Hi,
I have an asp.net core 6 web API that I am using JwtSecurityToken. I will publish it on production but there is a problem with the expiration date/time of JWT. How can I fix this?
[Route("api/token")]
[ApiController]
public class TokenController : Controller
{
private readonly IUserValidate _userValidate;
private readonly IConfiguration _config;
public TokenController(IUserValidate userValidate, IConfiguration config)
{
_userValidate = userValidate;
_config = config;
}
[HttpPost]
public async Task<IActionResult> Post([FromForm]string username, [FromForm] string password)
{
if (username != null && password != null)
{
var user = _userValidate.Login(username, password);
if (user != null)
{
//create claims details based on the user information
var claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, _config["Jwt:Subject"]),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTime.Now.ToString()),
new Claim("UserId", user.customerID.ToString()),
new Claim("DisplayName", username),
new Claim("UserName", username),
//new Claim("Email", _company.Email)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_config["Jwt:Issuer"],
_config["Jwt:Audience"],
claims,
expires: DateTime.Now.AddMinutes(4),
signingCredentials: signIn);
return Ok(new TokenReturnDto()
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
Expiration = token.ValidTo,
CurrentTime = DateTime.UtcNow
});
}
else
{
return BadRequest("Invalid credentials");
}
}
else
{
return BadRequest();
}
}
