public ActionResult <string> Register([FromForm] string userinfo)
        {
            RSATool rSATool = new RSATool(RSAType.RSA, Encoding.UTF8, Configuration["RSA:privateKey"], Configuration["RSA:publicKey"]);
            var     decrypt = rSATool.Decrypt(userinfo);
            var     user    = JsonConvert.DeserializeObject <User>(decrypt);
            var     val     = user.Validate();

            if (val == null)
            {
                _repository.SaveUser(user);
                return(string.Empty);
            }
            else
            {
                return(val.error);
            }
        }
        public ActionResult <string> Login([FromForm] string logininfo)
        {
            ///公钥私钥对解密用户名密码
            RSATool rSATool = new RSATool(RSAType.RSA, Encoding.UTF8, Configuration["RSA:privateKey"], Configuration["RSA:publicKey"]);
            var     decrypt = rSATool.Decrypt(logininfo);
            var     login   = JsonConvert.DeserializeObject <User>(decrypt);
            var     user    = _repository.ValidateLogin(login.username, login.password);

            if (user != null)
            {
                var expiredays = int.Parse(Configuration["JWTAuth:expires"]);
                var expire     = DateTime.Now.AddDays(expiredays);
                var info       = new UserInfoViewModel();
                var userdata   = Guid.NewGuid().ToString();
                var roleids    = _userroles.GetListByUserId(user.Id).Select(s => s.roleid).ToArray();
                var roles      = _roles.GetRoles(roleids);
                info.Roles    = roles;
                info.userData = userdata;//TOKEN标识
                info.name     = user.name;
                info.phone    = user.phone;
                info.userid   = user.Id;
                info.username = user.name;
                var claims = new[] {
                    new Claim(ClaimTypes.Name, info.userid), //保证名称唯一
                    new Claim(ClaimTypes.UserData, userdata) //TOKEN标识
                };
                //sign the token using a secret key.This secret will be shared between your API and anything that needs to check that the token is legit.
                var secretKey = Configuration["JWTAuth:secretKey"];
                var creds     = new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey)), SecurityAlgorithms.HmacSha256Signature);
                //.NET Core’s JwtSecurityToken class takes on the heavy lifting and actually creates the token.
                var token = new JwtSecurityToken(
                    issuer: Configuration["JWTAuth:issuer"],
                    audience: Configuration["JWTAuth:audience"],
                    claims: claims,
                    expires: expire.ToUniversalTime(),
                    signingCredentials: creds
                    );
                info.token = new JwtSecurityTokenHandler().WriteToken(token);
                //缓存用户信息
                _repository.SetUserTokenInfo(user.Id, JsonConvert.SerializeObject(info));
                return(info.token);
            }
            return(null);
        }