Ejemplo n.º 1
0
        public JsonResult Login([FromQuery] string username, string password, string rolename)
        {
            // 用户名密码是否正确
            if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password) || string.IsNullOrWhiteSpace(rolename))
            {
                return(new JsonResult(new
                {
                    Code = 0,
                    Message = "传入参数不完整",
                }));
            }
            if (!((username == "aa" || username == "bb" || username == "cc") && password == "123456"))
            {
                return(new JsonResult(new
                {
                    Code = 0,
                    Message = "账号或密码错误",
                }));
            }
            // 你自己定义的角色/用户信息服务
            RoleService roleService = new RoleService();
            // 检验用户是否属于此角色
            var role = roleService.IsUserToRole(username, rolename);
            // CZGL.Auth 中一个用于加密解密的类
            EncryptionHash hash = new EncryptionHash();
            // 设置用户标识
            var userClaims = hash.BuildClaims(username, rolename);

            //// 自定义构建配置用户标识
            /// 自定义的话,至少包含如下标识
            //var userClaims = new Claim[]
            //{
            //new Claim(ClaimTypes.Name, userName),
            //    new Claim(ClaimTypes.Role, roleName),
            //    new Claim(JwtRegisteredClaimNames.Aud, Audience),
            //    new Claim(ClaimTypes.Expiration, TimeSpan.TotalSeconds.ToString()),
            //    new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString())
            //};

            /*
             * iss (issuer):签发人
             * exp (expiration time):过期时间
             * sub (subject):主题
             * aud (audience):受众
             * nbf (Not Before):生效时间
             * iat (Issued At):签发时间
             * jti (JWT ID):编号
             */
            // 方法一,直接颁发 Token
            ResponseToken token = hash.BuildToken(userClaims);

            //方法二,拆分多步,颁发 token,方便调试
            //var identity = hash.GetIdentity(userClaims);
            //var jwt = hash.BuildJwtToken(userClaims);
            //var token = hash.BuildJwtResponseToken(jwt);
            return(new JsonResult(token));
        }
Ejemplo n.º 2
0
        public async Task <JsonResult> Login(string username, string password, string rolename)
        {
            // 用户名密码是否正确
            User user = _context.Users.FirstOrDefault(x => x.UserName == username && x.UserPassword == password);

            //一般不使用明文密码
            //   hash.GetByHashString(password); 生成哈希加密的字符串

            if (user == null)
            {
                return(new JsonResult(
                           new ResponseModel
                {
                    Code = 0,
                    Message = "Login feild!"
                }));
            }

            // 检验用户选择登陆的角色是否有效
            Role      role      = _context.Roles.FirstOrDefault(x => x.RoleName.ToLower() == rolename.ToLower());
            UserClaim userClaim = _context.UserClaims.FirstOrDefault(x => x.RoleId == role.RoleId && x.UserId == user.Id);

            if (role == null || userClaim == null)
            {
                ResponseModel model = new ResponseModel
                {
                    Code    = 0,
                    Message = "You don't belong in that role",
                };

                return(new JsonResult(model));
            }
            // CZGL.Auth 中一个用于加密解密的类
            EncryptionHash hash = new EncryptionHash();

            // 设置用户标识
            var userClaims = hash.BuildClaims(username, rolename);

            //// 自定义构建配置用户标识
            /// 自定义的话,至少包含如下标识
            //var userClaims = new Claim[]
            //{
            //new Claim(ClaimTypes.Name, userName),
            //    new Claim(ClaimTypes.Role, roleName),
            //    new Claim(JwtRegisteredClaimNames.Aud, Audience),
            //    new Claim(ClaimTypes.Expiration, TimeSpan.TotalSeconds.ToString()),
            //    new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString())
            //};

            /*
             * iss (issuer):签发人
             * exp (expiration time):过期时间
             * sub (subject):主题
             * aud (audience):受众
             * nbf (Not Before):生效时间
             * iat (Issued At):签发时间
             * jti (JWT ID):编号
             */



            // 方法一,颁发 Token
            ResponseToken token = hash.BuildToken(userClaims);


            //方法二,拆分多步,颁发 token,方便调试
            //var identity = hash.GetIdentity(userClaims);
            //var jwt = hash.BuildJwtToken(userClaims);
            //var token = hash.BuildJwtResponseToken(jwt);

            return(new JsonResult(token));
        }