// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
services.AddHttpContextAccessor();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Version = "v1",
Title = "API",
Description = "ASP.NET Core Web API",
});
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey
});
});
Services.ServiceConfiguration.Configure(services, Configuration);
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser()
.Build());
});
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = TokenModel.ISSUER,
ValidateAudience = true,
ValidAudience = TokenModel.AUDIENCE,
ValidateLifetime = true,
IssuerSigningKey = TokenModel.GetSymmetricSecurityKey(),
ValidateIssuerSigningKey = true
};
});
}
private object GenerateToken(UserDto user)
{
var identity = GetIdentity(user);
var now = DateTime.UtcNow;
var expiredDate = now.Add(TimeSpan.FromMinutes(TokenModel.LIFETIME));
var jwt = new JwtSecurityToken(
issuer: TokenModel.ISSUER,
audience: TokenModel.AUDIENCE,
notBefore: now,
claims: identity.Claims,
expires: expiredDate,
signingCredentials: new SigningCredentials(TokenModel.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new
{
encodedJwt,
expiredDate
};
return(response);
}
