public CurrentUser currentUser
{
get
{
CurrentUser result = new CurrentUser();
//jwt 解密token
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
string authHeader = this.Request.Headers["Authorization"];//Header中的token
// Add JWT Protection
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
string token = authHeader.Substring("Bearer ".Length).Trim();
var requestService = HttpContext.RequestServices;
var conf = requestService.GetService(typeof(IConfiguration)) as IConfiguration;
var secretKey = conf["AAA:BBB"];//密钥信息
string resultstr = decoder.Decode(token, secretKey, verify: true);//token为之前生成的字符串
result = JsonConvert.DeserializeObject<CurrentUser>(resultstr);//反序列化 将jwt中的信息解压出来
}
else
{
//Handle what happens if that isn't the case
throw new Exception("The authorization header is either empty or isn't Basic.");
}
return result;
}
}