public static string GetCurrentId(HttpContext context, out int status) { context.Request.Headers.TryGetValue("Authorization", out StringValues authorizationToken); status = 0; try { var claims = AuthJWT.DecodeToken(authorizationToken, out SecurityToken token); return(claims.Identity.Name); } catch (SecurityTokenExpiredException)//просрочен { status = 1; var token = new JwtSecurityTokenHandler().ReadJwtToken(authorizationToken); return(token.Claims.FirstOrDefault(x1 => x1.Type == ClaimsIdentity.DefaultNameClaimType).Value); } catch (SecurityTokenValidationException)//изменен извне(\поломан\недопустим) { status = 2; } catch (Exception)//все остальное, должно быть в конце { status = 3; } return(null); }
//кортеж item1-основной токен item2-рефлеш public async static Task <Tuple <string, string> > Refresh(ApplicationDbContext db, string userId, string refreshToken) { string hashToken = AuthJWT.GetHashRefreshToken(refreshToken);// refreshToken.GetHashCode(); var user = await db.Users.FirstOrDefaultAsync(x1 => x1.Id == userId && x1.RefreshTokenHash == hashToken); if (user == null) { return(null); } string token = AuthJWT.GenerateRefreshToken(); await user.SetRefreshToken(db, token); return(new Tuple <string, string>(AuthJWT.GenerateMainToken(AuthJWT.GetIdentity(user)), token)); }
public static string GenerateMainToken(ClaimsIdentity identity) { var now = DateTime.UtcNow; // создаем JWT-токен var jwt = new JwtSecurityToken( issuer: AuthJWT.ISSUER, audience: AuthJWT.AUDIENCE, notBefore: now, claims: identity.Claims, expires: now.Add(TimeSpan.FromMinutes(AuthJWT.LIFETIME)), signingCredentials: new SigningCredentials(AuthJWT.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
public async static Task <bool> DeleteRefreshTokenFromDb(ApplicationDbContext db, string userId, string refreshToken) { string hashToken = AuthJWT.GetHashRefreshToken(refreshToken);//refreshToken.GetHashCode(); var user = await db.Users.FirstOrDefaultAsync(x1 => x1.Id == userId && x1.RefreshTokenHash == hashToken); if (user == null) { return(false); } user.RefreshTokenHash = null; await db.SaveChangesAsync(); return(true); }
//кортеж item1-основной токен item2-рефлеш public async static Task <Tuple <string, string> > Refresh(ApplicationDbContext db, UserManager <ApplicationUser> userManager, string username, string password) { var user = await userManager.FindByNameAsync(username); if (user == null) { return(null); } var passwordOK = await userManager.CheckPasswordAsync(user, password); if (!passwordOK) { return(null); } string refToken = AuthJWT.GenerateRefreshToken(); await user.SetRefreshToken(db, refToken); return(new Tuple <string, string>(AuthJWT.GenerateMainToken(AuthJWT.GetIdentity(user)), refToken)); }
public async static Task <ClaimsIdentity> GetIdentity(string username, string password, UserManager <ApplicationUser> userManager) { var user = await ApplicationUser.LoginGet(userManager, username, password); return(AuthJWT.GetIdentity(user)); }