public IActionResult RefreshToken(string refreshToken)
{
return(Token(new LoginDto()
{
Password = "******", UserName = "******"
}));
UserService service = new UserService();
SecurityToken validatedToken;
var claimsPrincipal = JwtTokenUtil.Decode(refreshToken, _jwtSettings, out validatedToken);
//判断使用的是不是refreshtoken
if (claimsPrincipal != null && claimsPrincipal.HasClaim(a => a.Type == "tokenType"))
{
//根据claim中的id再次从数据库找到user 使用最新的user信息重新签发token
var userId = claimsPrincipal.Claims.First(a => a.Type == ClaimTypes.Sid).Value;
var user = service.GetUser(Convert.ToInt64(userId));
//重新签发token和refreshtoken
List <Claim> claims = new ClaimUser(user).GetClaims();
//签发token
var token = JwtTokenUtil.Encode(claims, _jwtSettings);
//签发refreshtoken
claims.Add(new Claim("tokenType", "refresh"));
var refreshtoken = JwtTokenUtil.Encode(claims, _jwtSettings);
return(Ok(new { token, refreshtoken }));
}
//如果refreshtoken 失效了 说明该用户已经一个月没有和你的应用交互了 所以设置为未授权让其重新登录
return(Unauthorized());
}
public AuthenticationTicket Unprotect(string protectedText, string purpose)
{
SecurityToken validatedToken;
var claimsPrincipal = JwtTokenUtil.Decode(protectedText, _jwtSettings, out validatedToken);
return(new AuthenticationTicket(claimsPrincipal, CookieAuthenticationDefaults.AuthenticationScheme));
}
public IActionResult RefreshToken(string refreshToken)
{
SecurityToken validatedToken;
var claimsPrincipal = JwtTokenUtil.Decode(refreshToken, _jwtSettings, out validatedToken);
if (claimsPrincipal != null && claimsPrincipal.HasClaim(a => a.Type == "tokenType"))
{
//重新签发
List <Claim> claims = new List <Claim>();
return(Ok(new { token = "123" }));
}
return(Unauthorized());
}