public void OnAuthorization(AuthorizationFilterContext context)
{
if (context.Filters.All(f => !(f is AuthorizeFilter)))
{
return;
}
if (context.HttpContext.User.Claims.Any())
{
var uid = int.Parse(context.HttpContext.User.FindFirst(ClaimTypes.Uid)?.Value);
var token = context.HttpContext.User.FindFirst(ClaimTypes.Token)?.Value;
if (LoginStaticToken.CheckToken(uid, token))
{
if (_userService.CurrentUsers.Username.IsNullOrWhiteSpace())
{
var user = _userService.FindUserById(uid);
_userService.CurrentUsers.Uid = uid;
_userService.CurrentUsers.Email = user.Email;
_userService.CurrentUsers.Username = user.Username;
_userService.CurrentUsers.ScreenName = user.ScreenName;
return;
}
}
}
context.Result = new UnauthorizedResult();
}
private string GenerateJsonWebToken(Users user)
{
var token = Guid.NewGuid().ToString();
var claims = new[]
{
new Claim(ClaimTypes.Uid, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.Token, token),
};
LoginStaticToken.SaveToken(user.Id, token);
var days = _configuration["Auth:JwtExpireDays"];
var key = _configuration["Auth:JwtKey"];
var issuer = _configuration["Auth:JwtIssuer"];
var expires = DateTime.UtcNow.AddDays(Convert.ToDouble(days));
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var jwtSecurityToken = new JwtSecurityToken
(
issuer,
issuer,
claims,
expires: expires,
signingCredentials: new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256)
);
return(new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken));
}
