fixed: user'pwd is showed

2024-09-20 23:48:27 +08:00 · 2019-03-01 17:16:49 +08:00 · 2019-03-01 17:16:49 +08:00 · 983e05d179
commit 983e05d179
parent a2b2de02da
2 changed files with 46 additions and 0 deletions
--- a/Blog.Core/Controllers/LoginController.cs
+++ b/Blog.Core/Controllers/LoginController.cs
@ -174,6 +174,51 @@ namespace Blog.Core.Controllers
        }


+        [HttpGet]
+        [Route("RefreshToken")]
+        public async Task<object> RefreshToken(string token = "")
+        {
+            string jwtStr = string.Empty;
+            bool suc = false;
+
+            if (string.IsNullOrEmpty(token))
+            {
+                return new JsonResult(new
+                {
+                    Status = false,
+                    message = "token无效，请重新登录！"
+                });
+            }
+            var tokenModel = JwtHelper.SerializeJWT(token);
+            if (tokenModel != null && tokenModel.Uid > 0)
+            {
+                var user = await sysUserInfoServices.QueryByID(tokenModel.Uid);
+                if (user != null)
+                {
+                    var userRoles = await sysUserInfoServices.GetUserRoleNameStr(user.uLoginName, user.uLoginPWD);
+                    //如果是基于用户的授权策略，这里要添加用户;如果是基于角色的授权策略，这里要添加角色
+                    var claims = new List<Claim> {
+                    new Claim(ClaimTypes.Name, user.uLoginName),
+                    new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjToString()),
+                    new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
+                    claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
+
+                    //用户标识
+                    var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
+                    identity.AddClaims(claims);
+
+                    var refreshToken = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
+                    return new JsonResult(refreshToken);
+                }
+            }
+
+            return new JsonResult(new
+            {
+                success = false,
+                message = "认证失败"
+            });
+        }
+
        /// <summary>
        /// 
        /// </summary>
--- a/Blog.Core/Controllers/UserController.cs
+++ b/Blog.Core/Controllers/UserController.cs
@ -64,6 +64,7 @@ namespace Blog.Core.Controllers
            var allRoles = await _roleServices.Query(d => d.IsDeleted == false);
            foreach (var item in sysUserInfos)
            {
+                item.uLoginPWD = "no see me";
                if (item != null)
                {
                    item.RID = (allUserRoles.Where(d => d.UserId == item.uID).FirstOrDefault()?.RoleId).ObjToInt();