【修复】修复万能表单前端传输token验证是否登录解密失败的问题。

2025-12-06 17:13:26 +08:00 · 2024-05-29 00:43:48 +08:00
parent 7a081306c9
commit d1faa60db3
1 changed files with 6 additions and 2 deletions
--- a/CoreCms.Net.Auth/TokenHelper.cs
+++ b/CoreCms.Net.Auth/TokenHelper.cs
@@ -17,6 +17,7 @@ using System.Text;
 using System.Threading.Tasks;
 using CoreCms.Net.Configuration;
 using Microsoft.IdentityModel.Tokens;
+using NETCore.Encrypt;

 namespace CoreCms.Net.Auth
 {
@@ -92,10 +93,13 @@ namespace CoreCms.Net.Auth
            var issuer = AppSettingsConstVars.JwtConfigIssuer;
            var audience = AppSettingsConstVars.JwtConfigAudience;

+
            try
            {
+                var aesDecryptToken = EncryptProvider.AESDecrypt(token, AppSettingsConstVars.JwtConfigSecretKey);
+
                var tokenHandler = new JwtSecurityTokenHandler(); // 创建一个JwtSecurityTokenHandler类，用来后续操作
-                var jwtToken = tokenHandler.ReadToken(token) as JwtSecurityToken; // 将字符串token解码成token对象
+                var jwtToken = tokenHandler.ReadToken(aesDecryptToken) as JwtSecurityToken; // 将字符串token解码成token对象
                if (jwtToken == null)
                    return 0;
                var validationParameters = new TokenValidationParameters() // 生成验证token的参数
@@ -111,7 +115,7 @@ namespace CoreCms.Net.Auth
                    RequireExpirationTime = true,
                };
                SecurityToken securityToken; // 接受解码后的token对象
-                var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
+                var principal = tokenHandler.ValidateToken(aesDecryptToken, validationParameters, out securityToken);

                if (securityToken == null || string.IsNullOrEmpty(securityToken.Id))
                {