JWT是一种加密算法,为了防止请求的信息在传输途中被拦截修改
JWT的引用:
install-package jwt
JWF由三部分组成:Header,Payload,Signature
Payload中放的是传输的数据
Header和Payload部分的内容是Base64编码,可以轻松的解码,所以Payload中不要放机密信息
Signature是Header,Payload和SecretKey(秘钥) 的内容合在一起进行加密得到的,所以没有秘钥的人绝对解不开,而且其中某个部分被改动后就会匹配不上,从而防止被拦截修改
加密
//要传输的数据 var payload = new Dictionary<string, object> { { "UserId", 123 }, { "UserName", "admin" } }; //秘钥,注意不要泄露 var secret = "XXXXXXXXX"; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); string token = encoder.Encode(payload, secret); //加密
解密
var token="aaaaaaa.bbbbbbbbbbb.cccccccccccc"; //加密后的数据 var secret = "XXXXXXXXXXXXX"; //秘钥 try { IJsonSerializer serializer = new JsonNetSerializer(); IDateTimeProvider provider = new UtcDateTimeProvider(); IJwtValidator validator = new JwtValidator(serializer, provider); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder); var json = decoder.Decode(token, secret, verify: true); //解密 } catch (TokenExpiredException) { Console.WriteLine("Token has expired"); } catch (SignatureVerificationException) { Console.WriteLine("Token has invalid signature"); }
如果要设置过期时间就在payload中添加一个名为exp的值,这个值给过期时间到1970/1/1 00:00:00期间的秒数
double exp = (DateTime.UtcNow.AddSeconds(10) - new DateTime(1970, 1, 1)).TotalSeconds; //获取当前时间,在它之上增加10秒,减去1970/1/1,转为秒
如果此数据在过期时间之后才传到,就会失效