public string MakeToken(string email, string password) { var user = _context.Users.Include(u => u.UserUserCases) .FirstOrDefault(x => x.Email == email && x.Password == password); if (user == null) { return(null); } var actor = new JwtActor { Id = user.Id, AllowedUseCases = user.UserUserCases.Select(x => x.UseCaseId), Identity = user.Username }; var issuer = "asp_api"; var secretKey = "ThisIsMyVerySecretKey"; var claims = new List <Claim> // Jti : "", { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString(), ClaimValueTypes.String, issuer), new Claim(JwtRegisteredClaimNames.Iss, "asp_api", ClaimValueTypes.String, issuer), new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64, issuer), new Claim("UserId", actor.Id.ToString(), ClaimValueTypes.String, issuer), new Claim("ActorData", JsonConvert.SerializeObject(actor), ClaimValueTypes.String, issuer) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var now = DateTime.UtcNow; var token = new JwtSecurityToken( issuer: issuer, audience: "Any", claims: claims, notBefore: now, expires: now.AddHours(12), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public string MakeToken(string email) { var user = _context.ApplicaitonUsers.Include(au => au.Role).ThenInclude(r => r.RoleUserCases) .FirstOrDefault(x => x.Email == email); var actor = new JwtActor { Id = user.Id, AllowedUseCases = user.Role.RoleUserCases.Select(x => x.UseCaseId), Identity = user.Email }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString(), ClaimValueTypes.String, _jwtSettings.Issuer), new Claim(JwtRegisteredClaimNames.Iss, "asp_api", ClaimValueTypes.String, _jwtSettings.Issuer), new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64, _jwtSettings.Issuer), new Claim("UserId", actor.Id.ToString(), ClaimValueTypes.String, _jwtSettings.Issuer), new Claim("ActorData", JsonConvert.SerializeObject(actor), ClaimValueTypes.String, _jwtSettings.Issuer) }; var now = DateTime.UtcNow; var token = new JwtSecurityToken( issuer: _jwtSettings.Issuer, audience: _jwtSettings.Audience, claims: claims, notBefore: now, expires: now.AddHours(20), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }