public string GenerateJwt(AccountERD account)
{
var authParams = _authOptions.Value;
var securityKey = authParams.GetSymmetricSecurityKey();
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Email, account.EmailAddress),
new Claim(JwtRegisteredClaimNames.Sub, account.Id.ToString()),
new Claim("role", GetAccountUser(account).RoleId.ToString())
};
var token = new JwtSecurityToken(authParams.Issuer,
authParams.Audience,
claims,
expires: DateTime.Now.AddSeconds(authParams.TokenLifetime),
signingCredentials: credentials);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
private UserERD GetAccountUser(AccountERD account)
{
return(_appContext.Users.SingleOrDefault(u => u.Id == account.UserId));
}
