/// <summary>
/// 更新登录凭证
/// </summary>
/// <param name="model"></param>
public void Update(UserTokenDto model)
{
UserTokenEntity entity = _userTokenRepository.Table.Where(a => a.UserID == model.UserID).FirstOrDefault();
entity = model.ToEntity(entity);
_userTokenRepository.Update(entity);
}
public async Task <ActionResult <UserTokenDto> > Login([FromBody] LoginDto model)
{
var user = await _tokenService.VerifyUserCredentials(model);
var claims = new[]
{
new Claim("id", user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Role, user.Role.Name)
};
var jwt = _tokenService.GenerateJWT(claims);
var refreshToken = await _tokenService.GenerateRefreshToken(user);
UserTokenDto userTokenDto = new UserTokenDto
{
Id = user.Id,
FirstName = user.FirstName,
LastName = user.LastName,
Token = new TokenDto()
{
JWT = jwt, RefreshToken = refreshToken
}
};
return(Ok(userTokenDto));
}
private IActionResult DoPassword(UserDto userDto)
{
var user = _userService.Authenticate(userDto.Username, userDto.Password);
if (user == null)
{
return(BadRequest("Email i/lub hasło są nie poprawne"));
}
if (user.EmailConfirmed == false)
{
return(BadRequest("W celu zalogowania wymagana jest aktywacja konta"));
}
var refreshToken = GenerateRefreshToken();
var rToken = new UserTokenDto
{
Token = refreshToken,
UserId = user.Id,
IsStop = 0
};
var mappedRefreshToken = _mapper.Map <UserToken>(rToken);
if (_userService.AddToken(mappedRefreshToken))
{
return(Ok(GetJwt(user, refreshToken)));
}
return(BadRequest());
}
private UserTokenDto GenerateToken(GetUserDto user)
{
Claim[] claims = new[]
{
new Claim(nameof(User.Id), user.Id),
new Claim(nameof(User.Email), user.Email),
new Claim(JwtRegisteredClaimNames.Nbf, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()),
new Claim(JwtRegisteredClaimNames.Exp,
new DateTimeOffset(DateTime.Now.AddDays(_configuration.TokenExpirationPeriodInDay)).ToUnixTimeSeconds().ToString()),
};
JwtSecurityToken token = new JwtSecurityToken(
new JwtHeader(new SigningCredentials(_configuration.GetSymmetricSecurityKey(),
SecurityAlgorithms.HmacSha256)),
new JwtPayload(claims));
string tokenValue = new JwtSecurityTokenHandler().WriteToken(token);
UserTokenDto tokenResponse = new UserTokenDto
{
User = user,
AccessToken = tokenValue,
ExpiresIn = (int)TimeSpan.FromDays(_configuration.TokenExpirationPeriodInDay).TotalSeconds
};
return(tokenResponse);
}
public void InsertUserToken(UserTokenDto userTokenDto)
{
var userToken = Mapper.Map <UserToken>(userTokenDto);
ToDoUnitOfWork.UserTokenRepository.Insert(userToken);
ToDoUnitOfWork.Save();
}
public async Task <GenericResponse> Put(long id, UserTokenDto dto)
{
if (id != dto.Id)
{
return(GenericResponse.Error(ResultType.Error, "Ids are mismatch!", "RT_PT_01", StatusCodes.Status500InternalServerError));
}
try
{
UserTokenBo bo = UserTokenBo.ConvertToBusinessObject(dto);
ServiceResult serviceResult = await serviceManager.UserToken_Service.UpdateAsync(id, bo);
if (serviceResult.Success)
{
await serviceManager.CommitAsync();
return(GenericResponse.Ok());
}
else
{
return(GenericResponse.Error(ResultType.Error, serviceResult.Error, "RT_PT_02", StatusCodes.Status500InternalServerError));
}
}
catch (Exception ex)
{
Log(ex.Message, LogLevel.Error, this.ControllerContext.RouteData.Values);
return(GenericResponse.Error(ResultType.Error, ex.Message, "RT_PT_03", StatusCodes.Status500InternalServerError));
}
}
