public IActionResult Signup() { var username = HttpContext.Request.Form["username"]; var password = HttpContext.Request.Form["password"]; var sign = HmacHelper.HmacSha1ToBase64(username, password); Console.WriteLine(HttpContext.Request.Host.Value); //return RedirectToRoute("HttpContext.Request.Host.Value" + "/api/token", new { username, sign }); return(new JsonResult(new { username, usersign = sign })); //RedirectToRoute("/api/token", "username="******"&usersign=" + sign); }
private Task <ClaimsIdentity> GetIdentity(string username, string userSign) { //从数据库中读取对应用户的密码计算HMAC var sign = HmacHelper.HmacSha1ToBase64(username, "TEST123"); Console.WriteLine(sign); // Don't do this in production, obviously! if (sign == userSign) { return(Task.FromResult(new ClaimsIdentity(new GenericIdentity(username, "Token"), new Claim[] { }))); } // Credentials are invalid, or account doesn't exist return(Task.FromResult <ClaimsIdentity>(null)); }