public async Task <string> CreateToken(AppUser user) // A token can take claims, credentials and other information. As we are using the await keyword within this method, we need to make the method async and we need to return a Task instead
{
var claims = new List <Claim> // We start off by identifying what claims we are going to put inside of this token.
{
new Claim(JwtRegisteredClaimNames.NameId, user.Id.ToString()), // This will be our name identifier for just about everything. We use the NameId do the users ID. We have to use the ToString method on the Id as claims principles have to be strings
new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName) //We use the UniqueName field to store the user.userName.
};
var roles = await UserManager.GetRolesAsync(user); // this gets a list of the roles that the user is assigned to
claims.AddRange(roles.Select(role => new Claim(ClaimTypes.Role, role))); // Here we select the role from the list of roles, we then create a new claim and rather than use JWT claim naes, we use claim types because the claim names do not have an option for role.
var creds = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature); // This object takes a security key and an algorithm
// Now we need to describe our token:
var tokenDescriptor = new SecurityTokenDescriptor // We specify here what goes inside of our token. This descrbes how this token is going to look
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(7),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
// This is a lot of code here but ultimately all we need to know is that this is the code that will create our token. When we want to create a new token within a class, we inject this service into the class. We can then use the create token method which allows us to create a new token based on the user
}
public async Task <string> CreateToken(AppUser user)
{
var claims = new List <Claim> // We start off by identifying what claims we are going to put inside of this token.
{
new Claim(JwtRegisteredClaimNames.NameId, user.Id.ToString()), // This will be our name identifier for just about everything. We use the NameId to store the user.userName
new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName)
};
var roles = await UserManager.GetRolesAsync(user);
claims.AddRange(roles.Select(role => new Claim(ClaimTypes.Role, role))); // The AddRange Adds the elements of the specified collection to the end of the list
var creds = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature); // This object takes a security key and an algorithm
// Now we need to describe our token:
var tokenDescriptor = new SecurityTokenDescriptor // We specify here what goes inside of our token. This descrbes how this token is going to look
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(7),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
// This is a lot of code here but ultimately all we need to know is that this is the code that will create our token. When we want to create a new token within a class, we inject this service into the class. We can then use the create token method which allows us to create a new token based on the user
}
