token的存在意义
这是我初略了解的token的存在意义
- 用户使用用户名密码来请求服务器
- 服务器进行验证用户的信息
- 服务器通过验证发送给用户一个token
- 客户端存储token,并在每次请求时附送上这个token值
- 服务端验证token值,并返回数据
使用方法
先安装一个JWT,注意NetFramework的版本
创建一个工具类TokenInfo.cs
using JWT;
using JWT.Algorithms;
using JWT.Serializers;
using System;
using System.Collections.Generic;
using System.Web;
using System.Web.Script.Serialization;
namespace ProjectLYG.Common
{
public class TokenInfo
{
public TokenInfo()
{
UserName = "j";
Pwd = "123456";
}
public string UserName { get; set; }
public string Pwd { get; set; }
}
public class TokenHelper
{
public static string SecretKey = "bqsid123k12s0h1d3uhf493fh02hdd102h9s3h38ff";//这个服务端加密秘钥 属于私钥
private static JavaScriptSerializer myJson = new JavaScriptSerializer();
/// <summary>
/// 生成Token
/// </summary>
/// <param name="M"></param>
/// <returns></returns>
public static string GenToken(TokenInfo M)
{
var payload = new Dictionary<string, dynamic>
{
{"UserName", M.UserName},//用于存放当前登录人账户信息
{"UserPwd", M.Pwd}//用于存放当前登录人登录密码信息
};
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
return encoder.Encode(payload, SecretKey);
}
/// <summary>
/// 验证Token
/// </summary>
/// <returns></returns>
public static string DecodeToken()
{
//获取request中的token
string token = HttpContext.Current.Request.Headers["Authorization"];
//去掉前面的Bearer
if (token != null && token.StartsWith("Bearer"))
token = token.Substring("Bearer ".Length).Trim();
try
{
var json = GetTokenJson(token);
TokenInfo info = myJson.Deserialize<TokenInfo>(json);
return "Token is true";
}
catch (TokenExpiredException)
{
return "Token has expired";
}
catch (SignatureVerificationException)
{
return "Token has invalid signature";
}
}
public static string GetTokenJson(string token)
{
try
{
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
var json = decoder.Decode(token, SecretKey, verify: true);
return json;
}
catch (Exception)
{
throw;
}
}
}
}
使用方法
//生成Token
TokenInfo tokenInfo = new TokenInfo();
tokenInfo.Pwd = password;
tokenInfo.UserName = tel;
string token = TokenHelper.GenToken(tokenInfo);
........
//token验证
string tokenInfo = TokenHelper.DecodeToken();
........
工具类已将返回的Request的token值提取出,无须传值
到此这篇关于c#中token的使用方法实例的文章就介绍到这了,更多相关c# token内容请搜索编程网以前的文章或继续浏览下面的相关文章希望大家以后多多支持编程网!