private async Task <OperationResult> Login(string userName, string registKey, LoginDevice loginDevice, string clientVersion)
{
//更新最后一次登录的RegistKey
var theUser = await UserInfos.SingleOrDefaultAsync(p => p.SysUser.UserName == userName);
if (theUser == null)
{
return(new OperationResult(OperationResultType.ValidError, "数据错误", null));
}
if (theUser.RegistKey != registKey)
{
theUser.RegistKey = registKey;
await UserInfoRepo.UpdateAsync(theUser);
}
//变更登录信息
await ResetToken(theUser, loginDevice, clientVersion);
var loginInfo = new UserTokenDto()
{
Id = theUser.Id,
NickName = theUser.SysUser.NickName,
HeadPic = theUser.HeadPic,
Sex = theUser.Sex,
Token = theUser.Token
};
return(new OperationResult(OperationResultType.Success, "登录成功", loginInfo));
}
/// <summary>
/// 用户登录
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="password">密码</param>
/// <param name="registKey">极光registKey</param>
/// <param name="loginDevice">登录设备</param>
/// <param name="clientVersion">客户端版本</param>
/// <param name="type">登录方式</param>
/// <returns></returns>
public async Task <OperationResult> Login(string userName, string password, string registKey, LoginDevice loginDevice, string clientVersion, int type)
{
userName.CheckNotNullOrEmpty("userName");
password.CheckNotNullOrEmpty("password");
SysUser sUser = await UserManager.FindByNameAsync(userName);
if (sUser == null)
{
return(new OperationResult(OperationResultType.ValidError, "用户不存在", 0));
}
if (sUser.IsLocked)
{
return(new OperationResult(OperationResultType.ValidError, "您的账号已被冻结,请联系客服", 0));
}
if (type == 2)
{
//验证码
var severCode = GetValidateCode(userName, CodeType.临时密码);
if (severCode == null || severCode.Code != password)
{
return(new OperationResult(OperationResultType.ValidError, "临时密码错误", 0));
}
}
else
{
if (!await UserManager.CheckPasswordAsync(sUser, password))
{
return(new OperationResult(OperationResultType.ValidError, "用户名或密码错误", null));
}
}
if (sUser.UserType != UserType.App用户)
{
return(new OperationResult(OperationResultType.QueryNull, "用户不存在", null));
}
//更新最后一次登录的RegistKey
var theUser = await UserInfos.SingleOrDefaultAsync(p => p.SysUser.UserName == userName);
if (theUser.RegistKey != registKey)
{
theUser.RegistKey = registKey;
await UserInfoRepo.UpdateAsync(theUser);
}
//变更登录信息
await ResetToken(theUser, loginDevice, clientVersion);
var loginInfo = new UserTokenDto()
{
Id = theUser.Id,
NickName = theUser.SysUser.NickName,
HeadPic = theUser.HeadPic,
Sex = theUser.Sex,
PhoneNo = theUser.SysUser.PhoneNumber,
Token = theUser.Token
};
//return new OperationResult(OperationResultType.Success, "登录成功", sUser);
return(new OperationResult(OperationResultType.Success, "登录成功", loginInfo));
}
public async Task <UserTokenDto> RefreshToken(UserTokenDto userToken)
{
if (userToken == null)
{
throw new ArgumentNullException(nameof(userToken), ExceptionStrings.NullArgumentException);
}
var user = await GetUserFromExpiredToken(userToken.AccessToken);
if (user.RefreshToken != userToken.RefreshToken)
{
throw new SecurityTokenException(ExceptionStrings.InvalidRefreshTokenException);
}
var newAccessToken = await GenerateAccessToken(user);
var newRefreshToken = GenerateRefreshToken();
user.RefreshToken = newRefreshToken;
user.LastActive = DateTime.UtcNow;
var updateResult = await _userManager.UpdateAsync(user);
if (!updateResult.Succeeded)
{
throw new ObjectUpdateException(ExceptionStrings.RefreshException, user.Email, newRefreshToken);
}
return(new UserTokenDto()
{
