47 lines
1.4 KiB
C#
47 lines
1.4 KiB
C#
using Microsoft.IdentityModel.Tokens;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Text;
|
|
using System.Security.Claims;
|
|
|
|
namespace CompetitionAPI
|
|
{
|
|
public class TokenValidationService
|
|
{
|
|
private readonly string _secretKey;
|
|
private readonly string _issuer;
|
|
|
|
public TokenValidationService(string secretKey, string issuer)
|
|
{
|
|
_secretKey = secretKey;
|
|
_issuer = issuer;
|
|
}
|
|
|
|
public bool ValidateToken(string token)
|
|
{
|
|
var tokenHandler = new JwtSecurityTokenHandler();
|
|
var key = Encoding.ASCII.GetBytes(_secretKey);
|
|
|
|
try
|
|
{
|
|
tokenHandler.ValidateToken(token, new TokenValidationParameters
|
|
{
|
|
ValidateIssuer = true,
|
|
ValidIssuer = _issuer,
|
|
ValidateIssuerSigningKey = true,
|
|
IssuerSigningKey = new SymmetricSecurityKey(key),
|
|
ValidateAudience = false, // 可选:是否验证 Audience
|
|
ValidateLifetime = true, // 是否验证 Token 是否过期
|
|
ClockSkew = TimeSpan.Zero // 设置时间偏差
|
|
}, out var validatedToken);
|
|
|
|
return validatedToken != null;
|
|
}
|
|
catch (Exception)
|
|
{
|
|
// Token 验证失败
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
}
|