コード例 #1
0
            public IActionResult Login(LoginRequest loginRequest)
            {
                if (!_dbService.CheckPassword(loginRequest))
                {
                    return Forbid("Bearer");
                }

                var claims = _dbService.GetClaims(loginRequest.Index);
                var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
                var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

                var token = new JwtSecurityToken(
                    issuer: "Gakko",
                    audience: "Students",
                    claims: claims,
                    expires: DateTime.Now.AddMinutes(15),
                    signingCredentials: creds
                );
                var refreshToken = Guid.NewGuid();
                _dbService.SetRefreshToken(loginRequest.Index, refreshToken.ToString());
                return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken });
            }