object errors = null;
        
        switch(ex)
        {
            case RestException re:
                logger.LogError(ex, "Rest Error");
                errors = re.Errors;
                context.Response.StatusCode = (int)re.Code;
                break;
            case Exception e:
                logger.LogError(ex, "Server Error");
                errors = string.IsNullOrWhiteSpace(e.Message) ? "Error" : e.Message;
                context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
                break;
        }

        context.Response.ContentType = "application/json";
        if(errors != null) 
        {
            var result = JsonConvert.SerializeObject(new {
                errors
            });

            await context.Response.WriteAsync(result);
        }
    }
}

休息异常文件

public class RestException : Exception
{
    public RestException(HttpStatusCode code, object errors = null)
    {
        Code = code;
        Errors = errors;
    }

    public HttpStatusCode Code { get; }
    public object Errors { get; }
}

用户访问器文件

public class UserAccessor : IUserAccessor
{
    private readonly IHttpContextAccessor _httpContextAccessor;
    public UserAccessor(IHttpContextAccessor httpContextAccessor)
    {
        _httpContextAccessor = httpContextAccessor;
    }

    public string GetCurrentUsername()
    {
        var username = _httpContextAccessor.HttpContext.User?.Claims?.FirstOrDefault( x=> x.Type == ClaimTypes.NameIdentifier)?.Value;

        return username;
    }
}

这是我将 CurrentUser 信息返回给 API 的 CurrentUser 文件

public class CurrentUser
{
    public class Query : IRequest<User> { }

    public class Handler : IRequestHandler<Query, User>
    {
        private readonly IJwtGenerator _jwtGenerator;
        private readonly IUserAccessor _userAccessor;
        private readonly UserManager<AppUser> _userManager;
        public Handler(UserManager<AppUser> userManager, IJwtGenerator jwtGenerator, IUserAccessor userAccessor)
        {
            _userAccessor = userAccessor;
            _jwtGenerator = jwtGenerator;
            _userManager = userManager;
        }

        public async Task<User> Handle(Query request, CancellationToken cancellationToken)
        {
            var user = await _userManager.FindByNameAsync(_userAccessor.GetCurrentUsername());

            return new User
            {
                DisplayName = user.DisplayName,
                Username = user.UserName,
                Token = _jwtGenerator.CreateToken(user),
                Image = null
            };
        }
    }
}

我通过 POSTMAN 测试了这个,服务器返回 And VsCode 显示这些错误

500 Internal Server Error

fail: API.MiddleWare.ErrorHandlingMiddleware[0] Server Error System.ArgumentNullException: Value cannot be null. (Parameter 'userName') at Microsoft.AspNetCore.Identity.UserManager1.FindByNameAsync(String userName) 在 Application.Users.CurrentUser.Handler.Handle(Query request, CancellationToken cancelToken) 在 C:\Users\NOYON\source\repos\reactivity\Application\Users\CurrentUser.cs:MediatR 的第 28 行.Pipeline.RequestExceptionProcessorBehavior 2.Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate1 next) at MediatR.Pipeline.RequestExceptionProcessorBehavior 2.Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate1 next) at MediatR.Pipeline.RequestExceptionActionProcessorBehavior 2.Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate1 next) at MediatR.Pipeline.RequestExceptionActionProcessorBehavior 2.Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate1 next) at MediatR.Pipeline.RequestPostProcessorBehavior 2.Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate1 next) at MediatR.Pipeline.RequestPreProcessorBehavior2.Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate1 next) 在 API.Controllers.UserController.CurrentUser() 在 C:\Users\NOYON\source\repos\reactivity\api\Controllers\UserController.cs:line 28 at lambda_method(Closure, Object) at Microsoft.Extensions.Internal .ObjectMethodExecutorAwaitable.Awaiter.GetResult() 在 Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper 映射器,ObjectMethodExecutor 执行器,对象控制器,Object[] 参数) 在 Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.g__Awaited| 12_0(ControllerActionInvoker 调用者,ValueTask1 actionResultValueTask) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync() --- End of stack trace from previous location where exception was thrown --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|24_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync() --- End of stack trace from previous location where exception was thrown --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope) at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at API.MiddleWare.ErrorHandlingMiddleware.Invoke(HttpContext context) in C:\Users\NOYON\source\repos\reactivity\api\Middleware\ErrorHandlingMiddleware.cs:line 25

当我从 UserController 调用用户时,API 会说

{"errors":"Value cannot be null. (Parameter 'userName')"}

为什么这个 GetCurrentUser() 将用户名返回为空?这不是获取当前用户的正确指令吗?

标签: asp.net-coreasp.net-web-apiasp.net-identity

解决方案

因为您没有发布Startup.cs文件,所以我不知道您当前的 JWT 配置是什么。但是,如果您使用subJWT 中的属性作为用户名,则应在下面添加此行

x.TokenValidationParameters = new TokenValidationParameters
{
     ...,
     NameClaimType = ClaimTypes.NameIdentifier
};

如果您想在 JWT 令牌中获取一个 key,您可以通过以下代码获取

var handler = new JwtSecurityTokenHandler();
var jwtTokenStr = httpRequest.Headers["Authorization"].ToString().Replace("Bearer ", string.Empty, System.StringComparison.Ordinal);
var jwtToken = handler.ReadJwtToken(jwtTokenStr);
// Get Sub by this line
jwtToken.Claims.FirstOrDefault(a => a.Type == JwtClaimTypes.Subject)?.Value

推荐阅读