Exemplo n.º 1
0
        public string GetToken(CurrentUserModel userModel)
        {
            //string jtiCustom = Guid.NewGuid().ToString();//用来标识 Token
            var claims = new[]
            {
                new Claim("UserLevel", userModel.UserLevel.ToString()),
                new Claim("UserNo", userModel.UserNo),
                new Claim("UserName", userModel.UserName),
            };
            string keyDir = Directory.GetCurrentDirectory();

            if (RSAHelper.TryGetKeyParameters(keyDir, true, out RSAParameters keyParams) == false)
            {
                keyParams = RSAHelper.GenerateAndSaveKey(keyDir);
            }
            var credentials = new SigningCredentials(new RsaSecurityKey(keyParams), SecurityAlgorithms.RsaSha256Signature);

            var token = new JwtSecurityToken(
                issuer: this._JWTTokenOptions.Issuer,
                audience: this._JWTTokenOptions.Audience,
                claims: claims,
                expires: DateTime.Now.AddMinutes(60),           //5分钟有效期
                signingCredentials: credentials);
            var    handler     = new JwtSecurityTokenHandler();
            string tokenString = handler.WriteToken(token);

            return(tokenString);
        }
Exemplo n.º 2
0
        public string GetToken(CurrentUserModel userModel)
        {
            var claims = new[]
            {
                // new Claim(ClaimTypes.Name, userModel.Name),
                //new Claim("EMail", userModel.EMail),
                //new Claim("Account", userModel.Account),
                //new Claim("Age", userModel.Age.ToString()),
                //new Claim("Id", userModel.Id.ToString()),
                //new Claim("Mobile", userModel.Mobile),
                //new Claim(ClaimTypes.Role,userModel.Role),
                //new Claim("Role", userModel.Role),//这个不能角色授权
                new Claim("UserLevel", userModel.UserLevel.ToString()),
                new Claim("UserNo", userModel.UserNo),
                new Claim("UserName", userModel.UserName),
            };
            var key   = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this._JWTTokenOptions.SecurityKey));
            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

            /**
             * Claims (Payload)
             * Claims 部分包含了一些跟这个 token 有关的重要信息。 JWT 标准规定了一些字段,下面节选一些字段:
             *
             * iss: The issuer of the token,token 是给谁的
             * sub: The subject of the token,token 主题
             * exp: Expiration Time。 token 过期时间,Unix 时间戳格式
             * iat: Issued At。 token 创建时间, Unix 时间戳格式
             * jti: JWT ID。针对当前 token 的唯一标识
             * 除了规定的字段外,可以包含其他任何 JSON 兼容的字段。
             * */
            var token = new JwtSecurityToken(
                issuer: this._JWTTokenOptions.Issuer,
                audience: this._JWTTokenOptions.Audience,
                claims: claims,
                expires: DateTime.Now.AddMinutes(60),                //60分钟有效期
                notBefore: DateTime.Now.AddMinutes(1),               //1分钟后有效
                signingCredentials: creds);
            string returnToken = new JwtSecurityTokenHandler().WriteToken(token);

            return(returnToken);
        }