我创建了一个.net核心api,它将向客户端发送jwtsecuritytoken。连接的用户要使用该应用程序的功能,每个功能都必须具有一个令牌,例如,该令牌的有效期为5分钟,并且该令牌在到期后必须刷新(如果没有错误)。
我开始编写一些东西,但是我不知道如何刷新令牌?
[Route("api/[controller]")]
[ApiController]
public class TokenController : ControllerBase
{
private string GenerateToken(string username)
{
SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("ijustwanttotestsomething"));
Claim[] claims = new Claim[]
{
new Claim(ClaimTypes.Name , username)
};
JwtSecurityToken jwt = new JwtSecurityToken(
claims: claims,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(5),
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
);
return new JwtSecurityTokenHandler().WriteToken(jwt);
}
[HttpPost]
public ActionResult<string> Create(string username)
{
return GenerateToken(username);
}
[HttpGet]
public ActionResult<JwtSecurityToken> TokenExpired (string token)
{
var stream = token ;
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(stream);
JwtSecurityToken tokenS = handler.ReadToken(stream) as JwtSecurityToken;
DateTime dateTimeToken = DateTime.UtcNow;
if (dateTimeToken > tokenS.ValidTo)
return BadRequest("EXPIRED");
return Ok(tokenS);
}
[HttpGet("[Action]")]
public ActionResult<JwtSecurityToken> RefreshToken (string token)
{
// CODE SOMETHING
}
}