/// <summary> /// Create token method. /// </summary> /// <param name="user">UserModel object.</param> /// <returns>JwtTokenModel.</returns> public JwtTokenModel CreateToken(UserModel user) { try { var jwtSecurityToken = GetJwtSecurityToken(user); var token = new JwtTokenModel { AccessToken = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken), Expiration = jwtSecurityToken.ValidTo.ToLocalTime().Ticks, RefreshToken = GenerateRefreshToken(), UserInfo = user, }; var refreshTokenData = new TokenModel { Token = token.RefreshToken, UserId = user.Id, }; var cacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(jwtSecurityToken.ValidTo.ToLocalTime()); this._cache.Set(token.RefreshToken, refreshTokenData, cacheEntryOptions); return(token); } catch (Exception ex) { return(null); } }
public async Task <ResponseModel> AuthencitateUser(LoginModel model) { ResponseModel response = new ResponseModel(); try { var password = PasswordSecurityHelper.GetHashedPassword(model.Password); // var md = await _context.UserRepository.FirstOrDefaultAsync(m => m.UserName == model.UserName && m.Password == password && m.IsActive && !m.Deleted).ConfigureAwait(false); if (md != null) { UserModel user = new UserModel() { Id = md.Id, UserName = md.UserName, FullName = string.Empty, // TODO Email = string.Empty // TODO }; JwtTokenModel token = _tokenService.CreateToken(user); response.ResponseStatus = Core.CommonModel.Enums.ResponseStatus.Success; response.Result = token; } } catch (Exception ex) { throw ex; } return(response); }
public static TokenResponseModel GenerateToken(User_Info user, JwtTokenModel jwtToken) { TokenResponseModel response = new TokenResponseModel(); var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtToken.JwtKey)); var claims = new Claim[] { new Claim("UserID", user.Id.ToString()), new Claim("Account", user.Account), new Claim("Name", user.Name) }; var token = new JwtSecurityToken( issuer: jwtToken.JwtIssuer, audience: jwtToken.JwtAudience, claims: claims, notBefore: DateTime.Now, expires: DateTime.Now.AddDays(jwtToken.JwtExpireDays), signingCredentials: new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256) ); response.access_token = new JwtSecurityTokenHandler().WriteToken(token); response.type = JwtBearerDefaults.AuthenticationScheme; response.expires = DateTime.Now.AddDays(jwtToken.JwtExpireDays); return(response); }
public async Task <ResponseModel> RefreshToken(TokenModel model) { ResponseModel response = new ResponseModel(); try { var refreshToken = _tokenService.CheckRefreshToken(model); if (refreshToken != null) { var md = await _context.UserRepository.FirstOrDefaultAsync(m => m.Id == model.UserId && m.IsActive && !m.Deleted).ConfigureAwait(false); UserModel user = new UserModel() { Id = md.Id, UserName = md.UserName, FullName = string.Empty, // TODO Email = string.Empty // TODO }; JwtTokenModel token = _tokenService.CreateToken(user); response.ResponseStatus = Core.CommonModel.Enums.ResponseStatus.Success; response.Result = token; } } catch (Exception ex) { throw ex; } return(response); }
public async Task <ResultMessage> Login(LoginModel model, JwtTokenModel jwtToken) { var user = await business.GetUser(model.Account); if (null != user) { if (user.Password != SecretHelper.Md532(model.Password)) { return(new ResultMessage() { Status = "0", Message = "密码错误" }); } return(new ResultMessage() { Status = "1", Response = JWTHelper.GenerateToken(user, jwtToken) }); } else { return(new ResultMessage() { Status = "0", Message = "用户名错误" }); } }
