using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using Service.AppSettingModel;
namespace Application;
///
/// 认证应用服务接口
///
public interface IAuthApplication
{
///
/// 用户登录
///
LoginResponse Login(LoginRequest request);
}
///
/// 认证应用服务实现
///
public class AuthApplication(
IOptions authSettings,
IOptions jwtSettings,
ILogger logger) : IAuthApplication
{
private readonly AuthSettings _authSettings = authSettings.Value;
private readonly JwtSettings _jwtSettings = jwtSettings.Value;
private readonly ILogger _logger = logger;
public LoginResponse Login(LoginRequest request)
{
// 验证密码
if (string.IsNullOrEmpty(request.Password))
{
throw new ValidationException("密码不能为空");
}
if (request.Password != _authSettings.Password)
{
_logger.LogWarning("登录失败: 密码错误");
throw new ValidationException("密码错误");
}
// 生成JWT Token
var token = GenerateJwtToken();
var expiresAt = DateTime.UtcNow.AddHours(_jwtSettings.ExpirationHours);
_logger.LogInformation("用户登录成功");
return new LoginResponse
{
Token = token,
ExpiresAt = expiresAt
};
}
///
/// 生成JWT Token
///
private string GenerateJwtToken()
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.SecretKey));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString()),
new Claim("auth", "password-auth")
};
var token = new JwtSecurityToken(
issuer: _jwtSettings.Issuer,
audience: _jwtSettings.Audience,
claims: claims,
expires: DateTime.UtcNow.AddHours(_jwtSettings.ExpirationHours),
signingCredentials: credentials
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}