DiunaBI/DiunaBI.API/Services/JwtTokenService.cs

using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using DiunaBI.Domain.Entities;
using Microsoft.IdentityModel.Tokens;

namespace DiunaBI.API.Services;

public class JwtTokenService(IConfiguration configuration, ILogger<JwtTokenService> logger)
{
    private readonly IConfiguration _configuration = configuration;
    private readonly ILogger<JwtTokenService> _logger = logger;

    public string GenerateToken(User user)
    {
        var jwtSettings = _configuration.GetSection("JwtSettings");
        var securityKey = jwtSettings["SecurityKey"];
        var issuer = jwtSettings["Issuer"];
        var audience = jwtSettings["Audience"];
        var expiryDays = int.Parse(jwtSettings["ExpiryDays"] ?? "7");

        var claims = new[]
        {
            new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
            new Claim(ClaimTypes.Email, user.Email),
            new Claim(ClaimTypes.Name, user.UserName),
            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
            new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds().ToString(),
                ClaimValueTypes.Integer64)
        };

        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

        var token = new JwtSecurityToken(
            issuer: issuer,
            audience: audience,
            claims: claims,
            expires: DateTime.UtcNow.AddDays(expiryDays),
            signingCredentials: creds
        );

        var tokenString = new JwtSecurityTokenHandler().WriteToken(token);

        _logger.LogInformation("Generated JWT token for user: {Email}", user.Email);

        return tokenString;
    }

    public ClaimsPrincipal? ValidateToken(string token)
    {
        try
        {
            var jwtSettings = _configuration.GetSection("JwtSettings");
            var secretKey = jwtSettings["SecurityKey"];
            var issuer = jwtSettings["Issuer"];
            var audience = jwtSettings["Audience"];

            var tokenHandler = new JwtSecurityTokenHandler();
            var key = Encoding.UTF8.GetBytes(secretKey);

            var validationParameters = new TokenValidationParameters
            {
                ValidateIssuer = true,
                ValidateAudience = true,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                ValidIssuer = issuer,
                ValidAudience = audience,
                IssuerSigningKey = new SymmetricSecurityKey(key),
                ClockSkew = TimeSpan.Zero
            };

            var principal = tokenHandler.ValidateToken(token, validationParameters, out _);
            return principal;
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Error validating JWT token");
            return null;
        }
    }
}
App login is working 2025-11-09 19:39:52 +01:00			`using System.IdentityModel.Tokens.Jwt;`
			`using System.Security.Claims;`
			`using System.Text;`
			`using DiunaBI.Domain.Entities;`
			`using Microsoft.IdentityModel.Tokens;`

			`namespace DiunaBI.API.Services;`

			`public class JwtTokenService(IConfiguration configuration, ILogger<JwtTokenService> logger)`
			`{`
			`private readonly IConfiguration _configuration = configuration;`
			`private readonly ILogger<JwtTokenService> _logger = logger;`

			`public string GenerateToken(User user)`
			`{`
			`var jwtSettings = _configuration.GetSection("JwtSettings");`
			`var securityKey = jwtSettings["SecurityKey"];`
			`var issuer = jwtSettings["Issuer"];`
			`var audience = jwtSettings["Audience"];`
			`var expiryDays = int.Parse(jwtSettings["ExpiryDays"] ?? "7");`

			`var claims = new[]`
			`{`
			`new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),`
			`new Claim(ClaimTypes.Email, user.Email),`
			`new Claim(ClaimTypes.Name, user.UserName),`
			`new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),`
			`new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds().ToString(),`
			`ClaimValueTypes.Integer64)`
			`};`

			`var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));`
			`var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);`

			`var token = new JwtSecurityToken(`
			`issuer: issuer,`
			`audience: audience,`
			`claims: claims,`
			`expires: DateTime.UtcNow.AddDays(expiryDays),`
			`signingCredentials: creds`
			`);`

			`var tokenString = new JwtSecurityTokenHandler().WriteToken(token);`

			`_logger.LogInformation("Generated JWT token for user: {Email}", user.Email);`

			`return tokenString;`
			`}`

			`public ClaimsPrincipal? ValidateToken(string token)`
			`{`
			`try`
			`{`
			`var jwtSettings = _configuration.GetSection("JwtSettings");`
Security: JWT 2025-12-05 21:17:04 +01:00			`var secretKey = jwtSettings["SecurityKey"];`
App login is working 2025-11-09 19:39:52 +01:00			`var issuer = jwtSettings["Issuer"];`
			`var audience = jwtSettings["Audience"];`

			`var tokenHandler = new JwtSecurityTokenHandler();`
			`var key = Encoding.UTF8.GetBytes(secretKey);`

			`var validationParameters = new TokenValidationParameters`
			`{`
			`ValidateIssuer = true,`
			`ValidateAudience = true,`
			`ValidateLifetime = true,`
			`ValidateIssuerSigningKey = true,`
			`ValidIssuer = issuer,`
			`ValidAudience = audience,`
			`IssuerSigningKey = new SymmetricSecurityKey(key),`
			`ClockSkew = TimeSpan.Zero`
			`};`

			`var principal = tokenHandler.ValidateToken(token, validationParameters, out _);`
			`return principal;`
			`}`
			`catch (Exception ex)`
			`{`
			`_logger.LogError(ex, "Error validating JWT token");`
			`return null;`
			`}`
			`}`
			`}`