Esempio n. 1
0
        /// <summary>
        /// 获取当前请求用户上下文信息
        /// </summary>
        /// <returns></returns>
        public AuthContext GetUserAuthContext()
        {
            ClaimsPrincipal claimsPrincipal = _httpContextAccessor.HttpContext.User;

            //des解密
            int.TryParse(DESEncrypting.Decrypt(claimsPrincipal.FindFirstValue(JwtRegisteredClaimNames.Sub), _configuration["DESKey"]), out int userId);

            AuthContext authContext = new AuthContext()
            {
                ID       = userId,
                Username = claimsPrincipal.FindFirstValue(JwtRegisteredClaimNames.UniqueName),
                Email    = claimsPrincipal.FindFirstValue(JwtRegisteredClaimNames.Email),
                Role     = claimsPrincipal.FindFirstValue(ClaimTypes.Role),
            };

            return(authContext);
        }
Esempio n. 2
0
        /// <summary>
        /// 创建Token
        /// </summary>
        /// <param name="userName"></param>
        /// <param name="role"></param>
        /// <returns></returns>
        public string CreateToken(AuthContext authContext)
        {
            /**
             * exp: Expiration Time。 token 过期时间,Unix 时间戳格式
             * .NET Core的JwtSecurityToken类承担了繁重的工作,并实际创建了令牌.
             * Claims (Payload)
             * Claims 部分包含了一些跟这个 token 有关的重要信息。 JWT
             * iss: The issuer of the token,token 是给谁的
             * sub: The subject of the token,token 主题
             * exp: Expiration Time。 token 过期时间,Unix 时间戳格
             * iat: Issued At。 token 创建时间, Unix 时间戳格式
             * jti: JWT ID。针对当前 token 的唯一标识
             * 除了规定的字段外,可以包含其他任何 JSON 兼容的字段。
             */

            SymmetricSecurityKey symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Token:Secret"])); //密钥

            List <Claim> claimsInfo = new List <Claim>
            {
                new Claim(JwtRegisteredClaimNames.Iss, _configuration["Token:Issuer"]),
                new Claim(JwtRegisteredClaimNames.Aud, _configuration["Token:Audience"]),
                new Claim(JwtRegisteredClaimNames.Jti, $"{ Guid.NewGuid().ToString("N") }"),
                new Claim(JwtRegisteredClaimNames.Iat, $"{ DateTime.UtcNow.ToUniversalTime() }", ClaimValueTypes.Integer64),
                new Claim(JwtRegisteredClaimNames.Nbf, $"{ new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds() }"),                                                           //可用时间起始
                new Claim(JwtRegisteredClaimNames.Exp, $"{ new DateTimeOffset(DateTime.Now.AddMinutes(Convert.ToDouble(_configuration["Token:Exp"]))).ToUnixTimeSeconds() }"), //可用时间结束
                new Claim(JwtRegisteredClaimNames.Sub, DESEncrypting.Encrypt(authContext.ID.ToString(), _configuration["DESKey"])),                                            //用户id使用des加密
                new Claim(JwtRegisteredClaimNames.UniqueName, authContext.Username),                                                                                           //用户名
                new Claim(JwtRegisteredClaimNames.Email, authContext.Email),
                new Claim(ClaimTypes.Role, authContext.Role),                                                                                                                  //角色
            };

            JwtSecurityToken token = new JwtSecurityToken(claims: claimsInfo, signingCredentials: new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256)); //加密算法

            JwtSecurityTokenHandler jwtSecurityTokenHandler = new JwtSecurityTokenHandler();

            return(jwtSecurityTokenHandler.WriteToken(token));
        }