//身份验证
            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(setting.SecretKey)),

                    ValidateAudience = true,
                    ValidAudience = setting.Audience, 
                    ValidateIssuer = true, 
                    ValidIssuer = setting.Issuer, 
                    ClockSkew = TimeSpan.Zero, 
                    ValidateLifetime = true, 
                    RequireExpirationTime = true
                };
            });

//这里注意 一定要在 UseMvc前面，顺序不可改变
app.UseAuthentication(); 
app.UseMvc();

[Route("api/[controller]")]
[ApiController] 
[Authorize]//添加身份验证 ，所有Action都需要验证通过才可以访问
public class ValuesController : ControllerBase
{
    // GET api/values
    [HttpGet]
    public ActionResult<IEnumerable<string>> Get()
    {
        return new string[] { "value1", "value2" };
    }
         
    // GET api/values/5
    [HttpGet("{id}")]
    [AllowAnonymous]//允许匿名访问
    public ActionResult<string> Get(int id)
    {
        return "value";
    } 
}

    [Route("api/[controller]")]
    [ApiController]
    public class TokenController : ControllerBase
    {
        JwtSettings setting;//Token 配置信息

        //IOptions<JwtSettings> 是在 appsetting.json 的配置项，需要格外注意，SecretKey 必须>=16位
        //需要提前在 StartUp.ConfigureServices注册
        public TokenController(IOptions<JwtSettings> jwtSettings)
        {
            setting = jwtSettings.Value;
        }

        [HttpGet]
        public IActionResult Get()
        {
            try
            { 
                var claims = new Claim[]
                {
                     new Claim(ClaimTypes.Name, "ZhangSan"),
                     new Claim(ClaimTypes.Role, "Admin,System"),
                };var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(setting.SecretKey));
                var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
                var token = new JwtSecurityToken(
                    setting.Issuer,
                    setting.Audience,
                    claims,
                    DateTime.Now,
                    DateTime.Now.AddMinutes(30),
                    creds);
                var result = new JwtSecurityTokenHandler().WriteToken(token);
                return Ok(result);
            }
            catch (Exception ex)
            {
                return BadRequest(ex.Message);
            } 
        }
    }