完善jwt

2022-04-07 17:57:08 +08:00
parent 21d0af557b
commit 4472e4aa6f
7 changed files with 155 additions and 78 deletions
--- a/Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs
+++ b/Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs
@@ -0,0 +1,65 @@
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.JsonWebTokens;
+using Microsoft.IdentityModel.Tokens;
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.Linq;
+using System.Security.Claims;
+using System.Text;
+using System.Threading.Tasks;
+using Yi.Framework.Common.IOCOptions;
+using Yi.Framework.Model.Models;
+using JwtRegisteredClaimNames = Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames;
+
+namespace Yi.Framework.Core
+{
+    public class JwtInvoker
+    {
+        private readonly JWTTokenOptions _JWTTokenOptions;
+        public JwtInvoker(IOptionsMonitor<JWTTokenOptions> jwtTokenOptions)
+        {
+            this._JWTTokenOptions = jwtTokenOptions.CurrentValue;
+        }
+        public string GetRefreshToken(UserEntity user)
+        {
+            return this.GetToken(_JWTTokenOptions.ReExpiration, user, true);
+        }
+
+        public string GetAccessToken(UserEntity user)
+        {
+            return this.GetToken(_JWTTokenOptions.Expiration, user);
+        }
+
+        private string GetToken(int minutes, UserEntity user, bool isRefresh = false)
+        {
+            List<Claim> claims = new List<Claim>();
+            claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"));
+            claims.Add(new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddMinutes(minutes)).ToUnixTimeSeconds()}"));
+            claims.Add(new Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString()));
+            //claims.Add(new Claim("TenantId", userRoleMenuEntity.user.TenantId.ToString()));
+            //claims.Add(new Claim("TenantName", userRoleMenuEntity.tenant.TenantName.ToString()));
+            //claims.Add(new Claim("Id", userRoleMenuEntity.user.Id.ToString()));
+            //claims.Add(new Claim("Name", userRoleMenuEntity.user.Name));
+            //claims.Add(new Claim("TenantLevel", userRoleMenuEntity.tenant.TenantLevel.ToString()));
+
+            if (isRefresh)
+            {
+                claims.Add(new Claim("Re", "true"));
+            }
+
+            var creds = new SigningCredentials(new RsaSecurityKey(Common.Helper.RSAFileHelper.GetKey()), SecurityAlgorithms.RsaSha256);
+            var token = new JwtSecurityToken(
+                issuer: _JWTTokenOptions.Issuer,
+                audience: _JWTTokenOptions.Audience,
+                claims: claims,
+                expires: DateTime.Now.AddMinutes(minutes),
+                signingCredentials: creds);
+            var tokenData = new JwtSecurityTokenHandler().WriteToken(token);
+
+            return tokenData;
+
+        }
+
+    }
+}
--- a/Yi.Framework.Net6/Yi.Framework.Core/MakeJwt.cs
+++ b/Yi.Framework.Net6/Yi.Framework.Core/MakeJwt.cs
@@ -1,63 +0,0 @@
-using Microsoft.IdentityModel.JsonWebTokens;
-using Microsoft.IdentityModel.Tokens;
-using System;
-using System.Collections.Generic;
-using System.IdentityModel.Tokens.Jwt;
-using System.Linq;
-using System.Security.Claims;
-using System.Text;
-using System.Threading.Tasks;
-using Yi.Framework.Common.Const;
-using Yi.Framework.Model.Models;
-using JwtRegisteredClaimNames = Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames;
-
-namespace Yi.Framework.Core
-{
-
-    public class JwtUser
-    { 
-        public UserEntity user { get; set; }
-    
-    }
-
-   public class MakeJwt
-    {
-
-        /// <summary>
-        /// user需关联所有roles,还有一个menuIds
-        /// </summary>
-        /// <param name="_user"></param>
-        /// <returns></returns>
-        public static string app(JwtUser _user)
-        {
-            //通过查询权限，把所有权限加入进令牌中
-            List<Claim> claims = new List<Claim>();
-            claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"));
-            claims.Add(new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddMinutes(30)).ToUnixTimeSeconds()}"));
-            claims.Add(new Claim(ClaimTypes.Name, _user.user.Name));
-            claims.Add(new Claim(ClaimTypes.Sid, _user.user.Id.ToString()));
-            //现在不存放在jwt中，而存放在redis中
-            //foreach (var k in _user?.menuIds)
-            //{
-            //    claims.Add(new Claim("menuIds",k.id.ToString()));
-            //}
-            //foreach (var k in _user.user.roles)
-            //{
-            //    claims.Add(new Claim(ClaimTypes.Role, k.role_name));
-            //}
-            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtConst.SecurityKey));
-            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
-
-            var token = new JwtSecurityToken(
-                issuer: JwtConst.Domain,
-                audience: JwtConst.Domain,
-                claims: claims,
-                expires: DateTime.Now.AddMinutes(30),
-                signingCredentials: creds);
-            var tokenData = new JwtSecurityTokenHandler().WriteToken(token);
-
-            return tokenData;
-        }
-
-    }
-}