public CurrentUser currentUser

         {

             get

             {

                 CurrentUser result = new CurrentUser();

                 //jwt 解密token

                 IJsonSerializer serializer = new JsonNetSerializer();

                 IDateTimeProvider provider = new UtcDateTimeProvider();

                 IJwtValidator validator = new JwtValidator(serializer, provider);

                 IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();

                 IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);

                 string authHeader = this.Request.Headers["Authorization"];//Header中的token

                 // Add JWT　Protection

                 if (authHeader != null && authHeader.StartsWith("Bearer"))

                 {

                     string token = authHeader.Substring("Bearer ".Length).Trim();

                     var requestService = HttpContext.RequestServices;

                     var conf = requestService.GetService(typeof(IConfiguration)) as IConfiguration;

                     var secretKey = conf["AAA:BBB"];//密钥信息

                     string resultstr = decoder.Decode(token, secretKey, verify: true);//token为之前生成的字符串

                     result = JsonConvert.DeserializeObject<CurrentUser>(resultstr);//反序列化 将jwt中的信息解压出来

                 }

                 else

                 {

                     //Handle what happens if that isn't the case

                     throw new Exception("The authorization header is either empty or isn't Basic.");

                 }

                 return result;

             }

         }