public async Task <IActionResult> Get([FromForm] Shopusers applicationUser)
{
_logger.LogInformation("Get Token");
var identity = await LoginValidate(applicationUser);
if (identity == null)
{
_logger.LogInformation($"Invalid username({applicationUser}) or password({applicationUser.Password}");
return(BadRequest("Wrong Password"));
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, applicationUser.UserName),
new Claim(JwtRegisteredClaimNames.NameId, "57614409"),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, DateTimeHelper.ToUnixEpochDate(_jwtOptions.IssueAt).ToString(), ClaimValueTypes.Integer64),
identity.FindFirst("LoginCharacter")
};
//生成 jwt 安全token, 并编码
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials
);
string encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
//序列化返回的对象
var response = new
{
Success = "0",
Message = "",
Data = new
{
Access_Token = encodedJwt,
Expires_In = (int)_jwtOptions.ValidFor.TotalSeconds
}
};
return(Json(response));
}
/// <summary>
/// 模拟登录验证操作
/// </summary>
/// <param name="user">用户</param>
/// <returns>带有权限的对象</returns>
/// <remarks>此方法为验证方法, 在正式项目中作为授权和配置权限使用, 注意与start up中的权限对应</remarks>
private static Task <ClaimsIdentity> LoginValidate(Shopusers user)
{
//登录用户
if (user.UserName == "yelifei" && user.Password == "123456")
{
return(Task.FromResult(new ClaimsIdentity(new GenericIdentity(user.UserName, "Token"),
new[]
{
new Claim("LoginCharacter", "yelifei"),
new Claim("UserId", "57614409")
})));
}
//访客用户 这里不同的用户可以看成不同的角色
if (user.UserName == "guest" && user.Password == "guest")
{
return(Task.FromResult(new ClaimsIdentity(new GenericIdentity(user.UserName, "Token"),
new[]
{
new Claim("LoginCharacter", "I_am_guest")
})));
}
//身份证不通过
return(Task.FromResult <ClaimsIdentity>(null));
}
