public bool IsAuthenticated(LoginRequestDTO request, out string token)
        {
            token = string.Empty;
            if (!_userService.IsValid(request))
            {
                return(false);
            }
            var claims = new[]
            {
                new Claim(ClaimTypes.Name, request.Username)
            };
            var key         = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenManagement.Secret));
            var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
            var jwtToken    = new JwtSecurityToken(_tokenManagement.Issuer, _tokenManagement.Audience, claims,
                                                   expires: DateTime.Now.AddMinutes(_tokenManagement.AccessExpiration),
                                                   signingCredentials: credentials);

            token = new JwtSecurityTokenHandler().WriteToken(jwtToken);
            return(true);
        }
Beispiel #2
0
 //模拟测试,默认都是人为验证有效
 public bool IsValid(LoginRequestDTO req)
 {
     return(true);
 }