AccessToken = newAccessToken, RefreshToken = newRefreshToken
});
}
public async Task <IActionResult> UpdateTokens([FromBody] UpdateTokensRequest updateTokensRequest)
{
UserTokenDto userToken = await _accountService.UpdateTokens(updateTokensRequest.RefreshToken);
await _unitOfWork.CommitAsync();
return(Ok(userToken));
}
public async Task <IActionResult> Auth([FromBody] AuthRequestDto authRequestDto)
{
UserTokenDto userToken = await _accountService.Auth(authRequestDto.Login, authRequestDto.Password);
await _unitOfWork.CommitAsync();
return(Ok(userToken));
}
/// <summary>
/// 三方登录
/// </summary>
/// <param name="thirdKey">三方key</param>
/// <param name="thirdProvider">微博?QQ?微信?</param>
/// <param name="loginDevice">登录设备 IOS?Android?</param>
/// <param name="clientVersion">客户端版本</param>
/// <param name="registKey">极光推送Key</param>
/// <returns></returns>
public async Task <OperationResult> LoginByThird(string thirdKey, ThirdProvider thirdProvider, LoginDevice loginDevice, string clientVersion, string registKey = "")
{
var thirdUser = SysUserLoginRepo.Entities.SingleOrDefault(m => m.ProviderKey == thirdKey && m.ThridProvider == thirdProvider);
if (thirdUser == null)
{
var userName = "******" + DateTime.Now.ToString("yyyyMMddhhffff");
SysUser sUser = new SysUser()
{
UserName = userName,
NickName = userName,
UserType = UserType.App用户,
};
UserInfoRepo.UnitOfWork.TransactionEnabled = true;
await UserManager.CreateAsync(sUser);
var userInfo = new UserInfo()
{
SysUser = sUser,
IsDeleted = false,
Sex = Sex.限,
};
await UserInfoRepo.InsertAsync(userInfo);
thirdUser = new SysUserLogin()
{
ProviderKey = thirdKey,
ThridProvider = thirdProvider,
User = sUser,
};
await SysUserLoginRepo.InsertAsync(thirdUser);
await UserInfoRepo.UnitOfWork.SaveChangesAsync();
}
var theUser = UserInfoRepo.Entities.SingleOrDefault(m => m.SysUser.Id == thirdUser.User.Id);
if (theUser.RegistKey != registKey)
{
theUser.RegistKey = registKey;
await UserInfoRepo.UpdateAsync(theUser);
}
//变更登录信息
await ResetToken(theUser, loginDevice, clientVersion);
var loginInfo = new UserTokenDto()
{
Id = theUser.Id,
NickName = theUser.SysUser.NickName,
HeadPic = theUser.HeadPic,
Sex = theUser.Sex,
Token = theUser.Token
};
return(CdkxResult.Success(loginInfo));
}
public async Task InvokeAsync(HttpContext context, IConfiguration configuration)
{
var cookieValue = context.Request.Cookies?[configuration["TokenCookieName"]];
if (!string.IsNullOrEmpty(cookieValue))
{
UserTokenDto deserializedTokens = JsonConvert.DeserializeObject <UserTokenDto>(cookieValue);
context.Request.Headers.Add("Authorization", "Bearer " + deserializedTokens.AccessToken);
}
await _next.Invoke(context);
}
public IActionResult AddUpdateToken(UserTokenDto dto)
{
try
{
ResponseDto res = _userCommon.AddEditToken(dto);
return(StatusCode(200, res));
}
catch (Exception ex)
{
return(StatusCode(500, ex.Message.ToString()));
}
}
/// <summary>
/// 用户登录
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="password">密码</param>
/// <param name="registKey">极光registKey</param>
/// <param name="loginDevice">登录设备</param>
/// <param name="clientVersion">客户端版本</param>
/// <returns></returns>
public async Task <OperationResult> Login(string userName, string password, string registKey, LoginDevice loginDevice, string clientVersion)
{
userName.CheckNotNullOrEmpty("userName");
password.CheckNotNullOrEmpty("password");
SysUser sUser = await UserManager.FindByNameAsync(userName);
