protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//jwt的token是加载header,所以在此要验证一下
var authHeader = httpContext.Request.Headers["auth"];
if (authHeader != null)
{
var infuser = JwtHelper.DecodeJWT(authHeader);
if (infuser.Name == "admin" && infuser.PassWord == "123")
{
return(true);
}
}
httpContext.Response.StatusCode = 403;
return(false);
}
public AjaxResult test2()
{
AuthInfo authInfo = new AuthInfo
{
IsAdmin = true,
Roles = new List <string> {
"admin", "owner"
},
UserName = "******"
};
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
string encryptToken = encoder.Encode(authInfo, "123456");
IJwtDecoder decoder = new JwtDecoder(serializer, urlEncoder);
string result = decoder.Decode(encryptToken);
string token = JwtHelper.CreateJWT(authInfo, "123456");
AuthInfo tokenAuthInfo = JwtHelper.DecodeJWT <AuthInfo>(token, "123456");
return(new AjaxResult
{
statusCode = 200,
data = new {
authInfo = authInfo,
encryptToken = encryptToken,
result = JsonHelper.Deserialize <AuthInfo>(result),
token = token,
tokenAuthInfo = tokenAuthInfo
}
});
}