public IActionResult Authenticate([FromBody] OAuthModel login) { SmartHttpResult result = new SmartHttpResult(); try { var entity = DAL.SmartUser.GetEntityByName(login.UserName); if (entity != null) { var encrypted = EncryptProvider.AESEncrypt(login.PassWord, entity.Salt); if (entity.PassWord == encrypted) { //重新加密 var Saltkey = Guid.NewGuid().ToString("N"); var decrypted = EncryptProvider.AESEncrypt(login.PassWord, Saltkey); //替换密码与密钥 DAL.SmartUser.utlSmartUserByName(login.UserName, decrypted, Saltkey); var claims = new Claim[] { new Claim(ClaimTypes.Name, login.UserName), new Claim(ClaimTypes.Role, entity.Role) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(setting.SecretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenModel = new JwtSecurityToken( setting.Issuer, setting.Audience, claims, DateTime.Now, DateTime.Now.AddMinutes(setting.TokenExpires), creds); var jwtToken = new JwtTokenModel(); jwtToken.Token = new JwtSecurityTokenHandler().WriteToken(tokenModel); var tokenUser = new TokenUserModel(); tokenUser.UserName = entity.UserName; tokenUser.Email = entity.Email; tokenUser.Phone = entity.Phone; tokenUser.Avatar = entity.Avatar; jwtToken.User = tokenUser; result.Set(true, jwtToken); return(new JsonResult(result)); } else { result.Set(false, "用户密码不正确!"); } } else { result.Set(false, "用户不存在!"); } } catch (Exception err) { result.Set(false, err.Message); } return(new JsonResult(result)); }
/// <summary> /// Gets the token subject. /// </summary> /// <param name="definition">The definition.</param> /// <param name="identityName">Name of the identity.</param> /// <param name="customClaims">The custom claims.</param> /// <returns>ClaimsIdentity.</returns> private static ClaimsIdentity GetTokenSubject(JwtTokenModel definition, string identityName, IReadOnlyDictionary <string, string> customClaims) { var identity = new ClaimsIdentity("Bearer"); identity.AddClaim(new Claim(ClaimTypes.Name, identityName)); identity.AddClaim(new Claim(ClaimTypes.PrimarySid, identityName)); identity.AddClaim(new Claim(TokenInternalClaimNames.tn.ToString(), definition.TokenName)); identity.AddClaim(new Claim(TokenInternalClaimNames.jti.ToString(), Guid.NewGuid().ToString())); identity.AddClaim(new Claim(TokenInternalClaimNames.exm.ToString(), definition.TokenExpirationInMinutes.ToString(CultureInfo.InvariantCulture))); identity.AddClaim(new Claim(TokenInternalClaimNames.otu.ToString(), definition.OneTimeUse.ToString().ToLower())); if (customClaims == null || customClaims.Count <= 0) { return(identity); } var internals = Enum.GetValues(typeof(TokenInternalClaimNames)).Cast <TokenInternalClaimNames>().Select(v => v.ToString()).ToList(); foreach (var claim in customClaims) { if (internals.Contains(claim.Key)) { continue; } identity.AddClaim(new Claim(claim.Key, claim.Value)); } return(identity); }
public async Task <object> GetJwtStr(string name, string pass) { string jwtStr = string.Empty; bool suc = false; var userRole = await _sysUserInfoServices.GetUserRoleNameStr(name, pass); if (userRole != null) { JwtTokenModel tokenModel = new JwtTokenModel { Uid = 1, Role = userRole }; jwtStr = JwtHelper.IssueJwt(tokenModel); suc = true; } else { jwtStr = "login fail"; } return(Ok(new { success = suc, token = jwtStr })); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { var jwtTokenModel = new JwtTokenModel(); Configuration.GetSection("JwtToken").Bind(jwtTokenModel); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = jwtTokenModel.Issuer, ValidAudience = jwtTokenModel.Audience, ValidateLifetime = true, ValidateIssuer = true, ValidateAudience = true, ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtTokenModel.Key)) }; }); services.AddMvc(config => { var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); config.Filters.Add(new AuthorizeFilter(policy)); }).SetCompatibilityVersion(CompatibilityVersion.Version_2_1); // In production, the React files will be served from this directory services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/build"; }); services.AddHttpClient(); // sms services.AddScoped <Functions>(); services.AddScoped <RequestProvider>(); services.AddScoped <SmsService>(); services.Configure <Key>(config => Configuration.GetSection("WhiteSMSConfig").Bind(config)); // jwtToken services.AddScoped <JwtTokenGenerator>(); services.Configure <JwtTokenModel>(config => Configuration.GetSection("JwtToken").Bind(config)); // dbContext services.AddDbContext <AppDbContext>(options => { options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")); }); services.AddScoped <UserRepository>(); }
