public string GenerateToken(User user) { user.EnsureNotNull(nameof(user)); var random = new CryptoRandom(); var session = random.RandomBytes(16).GetBase64String(); var roles = user.Role.ToString().Split(',').Select(x => new Claim(ClaimTypes.Role, x.Trim())); var claim = new List <Claim>(roles) { new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.GivenName, user.FirstName), new Claim(JwtRegisteredClaimNames.FamilyName, user.LastName), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(JwtRegisteredClaimNames.Jti, session) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtConfig.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken( JwtConfig.Issuer, JwtConfig.Audience, claim, expires: DateTime.Now.AddMinutes(JwtConfig.AccessExpiration), signingCredentials: credentials ); var token = new JwtSecurityTokenHandler().WriteToken(jwtToken); JwtSessionService.Add(session, jwtToken); return(token); }
public void RemoveSession(string session) { session.EnsureNotNullOrWhiteSpace(nameof(session)); JwtSessionService.Remove(session); }