public async Task <ActionResult> RequestToken([FromBody] LoginCommandDTO request) { if (request == null) { return(BadRequest()); } // larsson:这里必须startup中设置禁用自动400响应,SuppressModelStateInvalidFilter = true。否则Model验证失败后这里的ProductResource永远是null if (!ModelState.IsValid) { // larsson:如果要自定义422之外的响应则需要新建一个类继承UnprocessableEntityObjectResult return(new UnprocessableEntityObjectResult(ModelState)); } var(isAuth, result) = await _auth.IsAuthenticated(request); if (isAuth) { return(Ok(result)); } return(BadRequest("wrong user name or password")); }
public async Task <(bool IsAuthenticated, LoginResultDTO Token)> IsAuthenticated(LoginCommandDTO request) { var loginCommand = _mapper.Map <LoginCommand>(request); // larsson:这里应可以用消息队列(如MediatR)来解耦,实现CQRS var loginResult = await _userService.IsUserLoginValid(loginCommand.Username, loginCommand.Password); if (!loginResult.IsValid) { return(false, null); } LoginResultDTO loginResultDTO = null; loginResultDTO = new LoginResultDTO() { UserId = loginResult.UserId.ToString(), UserName = loginCommand.Username }; var dict = new Dictionary <string, string>(); dict.Add("UserName", loginResultDTO.UserName); dict.Add("UserId", loginResultDTO.UserId); var claims = dict?.Select(x => new Claim(x.Key, x.Value)); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenManagement.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken( issuer: _tokenManagement.Issuer, audience: _tokenManagement.Audience, claims: claims, expires: DateTime.Now.AddMinutes(_tokenManagement.AccessExpiration), signingCredentials: credentials); var token = new JwtSecurityTokenHandler().WriteToken(jwtToken); loginResultDTO.Token = token; return(true, loginResultDTO); }