var result = await UserManager.CheckPasswordAsync(sUser, password);
if (sUser == null || sUser.UserType != UserType.App用户)
{
return(new OperationResult(OperationResultType.QueryNull, "用户不存在", null));
}
else if (sUser.IsLocked)
{
return(new OperationResult(OperationResultType.ValidError, "该账号已被冻结,请联系客服。", null));
}
else if (!await UserManager.CheckPasswordAsync(sUser, password))
{
return(new OperationResult(OperationResultType.ValidError, "用户名或密码错误", null));
}
else
{
//更新最后一次登录的RegistKey
var theUser = await UserInfos.SingleOrDefaultAsync(p => p.SysUser.UserName == userName);
if (theUser == null)
{
return(new OperationResult(OperationResultType.ValidError, "数据错误", null));
}
if (theUser.RegistKey != registKey)
{
theUser.RegistKey = registKey;
await UserInfoRepo.UpdateAsync(theUser);
}
//变更登录信息
await ResetToken(theUser, loginDevice, clientVersion);
var loginInfo = new UserTokenDto()
{
Id = theUser.Id,
NickName = theUser.SysUser.NickName,
HeadPic = theUser.HeadPic,
Sex = theUser.Sex,
Token = theUser.Token
};
return(new OperationResult(OperationResultType.Success, "登录成功", loginInfo));
}
}
public IViewComponentResult Invoke()
{
if (!string.IsNullOrEmpty(HttpContext.Session.GetString("USER_INFO")))
{
HeaderComponentDto headerComponentDto = new HeaderComponentDto();
var userInfo = HttpContext.Session.GetString("USER_INFO");
UserTokenDto userTokenDto = JsonConvert.DeserializeObject <UserTokenDto>(userInfo);
headerComponentDto.UserTokenDto = userTokenDto;
headerComponentDto.CategoryList = CategoryService.Instance.GetCategoryList();
return(View("HeaderComponentView", headerComponentDto));
}
return(Content(string.Empty));
//return View("HeaderComponentView");
}
public ActionResult <UserTokenDto> Post()
{
_logger.LogInformation("refresh token!");
_logger.LogDebug("refresh token!");
var dateTime = DateTime.Now.AddDays(1);
var token = GeneratorToken(dateTime);
var result = new UserTokenDto {
Token = token, Seconds = (long)TimeSpan.FromDays(1).TotalSeconds
};
_logger.LogDebug($"new token info:[{result}]");
_logger.LogInformation("refresh token success!");
return(result);
}
public UserTokenDto GenerateToken(User user)
{
UserTokenDto userToken = new UserTokenDto();
//
var tokenHandler = new JwtSecurityTokenHandler();
//
var jwtConfig = _configuration.GetSection("jwt");
string secretKey = jwtConfig.GetValue <string>("SecretKey");
string issuerName = jwtConfig.GetValue <string>("IssuerName");
int tokenValidity = jwtConfig.GetValue <int>("Validity");
//
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
List <Claim> claims = new List <Claim>();
claims.Add(new Claim("Id", user.Id.ToString()));
claims.Add(new Claim(ClaimTypes.Email, user.Email));
claims.Add(new Claim(ClaimTypes.Name, user.Email));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Email));
foreach (var userRole in user.UserRoles)
{
if (userRole.Role != null)
{
claims.Add(new Claim(ClaimTypes.Role, userRole.Role.Name));
}
}
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims);
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = issuerName,
Subject = claimsIdentity,
Expires = DateTime.UtcNow.AddMinutes(tokenValidity),
SigningCredentials = credentials
};
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
string token = tokenHandler.WriteToken(securityToken);
//
userToken.Email = user.Email;
userToken.AccessToken = token;
userToken.Expiry = tokenValidity;
//
return(userToken);
}
public async Task <ActionResult <UserTokenDto> > Login([FromBody] UserLoginDto loginData)
