Esempio n. 1
0
        private async Task <string> GenerateTokenAsync(User user)
        {
            var            handler  = new JwtSecurityTokenHandler();
            ClaimsIdentity identity = new ClaimsIdentity(
                GetTokenClaims(user).Union(await _userManager.GetClaimsAsync(user))
                );

            var expiresIn     = DateTime.Now + TimeSpan.FromMinutes(TokenAuthOptions.LIFETIME);
            var securityToken = handler.CreateToken(new SecurityTokenDescriptor
            {
                Issuer             = TokenAuthOptions.ISSUER,
                Audience           = TokenAuthOptions.AUDIENCE,
                SigningCredentials = new SigningCredentials(TokenAuthOptions.GetKey(), SecurityAlgorithms.HmacSha256),
                Subject            = identity,
                Expires            = expiresIn
            });

            return(handler.WriteToken(securityToken));
        }
Esempio n. 2
0
        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddLog4Net(Path.Combine(env.WebRootPath, "Config", "log4net.config"));
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions
                {
                    HotModuleReplacement = true
                });
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
            }

            app.UseStaticFiles();

            var options = new JwtBearerOptions
            {
                TokenValidationParameters =
                {
                    ValidIssuer              = TokenAuthOptions.ISSUER,
                    ValidAudience            = TokenAuthOptions.AUDIENCE,
                    ValidateIssuer           = true,
                    IssuerSigningKey         = TokenAuthOptions.GetKey(),
                    ValidateIssuerSigningKey = true,
                    ValidateLifetime         = true,
                    ClockSkew                = TimeSpan.Zero,
                },
                AutomaticAuthenticate = true,
                AutomaticChallenge    = true,
                Events = new JwtBearerEvents
                {
                    OnAuthenticationFailed = context =>
                    {
                        context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                        context.HandleResponse();
                        return(Task.FromResult(0));
                    },
                    OnChallenge = context =>
                    {
                        context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                        context.HandleResponse();
                        return(Task.FromResult(0));
                    }
                }
            };

            app.UseJwtBearerAuthentication(options);
            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");

                routes.MapSpaFallbackRoute(
                    name: "spa-fallback",
                    defaults: new { controller = "Home", action = "Index" });
            });
        }