// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllers(); services.AddHttpContextAccessor(); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Version = "v1", Title = "API", Description = "ASP.NET Core Web API", }); c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme { Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"", Name = "Authorization", In = ParameterLocation.Header, Type = SecuritySchemeType.ApiKey }); }); Services.ServiceConfiguration.Configure(services, Configuration); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build()); }); services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; }); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = TokenModel.ISSUER, ValidateAudience = true, ValidAudience = TokenModel.AUDIENCE, ValidateLifetime = true, IssuerSigningKey = TokenModel.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true }; }); }
private object GenerateToken(UserDto user) { var identity = GetIdentity(user); var now = DateTime.UtcNow; var expiredDate = now.Add(TimeSpan.FromMinutes(TokenModel.LIFETIME)); var jwt = new JwtSecurityToken( issuer: TokenModel.ISSUER, audience: TokenModel.AUDIENCE, notBefore: now, claims: identity.Claims, expires: expiredDate, signingCredentials: new SigningCredentials(TokenModel.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new { encodedJwt, expiredDate }; return(response); }