Skip to content

Commit 5f9d43a

Browse files
maydayXimaydayXi
committed
Update jwt-tutorial2/idnex.md image soruce
1 parent 85ffa6a commit 5f9d43a

File tree

1 file changed

+14
-14
lines changed

1 file changed

+14
-14
lines changed

content/posts/jwt-tutorial2/index.md

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ public async Task<IActionResult> LogoutAsync()
6969

7070
再使用 Postman Send 登入的請求取得一個合法的 JWT,接著使用剛剛取得的 JWT Send 一個登出請求,會發現出現了 Exception
7171

72-
![Logout Exception](logout-exception.png)
72+
![Logout Exception](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/logout-exception.png)
7373

7474
**System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action&lt;AuthenticationOptions&gt; configureOptions).**
7575

@@ -255,11 +255,11 @@ app.Run();
255255

256256
好了就可以來測試驗證了,先用 Postman 登入取得合法的 Toke,可以看到期限是 5 分鐘後到期
257257

258-
![Postman get token](postman-get-token.png)
258+
![Postman get token](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/postman-get-token.png)
259259

260260
等過了時間再登出,會發現出現了 **Http 401 的回應,就是驗證沒過**
261261

262-
![Logout Http 401](logout-http-401.png)
262+
![Logout Http 401](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/logout-http-401.png)
263263

264264
這樣驗證功能就完成了
265265

@@ -357,13 +357,13 @@ public class Employee
357357
```
358358

359359
修改完成後記得使用 Rider 提供的工具,新增 Migration,並 Update Database,可以參考前篇 **_[新增 Migration](/posts/asp-dot-net-core-jwt-tutorial/#新增-migration)_**,連回資料庫確認更新結果,如果有看到多了一個 UserRole 的欄位,就是成功了
360-
![UserRole column](user-role-column.png)
360+
![UserRole column](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/user-role-column.png)
361361

362362
接下來將原本的測試註冊時的 **peter 改成人資主管 HrHead(2)****Enum 類別的成員,如果沒有特別設定整數值的話,預設是從 0 開始,也就是說由上往下第一個成員是 0,第一個成員是 1,依此類推**
363363

364364
這邊我直接使用 SQL 改,在資料庫右鍵 → New → Query Console,會出現 SQL 的查詢編輯器,輸入下面的更新語法
365365

366-
![New Query Console](new-query-console.png)
366+
![New Query Console](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/new-query-console.png)
367367

368368
```sql
369369
-- 因為我目前只有一個 [email protected] 的帳號,
@@ -384,7 +384,7 @@ WHERE Email = '[email protected]'
384384

385385
確認 peter 的角色是不是 2(人資主管)
386386

387-
![Update UserRole success](update-user-role-success.png)
387+
![Update UserRole success](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/update-user-role-success.png)
388388

389389
## 新增角色資料
390390

@@ -410,7 +410,7 @@ FROM Employees
410410
ORDER BY UserRole DESC
411411
```
412412

413-
![Employees Data](emplyee-data.png)
413+
![Employees Data](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/emplyee-data.png)
414414

415415
## 配合角色驗證調整項目
416416

@@ -886,36 +886,36 @@ public class EmployeeController(IEmployeeService employeeService) : Controller
886886

887887
本例角色是**實習生(UserRole = 0)**,先用 `auth/login` 取得 heine 的 JWT:在用下面的相關網址測試權限
888888

889-
![Heine JWT](heine-jwt.png)
889+
![Heine JWT](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/heine-jwt.png)
890890

891891
1. `get/employee` 測試取得自己的員工資料
892892

893-
![Heine employee data](heine-employee-data.png)
893+
![Heine employee data](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/heine-employee-data.png)
894894

895895
2. `get/employees` 測試取得所有員工資料,會發現是 Http 403 回應,代表實習生是沒有這個權限的
896896

897-
![Heine get employees forbidden](heine-get-employees.png)
897+
![Heine get employees forbidden](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/heine-get-employees.png)
898898

899899
### Adam
900900

901901
本例角色是**人資助理(UserRole = 1)**,應該也只能取得自己的資料,操作同上
902902

903903
1. `get/employee`
904904

905-
![Adam employee data](adam-employee-data.png)
905+
![Adam employee data](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/adam-employee-data.png)
906906

907907
2. `get/employees`
908908

909-
![Adam get employees forbidden](adam-get-employees-forbidden.png)
909+
![Adam get employees forbidden](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/adam-get-employees-forbidden.png)
910910

911911
### Peter
912912

913913
本例是**人資主管(UserRole = 2)**,應該要可以取得所有員工資料
914914

915915
1. `get/employee`
916916

917-
![Peter employee data](peter-employee-data.png)
917+
![Peter employee data](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/peter-employee-data.png)
918918

919919
2. `get/employees`
920920

921-
![Peter get employees](peter-get-employees.png)
921+
![Peter get employees](https://cdn.jsdelivr.net/gh/maydayXi/MyDevLog@main/content/posts/jwt-tutorial2/peter-get-employees.png)

0 commit comments

Comments
 (0)