public string GenerateJwt(AccountERD account) { var authParams = _authOptions.Value; var securityKey = authParams.GetSymmetricSecurityKey(); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new List <Claim>() { new Claim(JwtRegisteredClaimNames.Email, account.EmailAddress), new Claim(JwtRegisteredClaimNames.Sub, account.Id.ToString()), new Claim("role", GetAccountUser(account).RoleId.ToString()) }; var token = new JwtSecurityToken(authParams.Issuer, authParams.Audience, claims, expires: DateTime.Now.AddSeconds(authParams.TokenLifetime), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }
private UserERD GetAccountUser(AccountERD account) { return(_appContext.Users.SingleOrDefault(u => u.Id == account.UserId)); }