{
var user = await authenticationService.Authenticate(loginData.Name, loginData.Password);
if (user == null)
{
return(Unauthorized("Invalid credential"));
}
var userToken = new UserTokenDto()
{
Bearer = user.GetJwtToken()
};
return(Ok(userToken));
}
public UserTokenDto Auth(CredentialDto model)
{
var user = _userService.GetUserAuth(model.Email, EncryptHelper.Sha256(model.Password));
if (user == null)
{
return(null);
}
var token = TokenHelper.GenerateJwtToken(user.Email, user.Password);
var userToken = new UserTokenDto(user.UserId, user.Name, token);
return(userToken);
}
public IActionResult LogOut(UserTokenDto userTokenDto)
{
try
{
this.userConfiguration.LogOut(userTokenDto);
return(Ok(new
{
message = "Sesion cerrada correctamente"
}));
}
catch (BussinessException e)
{
return(Problem(e.ReasonPhrase ?? e.Message, null, (int?)e.StatusCode, null, null));
}
catch (Exception) { throw; }
}
public IDataResult <UserTokenDto> CreateAccessToken(User user)
{
var claims = _userOperationClaimService.GetClaims(user).Data;
if (claims != null)
{
var accessToken = _tokenHelper.CreateToken(user, claims);
UserTokenDto userDto = new UserTokenDto
{
Token = accessToken.Token,
Expiration = accessToken.Expiration,
UserID = user.UserID
};
return(new SuccessDataResult <UserTokenDto>(userDto, Messages.AccessTokenCreated));
}
return(new ErrorDataResult <UserTokenDto>(Messages.NotHaveAnyClaim));
}
public async Task <IActionResult> Registrate([FromBody] RegistrationRequestDto registrationRequest)
{
bool isSuccessfulRegistration = await _accountService.RegistrateAsync(registrationRequest);
if (!isSuccessfulRegistration)
{
return(null);
}
await _unitOfWork.CommitAsync();
UserTokenDto userToken = await _accountService.Auth(registrationRequest.Login, registrationRequest.Password);
await _unitOfWork.CommitAsync();
return(Ok(userToken));
}
public override void OnActionExecuting(ActionExecutingContext context)
{
IUnitOfWork unitOfWork = (IUnitOfWork)context.HttpContext.RequestServices.GetService(typeof(IUnitOfWork));
ITokenProcessor tokenProcessor = (ITokenProcessor)context.HttpContext.RequestServices.GetService(typeof(ITokenProcessor));
string token = context.HttpContext.Request.Headers["authentication"];
if (!token.IsSet())
{
context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Result =
new JsonResult("Access token is not sent with the request. Check your request headers!");
}
else
{
bool addClaimsToHttpContext = true;
//ToDo :: encrypt whole jwt token with hardcoded key
UserTokenDto user = unitOfWork.UserRepository.GetByAccessToken(token);
if (user == null)
{
context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Result = new JsonResult("User doesn't exists. Check Access Token!");
addClaimsToHttpContext = false;
}
else if (DateTime.Now > user.TokenExpirationDateTime)
{
context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
context.Result = new JsonResult("Bad access token!");
addClaimsToHttpContext = false;
}
if (addClaimsToHttpContext)
{
IEnumerable <Claim> claims = tokenProcessor.GetTokenClaims(token);
if (claims != null)
{
ClaimsIdentity appIdentity = new ClaimsIdentity(claims);
context.HttpContext.User.AddIdentity(appIdentity);
}
}
}
base.OnActionExecuting(context);
}
public IHttpActionResult Login([FromBody] UserLoginDto model)
{
var result = userService.Login(model.username, model.password);
if (result.code == 0)
{
//userService.SignIn(result.data);
var userId = result.data.UserID;
var token = Guid.NewGuid().ToString();
var dtNow = DateTime.Now;
#region 将身份信息保存票据表中,验证当前请求是否是有效请求
//判断此用户是否存在票据信息
var userToken = tokenService.GetTicketByUserId(userId);
if (userToken != null)
{
//清空重置
tokenService.DeleteByUserId(userId);
}
UserTokenDto ticket = new UserTokenDto();
ticket.UserID = userId;
ticket.Token = token;
ticket.CreateDate = dtNow;
ticket.ExpireDate = dtNow.AddDays(2); //30分钟过期
tokenService.Insert(ticket);
#endregion
return(Ok(new
{
code = 0,
msg = "success",
data = token
}));
}
else
{
return(Ok(new
{
code = result.code,
msg = result.msg
}));
}
}
public async Task <ActionResult <UserTokenDto> > Refresh([FromBody] TokenDto refreshTokenModel)
{
var refresh = await _tokenService.VerifyRefreshToken(refreshTokenModel.RefreshToken);
var claims = _tokenService.GetPrincipalFromExpiredToken(refreshTokenModel.JWT);
var jwt = _tokenService.GenerateJWT(claims.Claims);
var refreshToken = await _tokenService.UpdateRefreshRecord(refresh);
UserTokenDto userToken = new UserTokenDto
{
Id = refresh.User.Id,
FirstName = refresh.User.FirstName,
LastName = refresh.User.LastName,
Token = new TokenDto {
JWT = jwt, RefreshToken = refreshToken
}
};
return(Ok(userToken));
}
private async Task <UserTokenDto> BuildToken(UserInfoDto dto)
{
var user = await _userManager.FindByEmailAsync(dto.Email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_configuration["jwt:key"]);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
var response = new UserTokenDto
{
Expiration = DateTime.UtcNow.AddHours(1),
Token = encodedToken
};
return(response);
}
public static UserTokenDto ConvertToDto(UserTokenBo bo)
{
if (bo == null)
{
return(null);
}
UserTokenDto dto = new UserTokenDto();
dto.Id = bo.Id;
dto.UserId = bo.UserId;
dto.AccessToken = bo.AccessToken;
dto.RefreshToken = bo.RefreshToken;
dto.ExpiryDate = bo.ExpiryDate;
dto.IsLogout = bo.IsLogout;
dto.LoginTime = bo.LoginTime;
dto.LogoutTime = bo.LogoutTime;
dto.User = UserBo.ConvertToDto(bo.User);
return(dto);
}
public async Task <IActionResult> ResetPassword(UserTokenDto userTokenDto)
{
if (userTokenDto?.User == null ||
string.IsNullOrWhiteSpace(userTokenDto.VerificationToken) ||
string.IsNullOrWhiteSpace(userTokenDto.User.Email) ||
string.IsNullOrWhiteSpace(userTokenDto.User.Password))
{
return(BadRequest(new BadRequestError("Verification token, Email and Password have to be set")));
}
try
{
var user = await _userService.ResetPasswordAsync(userTokenDto.User.Email, userTokenDto.User.Password, userTokenDto.VerificationToken);
return(Ok(user));
}
catch (IdentityUserServiceException exception)
{
return(BadRequest(new BadRequestError(exception.ToString())));
}
}
/// <summary>
/// 创建Jwt Token
/// </summary>
/// <param name="userInfo"></param>
/// <param name="roles"></param>
/// <returns></returns>
public string CreateAccessToken(UserTokenDto userInfo, List <string> roles)
{
// 用户基本信息
var claims = new List <Claim> {
new Claim("Uid", userInfo.Id.ToString()),
new Claim("Name", userInfo.RealName.SafeString()),
new Claim("MobilePhone", userInfo.Mobile.SafeString()),
new Claim("Email", userInfo.Email.SafeString())
};
// 角色数据
foreach (var info in roles)
{
claims.Add(new Claim("scope", info));
}
var expires = _config.StringGet("TokenExpires", "4");
var token = _tokenBuilder.BuildJwtToken(claims, DateTime.UtcNow, DateTime.Now.AddHours(Convert.ToInt32(expires)));
// accessToken
return(token.TokenValue);
}
