/// <summary>
/// 获取JwtToken
/// </summary>
/// <param name="identity">管理员信息</param>
/// <returns></returns>
public static string GetJwtToken(IdentityModel identity)
{
identity.NotNull(nameof(IdentityModel));
//获取设定发行名
var iss = AppSettings.GetVal("Authorize", "Issuer");
//获取设定受众
var aud = AppSettings.GetVal("Authorize", "Aud");
//获取设定密码
var pwd = AppSettings.GetVal("Authorize", "SginKey");
var claims = new List <Claim>
{
//用户id做唯一标识符
new Claim(JwtRegisteredClaimNames.Jti, identity.UId.ToString()),
//开始时间
new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()),
//限制不可早于这个时间
new Claim(JwtRegisteredClaimNames.Nbf, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()),
//过期时间
new Claim(JwtRegisteredClaimNames.Exp, new DateTimeOffset(DateTime.Now.AddHours(1)).ToUnixTimeSeconds().ToString()),
//发行人
new Claim(JwtRegisteredClaimNames.Iss, iss),
//受众
new Claim(JwtRegisteredClaimNames.Aud, aud),
};
// 可以将一个用户的多个角色全部赋予
identity.Role.ForEach(x =>
{
claims.Add(new Claim(ClaimTypes.Role, x.ToString()));
});
//获取Byte密码
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(pwd));
//设定加密格式加密
var code = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
//设定JwtSecurityToken实例
var jwt = new JwtSecurityToken
(
issuer: iss,
claims: claims,
signingCredentials: code
);
//序列化JwtSecurityToken设定值
return(new JwtSecurityTokenHandler().WriteToken(jwt));
}