public async Task <ActionResult <JwtTokenModel> > RefreshToken([FromBody] JwtTokenModel model) => await Execute(async operation => { if (!ModelState.IsValid) { throw CommonExceptions.NoAuthenticationData(operation); } var token = await authenticationService.RefreshToken(operation, model.AccessToken, model.RefreshToken); return(token.GetJwtTokenModel()); });
public void SetToken(UserModel userModel) { var jwtTokenModel = new JwtTokenModel { AccessToken = GetToken(userModel), RefreshToken = GenerateRefreshToken() }; SetCookieTokenResponse(jwtTokenModel); }
public IActionResult GetJwtToken3(DTO_UserInfo userInfo) { var data = _EFCoreService.GetByCountPwd(userInfo.UserName, userInfo.PassWord); //var userInfo = _EFCoreService. if (data != null) { #region 写死测试 //这一部分写死了,应该从数据库取 //var list = new List<JwtUserRoleInfo>(); //var jwtUserRole = new JwtUserRoleInfo(); //jwtUserRole.Role = "admin"; //jwtUserRole.Url = "/Manager/GetUserInfos"; //list.Add(jwtUserRole); //list.Add(new JwtUserRoleInfo //{ // Role = "admin", // Url = "/Manager/GetUserInfoByQueryInfo" //}); //list.Add( // new JwtUserRoleInfo { // Role = "admin", // Url = "/Manager/AddUserInfo" // } //); #endregion //从数据库获取 角色和api _jwtRequirement.jwtUserRoleInofs = _EFCoreService.GetAllRoleMenu(); var roles = _EFCoreService.GetRoleInfos(data.UserId); var jwtTokenModle = new JwtTokenModel(); jwtTokenModle.Uid = data.UserId; jwtTokenModle.Roles = roles; var token = JwtHelper.IssueJwt(jwtTokenModle); //记录登录日志 LogHelper.Info($"{("用户" + data.Name + "于" + System.DateTime.Now + "登录成功")}"); return(new JsonResult(new Result { Data = token, Msg = "获取Token成功", Status = 200 })); } else { //记录登录日志 LogHelper.Info($"{("账号" + userInfo.UserName + "于" + System.DateTime.Now + "登录失败")}"); return(new JsonResult(new Result { Data = null, Msg = "获取Token失败", Status = 204 })); } }
public JwtTokenModel RefreshToken(JwtTokenModel refreshTokenModel) { var principal = GetPrincipalFromExpiredToken(refreshTokenModel.AccessToken); var jwtToken = new JwtTokenModel { AccessToken = GenerateJwtTokenWithClaims(principal.Claims), RefreshToken = GenerateRefreshToken() }; SetCookieTokenResponse(jwtToken); return(jwtToken); }
public JsonResult GetJWTStr(long id = 1, string sub = "Admin") { //这里就是用户登陆以后,通过数据库去调取数据,分配权限的操作 var tokenModel = new JwtTokenModel(); tokenModel.Uid = id; tokenModel.Role = sub; string jwtStr = JwtHelper.IssueJWT(tokenModel); return(Json(jwtStr)); }
// GET: Authentication/GenerateJwtToken public IActionResult GenerateJwtToken() { try { var jwtTokenModel = new JwtTokenModel(HttpContext); return(View(jwtTokenModel)); } catch (Exception e) { _log4Net.Error(string.Format("{0}, {1}", e.Message, e.StackTrace), e); return(NotFound(e)); } }
/// <summary> /// 登陆 /// </summary> /// <param name="userInfo"></param> public static void Login(JwtTokenModel userInfo) { string userLoginId = Guid.NewGuid().ToString(); //往客户端写入Cookie HttpContextCore.Current.Response.Cookies.Append(GlobalSettings.LyAdminOptions.DefaultAppKeys.CurrentUser, userLoginId, new CookieOptions() { HttpOnly = true }); HttpContextCore.Current.Response.Cookies.Append("text", "12345", new CookieOptions { Expires = DateTime.MaxValue, HttpOnly = true }); //把登陆用户保存到缓存中 CacheHelper.Cache.SetCache(userLoginId, userInfo, TimeSpan.FromMinutes(30), ExpireTypeEnum.Relative); }
/// <summary> /// создание и возврат Jwt токенов /// </summary> /// <param name="user">почта пользователя</param> /// <returns>токены доступа</returns> public async Task <JwtTokenModel> CreateJwtTokens(ApplicationUser user) { //создание клеймов по почте пользователя var claims = await CreateAuthClime(user); //генерация токенов var tokens = new JwtTokenModel(GenerateAccessToken(claims), GenerateRefreshToken()); if (user.Name != "guest") { user.SetRefreshToken(tokens.RefreshToken); await _userManager.UpdateAsync(user); } return(tokens); }
