ASP.NET Core JWT授权验证----生成Token
- JWT 授权验证一、 获取Token
//模拟用户角色 实际数据库查询
var userRoles = "Admin,System,user,DXLSystem";
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
var claims = new List {
new Claim(ClaimTypes.Name, name),
new Claim(JwtRegisteredClaimNames.Jti, user.FirstOrDefault().Id.ToString()),
new Claim("TenantId", user.FirstOrDefault().TenantId.ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTime.Now.ToString()),
new Claim(ClaimTypes.Expiration,
DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString())
};
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
// 可以加入用户权限列表
//_requirement.Permissions = list;
var token = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
return new MessageModel()
{
success = true,
status = 200,
msg = "获取成功",
response= token
};二、 生成Token 类
public class JwtToken
{
public static TokenInfoViewModel BuildJwtToken(Claim[] claims, PermissionRequirement permissionRequirement)
{
var now = DateTime.Now;
// 实例化JwtSecurityToken
var jwt = new JwtSecurityToken(
issuer: permissionRequirement.Issuer,
audience: permissionRequirement.Audience,
claims: claims,
notBefore: now,
expires: now.Add(permissionRequirement.Expiration),
signingCredentials: permissionRequirement.SigningCredentials
);
// 生成 Token
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
//打包返回前台
var responseJson = new TokenInfoViewModel
{
success = true,
token = encodedJwt,
expires_in = permissionRequirement.Expiration.TotalSeconds,
token_type = "Bearer"
};
return responseJson;
}
}三、用到的实体类
public class TokenInfoViewModel
{
public bool success { get; set; }
public string token { get; set; }
public double expires_in { get; set; }
public string token_type { get; set; }
} public class MessageModel {
/// /// 状态码
/// public int status { get; set; } = 200;
/// /// 操作是否成功
/// public bool success { get; set; } = false;
/// /// 返回信息
/// public string msg { get; set; } = "";
/// /// 开发者信息
/// public string msgDev { get; set; }
/// /// 返回数据集合
/// public T response { get; set; }
}
