添加项目文件。

Authentication/Authentication.cs

@@ -0,0 +1,6 @@
+namespace WebAppServer1.Authentication
+{
+    public class Authentication
+    {
+    }
+}

Authentication/JwtService.cs

@@ -0,0 +1,87 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using WebAppServer1.ApplicationDbContext;
+using WebAppServer1.Models;
+
+namespace WebAppServer1.Authentication
+{
+    public class TokenService
+    {
+        private readonly IConfiguration _config;
+        private readonly AppDbContext pgSql;
+
+        public TokenService(IConfiguration config, AppDbContext appDbContext)
+        {
+            _config = config;
+            pgSql = appDbContext;
+        }
+        
+        public string GenerateAccessToken(string username, int userid)
+        {
+            var claims = new List<Claim>()
+            {
+                new Claim(ClaimTypes.Name, username),
+                //new Claim(ClaimTypes.Email, username),
+                new Claim(ClaimTypes.NameIdentifier, userid.ToString()),
+                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
+            };
+
+            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]!));
+            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+
+            var token = new JwtSecurityToken(
+                issuer: _config["Jwt:Issuer"],
+                audience: _config["Jwt:Audience"],
+                claims: claims,
+                expires: DateTime.UtcNow.AddMinutes(Convert.ToDouble(_config["Jwt:AccessTokenExpirationMinutes"])),
+                signingCredentials: creds);
+
+            return new JwtSecurityTokenHandler().WriteToken(token);
+        }
+
+        public async Task<string> GenerateRefreshToken(int userid, string username)
+        {
+            var refreshToken = Guid.NewGuid().ToString("N");
+            var refreshTokenExpiry = DateTime.UtcNow.AddDays(Convert.ToDouble(_config["Jwt:RefreshTokenExpirationDays"]));
+            var tokens = new Tokens
+            {
+                UserId = userid,
+                UserName = username,
+                RefreshToken = refreshToken,
+                IsRevoked = false,
+                IssuedAt = DateTime.UtcNow,
+                ExpiresAt = refreshTokenExpiry,
+            };
+            pgSql.Add(tokens);
+            await pgSql.SaveChangesAsync();
+            return refreshToken;
+        }
+
+        public async Task<bool> ValidateRefreshToken(string refreshToken)
+        {
+            var exists = await pgSql.Tokens.AnyAsync(t => t.RefreshToken == refreshToken);
+            if (!exists) { return false; }
+            var token = await pgSql.Tokens.FirstOrDefaultAsync(t => t.RefreshToken == refreshToken);
+            if (token == null || token.IsRevoked ) { return false; }
+            if (token.ExpiresAt < DateTime.UtcNow)
+            {
+                token.IsRevoked = true;
+                await pgSql.SaveChangesAsync();
+                return false; 
+            }
+            return true;
+        }
+
+        public async Task RevokeRefreshToken(string refreshToken)
+        {
+            var token = await pgSql.Tokens.FirstOrDefaultAsync(t => t.RefreshToken == refreshToken);
+            pgSql.Tokens.Remove(token!);
+            await pgSql.SaveChangesAsync();
+        }
+    }
+
+
+}