public JwtTokenModel CreateJwtToken(LoginServiceModel model) { var identity = GetIdentity(model).GetAwaiter().GetResult(); if (identity == null) { return(null); } var encodedJwt = GenerateToken(identity); var token = new JwtTokenModel { AccessToken = encodedJwt, UserName = identity.Name }; return(token); }
public async Task <IActionResult> Login([FromBody] LoginModel model) { if (!ModelState.IsValid) { return(ModelStateExtend.ToActionResultFirst(ModelState)); } var jwtToken = new JwtTokenModel() { JwtKey = configuration.GetSection("Jwt")["JwtKey"], JwtIssuer = configuration.GetSection("Jwt")["JwtIssuer"], JwtAudience = configuration.GetSection("Jwt")["JwtAudience"], JwtExpireDays = double.Parse(configuration.GetSection("Jwt")["JwtExpireDays"]) }; var result = await busines.Login(model, jwtToken); return(ModelStateExtend.ToActionResult(result)); }
public async Task <IActionResult> GetJwt(DTO_UserInfo userInfo) { var data = await _userInfoService.QueryByWhereAsync(o => o.Name == userInfo.UserName && o.Pwd == userInfo.PassWord); if (data != null) { //获取角色ID var userRole = await _userRoleService.QueryByWhereAsync(o => o.UserId == data.UserId); var roleIds = userRole.RoleId.Split(',').ToList(); StringBuilder sb = new StringBuilder(); foreach (var item in roleIds) { var role = await _roleInfoService.QueryById(item); sb.Append(role.Role); sb.Append(","); } var roles = sb.ToString().TrimEnd(','); //从数据库获取 角色和api _jwtRequirement.jwtUserRoleInofs = _EFCoreService.GetAllRoleMenu(); var jwtTokenModle = new JwtTokenModel(); jwtTokenModle.Uid = data.UserId; jwtTokenModle.Roles = roles; var token = JwtHelper.IssueJwt(jwtTokenModle); //记录登录日志 LogHelper.Info($"{("用户" + data.Name + "于" + System.DateTime.Now + "登录成功")}"); return(new JsonResult(new Result { Data = token, Msg = "获取Token成功", Status = 200 })); } else { //记录登录日志 LogHelper.Info($"{("账号" + userInfo.UserName + "于" + System.DateTime.Now + "登录失败")}"); return(new JsonResult(new Result { Data = null, Msg = "获取Token失败", Status = 204 })); } }
// Post Authentication/GenerateJwtToken public IActionResult GenerateJwtToken([Bind("UserName, Key, Expires")] JwtTokenModel model) { try { if (ModelState.IsValid) { model = model.GenerateJwtToken(); Configuration.SetAppSettingValue("JwtTokenUserName", model.UserName); Configuration.SetAppSettingValue("JwtStringToken", model.JwtStringToken); } return(View(model)); } catch (Exception e) { _log4Net.Error(string.Format("{0}, {1}", e.Message, e.StackTrace), e); return(NotFound(e)); } }
public async Task <ResponseModel> AccessToken([FromBody] LoginModel model) { // 实际开发时请使用登录服务类通过数据库验证用户名密码的正确性,并取得相应的权限,此处为案例 var user = await _loginServices.GetUser(model.UserCode, model.Password); if (user.UserId > 0) { JwtTokenModel tokenModel = new JwtTokenModel(); tokenModel.Uid = user.UserId; tokenModel.Name = user.UserName; tokenModel.Role = user.RoleIds; _ResponseModel.Data = JwtHelper.IssueJwt(tokenModel); } else { _ResponseModel.Code = ResponseCode.Error; _ResponseModel.Message = MessageModel.IncorrectLogin; } return(_ResponseModel); }
private JwtTokenModel GiveJWTToken(string email, string role) { var now = DateTime.UtcNow; var jwt = new JwtSecurityToken( issuer: _authOptions.Issuer, audience: _authOptions.Audience, notBefore: now, claims: GetClaims(role), expires: now.Add(TimeSpan.FromMinutes(_authOptions.LifeTime)), signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(_authOptions.SecretKey), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new JwtTokenModel { access_token = encodedJwt, email = email, }; return(response); }
public async Task <ApplicationActionResult <AuthResult> > Refresh(JwtTokenModel authToken) { AuthResult refreshResult = new AuthResult(); string userLogin = _tokenHelper.GetUserNameFromExpiredToken(authToken.AccessToken); ApplicationUser user = await _userManager.FindByNameAsync(userLogin); //Validate refresh token if (user.RefreshToken != authToken.RefreshToken) { refreshResult.InvalidRefreshToken(); return(new ApplicationActionResult <AuthResult>(refreshResult, (int)Core.Constants.ActionStatuses.Fail, "")); } //create access and refresh token var token = await _tokenHelper.CreateJwtTokens(user); //save user refresh token in database user.SetRefreshToken(token.RefreshToken); await _userManager.UpdateAsync(user); refreshResult.SuccessAuth(token); return(new ApplicationActionResult <AuthResult>(refreshResult, (int)Core.Constants.ActionStatuses.Success, "")); }
