public async Task <AuthenticateResponse> RefreshTokenAsync(string token, string ipAddress)
{
(AccountRefreshToken refreshToken, Account account) = await GetRefreshTokenAsync(token);
// replace old refresh token with a new one and save
AccountRefreshToken newRefreshToken = GenerateRefreshToken(ipAddress);
refreshToken.RevokedAt = DateTime.UtcNow;
refreshToken.RevokedByIp = ipAddress;
refreshToken.ReplacedByToken = newRefreshToken.Token;
account.RefreshTokens.Add(newRefreshToken);
// remove old refresh tokens from account
RemoveOldRefreshTokens(account);
// save changes to db
_context.Update(account);
await _context.SaveChangesAsync();
// generate new jwt
string jwtToken = GenerateJwtToken(account);
AuthenticateResponse response = _mapper.Map <AuthenticateResponse>(account);
response.JwtToken = jwtToken;
response.RefreshToken = newRefreshToken.Token;
response.Expires = DateTime.Now.AddMinutes(_jwtSettings.DurationInMinutes);
return(response);
}
private async Task <TokenModel> GetTokenModel(User user)
{
var refreshToken = await _context.AccountRefreshTokens.FirstOrDefaultAsync(x => x.UserId == user.Id);
if (refreshToken != null)
{
_context.AccountRefreshTokens.Remove(refreshToken);
await _context.SaveChangesAsync();
}
refreshToken = new AccountRefreshToken()
{
Salt = Guid.NewGuid().ToString("N"),
ExpiredDate = DateTime.UtcNow.AddDays(7),
PrivateToken = Guid.NewGuid().ToString("N"),
UserId = user.Id
};
refreshToken.GenerateToken();
await _context.AccountRefreshTokens.AddAsync(refreshToken);
await _context.SaveChangesAsync();
user.AccountRefreshTokenId = refreshToken.Id;
_context.Users.Update(user);
await _context.SaveChangesAsync();
var claims = await GetIdentityClaim(user);
var encodedJwt = GenerateToken(claims.Claims);
var token = new JwtSecurityTokenHandler().WriteToken(encodedJwt);
TokenModel tokenModel = new TokenModel(token, encodedJwt.ValidTo.ToUniversalTime(), refreshToken.RefreshToken);
return(tokenModel);
}
private async Task <(AccountRefreshToken, Account)> GetRefreshTokenAsync(string token)
{
Account account = await _context.Accounts
.Include(a => a.RefreshTokens)
.SingleOrDefaultAsync(u => u.RefreshTokens.Any(t => t.Token == token));
if (account == null)
{
throw new ApiProblemDetailsException("Invalid token", StatusCodes.Status401Unauthorized);
}
AccountRefreshToken refreshToken = account.RefreshTokens.SingleOrDefault(x => x.Token == token);
if (refreshToken == null || !refreshToken.IsActive)
{
throw new ApiProblemDetailsException("Invalid token", StatusCodes.Status401Unauthorized);
}
return(refreshToken, account);
}
