Beispiel #1
0
        public async Task <TokenRefreshResponseDTO> RefreshTokenAsync(TokenRefreshRequestDTO refreshRequest)
        {
            AppUser user = await usersRepository.GetUserOrDefaultByUserNameAsync(refreshRequest.UserName);

            if (user == null)
            {
                throw new BadRequestException("Not valid user!");
            }

            bool validRefreshToken = await usersRepository.HasRefreshTokenAsync(user, refreshRequest.RefreshToken);

            if (!validRefreshToken)
            {
                throw new BadRequestException("Not valid refresh token!");
            }

            await usersRepository.DeleteRefreshTokenAsync(user, refreshRequest.RefreshToken);

            var newRefreshToken = refreshTokenFactory.GenerateToken();
            await usersRepository.CreateRefreshTokenAsync(user, newRefreshToken);

            var userClaims = GetTokenClaimsForUser(user);

            return(new TokenRefreshResponseDTO
            {
                Token = tokenFactory.GenerateTokenForClaims(userClaims),
                RefreshToken = newRefreshToken
            });
        }