jwt changes
This commit is contained in:
Shaun Walker
@ -529,10 +529,12 @@ namespace Oqtane.Controllers
|
||||
var user = _users.GetUser(User.Identity.Name);
|
||||
if (user != null)
|
||||
{
|
||||
var secret = HttpContext.GetSiteSettings().GetValue("JwtOptions:Secret", "");
|
||||
var sitesettings = HttpContext.GetSiteSettings();
|
||||
var secret = sitesettings.GetValue("JwtOptions:Secret", "");
|
||||
if (!string.IsNullOrEmpty(secret))
|
||||
{
|
||||
token = _jwtManager.GenerateToken(_tenantManager.GetAlias(), user, secret, "", "", 525600); // 1 year
|
||||
var lifetime = 525600; // long-lived token set to 1 year
|
||||
token = _jwtManager.GenerateToken(_tenantManager.GetAlias(), user, secret, sitesettings.GetValue("JwtOptions:Issuer", ""), sitesettings.GetValue("JwtOptions:Audience", ""), lifetime);
|
||||
}
|
||||
}
|
||||
return token;
|
||||
|
||||
@ -25,14 +25,15 @@ namespace Oqtane.Infrastructure
|
||||
var alias = context.GetAlias();
|
||||
if (alias != null)
|
||||
{
|
||||
var secret = context.GetSiteSettings().GetValue("JwtOptions:Secret", "");
|
||||
var sitesettings = context.GetSiteSettings();
|
||||
var secret = sitesettings.GetValue("JwtOptions:Secret", "");
|
||||
if (!string.IsNullOrEmpty(secret))
|
||||
{
|
||||
var logger = context.RequestServices.GetService(typeof(ILogManager)) as ILogManager;
|
||||
var jwtManager = context.RequestServices.GetService(typeof(IJwtManager)) as IJwtManager;
|
||||
|
||||
var token = context.Request.Headers["Authorization"].First().Split(" ").Last();
|
||||
var user = jwtManager.ValidateToken(token, secret, "", "");
|
||||
var user = jwtManager.ValidateToken(token, secret, sitesettings.GetValue("JwtOptions:Issuer", ""), sitesettings.GetValue("JwtOptions:Audience", ""));
|
||||
if (user != null)
|
||||
{
|
||||
// populate principal (reload user roles to ensure most accurate permission assigments)
|
||||
|
||||
Reference in New Issue
Block a user