public string GetToken(CurrentUserModel userModel) { //string jtiCustom = Guid.NewGuid().ToString();//用来标识 Token var claims = new[] { new Claim("UserLevel", userModel.UserLevel.ToString()), new Claim("UserNo", userModel.UserNo), new Claim("UserName", userModel.UserName), }; string keyDir = Directory.GetCurrentDirectory(); if (RSAHelper.TryGetKeyParameters(keyDir, true, out RSAParameters keyParams) == false) { keyParams = RSAHelper.GenerateAndSaveKey(keyDir); } var credentials = new SigningCredentials(new RsaSecurityKey(keyParams), SecurityAlgorithms.RsaSha256Signature); var token = new JwtSecurityToken( issuer: this._JWTTokenOptions.Issuer, audience: this._JWTTokenOptions.Audience, claims: claims, expires: DateTime.Now.AddMinutes(60), //5分钟有效期 signingCredentials: credentials); var handler = new JwtSecurityTokenHandler(); string tokenString = handler.WriteToken(token); return(tokenString); }
public string GetToken(CurrentUserModel userModel) { var claims = new[] { // new Claim(ClaimTypes.Name, userModel.Name), //new Claim("EMail", userModel.EMail), //new Claim("Account", userModel.Account), //new Claim("Age", userModel.Age.ToString()), //new Claim("Id", userModel.Id.ToString()), //new Claim("Mobile", userModel.Mobile), //new Claim(ClaimTypes.Role,userModel.Role), //new Claim("Role", userModel.Role),//这个不能角色授权 new Claim("UserLevel", userModel.UserLevel.ToString()), new Claim("UserNo", userModel.UserNo), new Claim("UserName", userModel.UserName), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this._JWTTokenOptions.SecurityKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); /** * Claims (Payload) * Claims 部分包含了一些跟这个 token 有关的重要信息。 JWT 标准规定了一些字段,下面节选一些字段: * * iss: The issuer of the token,token 是给谁的 * sub: The subject of the token,token 主题 * exp: Expiration Time。 token 过期时间,Unix 时间戳格式 * iat: Issued At。 token 创建时间, Unix 时间戳格式 * jti: JWT ID。针对当前 token 的唯一标识 * 除了规定的字段外,可以包含其他任何 JSON 兼容的字段。 * */ var token = new JwtSecurityToken( issuer: this._JWTTokenOptions.Issuer, audience: this._JWTTokenOptions.Audience, claims: claims, expires: DateTime.Now.AddMinutes(60), //60分钟有效期 notBefore: DateTime.Now.AddMinutes(1), //1分钟后有效 signingCredentials: creds); string returnToken = new JwtSecurityTokenHandler().WriteToken(token); return(returnToken); }