public ActionResult GetJwtStr(string name, string pass) { string jwtStr; bool suc; // 获取用户的角色名,请暂时忽略其内部是如何获取的,可以直接用 var userRole="Admin"; 来代替更好理解。 //var userRole = await _sysUserInfoServices.GetUserRoleNameStr(name, pass); if (true) { // 将用户id和角色名,作为单独的自定义变量封装进 token 字符串中。 JwtTokenModel tokenModel = new JwtTokenModel { Uid = 1, Role = "Admin" }; jwtStr = JwtHelper.IssueJwt(tokenModel);//登录,获取到一定规则的 Token 令牌 suc = true; } return(Ok(new { success = suc, token = jwtStr })); }
public async Task <ResponseModel> RefreshToken(string token = "") { string jwtStr = string.Empty; if (string.IsNullOrEmpty(token)) { _ResponseModel.Code = ResponseCode.Error; _ResponseModel.Message = MessageModel.InvalidToken; return(_ResponseModel); } var oldTokenModel = JwtHelper.SerializeJwt(token); if (oldTokenModel != null) { var user = await _loginServices.GetUser(oldTokenModel.Uid.ToString()); if (user != null) { JwtTokenModel tokenModel = new JwtTokenModel(); tokenModel.Uid = user.UserId; tokenModel.Name = user.UserName; tokenModel.Role = user.RoleIds; _ResponseModel.Data = JwtHelper.IssueJwt(tokenModel); return(_ResponseModel); } else { _ResponseModel.Code = ResponseCode.Error; _ResponseModel.Message = MessageModel.InvalidToken; return(_ResponseModel); } } else { _ResponseModel.Code = ResponseCode.Error; _ResponseModel.Message = MessageModel.InvalidToken; return(_ResponseModel); } }
public Task Invoke(HttpContext httpContext) { PreProceed(httpContext); // 检测是否包含"Authorization"请求头 if (!httpContext.Request.Headers.ContainsKey("Authorization")) { PostProceed(httpContext); return(_next(httpContext)); } var tokenHeader = httpContext.Request.Headers["Authorization"].ToString().Replace("Bearer ", ""); try { if (tokenHeader.Length >= 128) { System.Console.WriteLine($"{System.DateTime.Now} token :{tokenHeader}"); JwtTokenModel tokenModel = JwtHelper.SerializeJwt(tokenHeader); // 授权 var claimList = new System.Collections.Generic.List <System.Security.Claims.Claim>(); var claim = new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Role, tokenModel.Role); claimList.Add(claim); var identity = new System.Security.Claims.ClaimsIdentity(claimList); var principal = new System.Security.Claims.ClaimsPrincipal(identity); httpContext.User = principal; } } catch (System.Exception ex) { System.Console.WriteLine($"{System.DateTime.Now} middleware wrong:{ex.Message}"); throw ex; } PostProceed(httpContext); return(_next(httpContext)); }
public async Task <ApplicationActionResult <AuthResult> > Login(AuthModel authModel) { AuthResult authResult = new AuthResult(); var user = await _userManager.FindByNameAsync(authModel.Login); if (user == null) { authResult.InvalidLogin(); return(new ApplicationActionResult <AuthResult>(authResult, (int)Core.Constants.ActionStatuses.Fail, "")); } var checkPasswordResult = await _userManager.CheckPasswordAsync(user, authModel.Password); if (!checkPasswordResult) { authResult.InvalidPassword(); return(new ApplicationActionResult <AuthResult>(authResult, (int)Core.Constants.ActionStatuses.Fail, "")); } JwtTokenModel token = await _tokenHelper.CreateJwtTokens(user); authResult.SuccessAuth(token); return(new ApplicationActionResult <AuthResult>(authResult, (int)Core.Constants.ActionStatuses.Success, "")); }
public IActionResult GoToBooks(JwtTokenModel jwtToken) { return(View("GoToBooks", jwtToken)); }
private void SetCookieTokenResponse(JwtTokenModel jwtToken) { _httpContextAccessor.HttpContext.Response.Cookies.Append(ACCESS_TOKEN_NAME, jwtToken.AccessToken); _httpContextAccessor.HttpContext.Response.Cookies.Append(REFRESH_TOKEN_NAME, jwtToken.RefreshToken); }