forked from liaozb/APIJSON.NET
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTokenController.cs
More file actions
110 lines (100 loc) · 3.9 KB
/
Copy pathTokenController.cs
File metadata and controls
110 lines (100 loc) · 3.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
using System;
using System.Collections.Generic;
using System.Globalization;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Newtonsoft.Json.Linq;
namespace APIJSON.NET.Controllers
{
[Route("api/[controller]/[action]")]
[ApiController]
[Authorize]
[EnableCors("localhost")]
public class TokenController : ControllerBase
{
private DbContext db;
private readonly IOptions<TokenAuthConfiguration> _configuration;
public TokenController(DbContext _db, IOptions<TokenAuthConfiguration> configuration)
{
_configuration = configuration;
db = _db;
}
[HttpPost("/token")]
[AllowAnonymous]
public ActionResult Create([FromBody]TokenInput input)
{
JObject ht = new JObject();
ht.Add("code", "200");
ht.Add("msg", "success");
var us = db.LoginDb.GetSingle(it => it.userName == input.username);
if (us==null)
{
ht["code"] = "201";
ht["msg"] = "用户名或者密码错误!";
return Ok(ht);
}
string str = SimpleStringCipher.Instance.Encrypt(input.password,null, Encoding.ASCII.GetBytes(us.passWordSalt));
if (!us.passWord.Equals(str))
{
ht["code"]="201";
ht["msg"]= "用户名或者密码错误!";
return Ok(ht);
}
var identity = new ClaimsIdentity();
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, us.userId.ToString(CultureInfo.InvariantCulture)));
identity.AddClaim(new Claim(ClaimTypes.Name, us.userId.ToString(CultureInfo.InvariantCulture)));
identity.AddClaim(new Claim(ClaimTypes.Role, us.roleCode.ToString(CultureInfo.InvariantCulture)));
var claims = identity.Claims.ToList();
claims.AddRange(new[]
{
new Claim(JwtRegisteredClaimNames.Sub,us.userId.ToString(CultureInfo.InvariantCulture)),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.Now.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64)
});
var accessToken = CreateAccessToken(claims);
var data = new AuthenticateResultModel()
{
AccessToken = accessToken,
ExpireInSeconds = (int)_configuration.Value.Expiration.TotalSeconds
};
ht.Add("data", JToken.FromObject(data));
return Ok(ht);
}
[HttpGet]
public ActionResult GetRole()
{
return Ok(User.FindFirstValue(ClaimTypes.Role));
}
private string CreateAccessToken(IEnumerable<Claim> claims, TimeSpan? expiration = null)
{
var now = DateTime.UtcNow;
var jwtSecurityToken = new JwtSecurityToken(
issuer: _configuration.Value.Issuer,
audience: _configuration.Value.Audience,
claims: claims,
notBefore: now,
expires: now.Add(expiration ?? _configuration.Value.Expiration),
signingCredentials: _configuration.Value.SigningCredentials
);
return new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
}
}
public class TokenInput
{
public string username { get; set; }
public string password { get; set; }
}
public class AuthenticateResultModel
{
public string AccessToken { get; set; }
public int ExpireInSeconds { get; set; }
}
}