Beispiel #1
0
        public async Task <AccessTokenDTO> GenerateFreshToken(ClaimsPrincipal principal, string refreshToken)
        {
            var username = principal.Claims.ElementAt(0).Value;
            var user     = await _unitOfWork.User.FindOneAsync(u => u.Email == username); //retrieve the refresh token from a data store

            if (user != null)
            {
                if (user.RefreshToken != refreshToken)
                {
                    throw new SecurityTokenException("Nieważny token odświeżania");
                }

                var tokenHandler    = new JwtSecurityTokenHandler();
                var tokenKey        = Encoding.ASCII.GetBytes("Tomojsekretnyklucz");
                var tokenDescriptor = new SecurityTokenDescriptor
                {
                    //Token contain
                    Subject = new ClaimsIdentity(new Claim[]
                    {
                        new Claim(ClaimTypes.Name, principal.Claims.ElementAt(0).Value),
                        new Claim(ClaimTypes.Role, principal.Claims.ElementAt(1).Value)
                    }),
                    Expires            = DateTime.UtcNow.AddMinutes(30),
                    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenKey),
                                                                SecurityAlgorithms.HmacSha256)
                };

                var token           = tokenHandler.CreateToken(tokenDescriptor);
                var writeToken      = tokenHandler.WriteToken(token);
                var newRefreshToken = GenerateRefreshTokenJwt.GenerateRefreshToken();
                user.RefreshToken = newRefreshToken;
                await _unitOfWork.SaveChangesAsync();

                return(new AccessTokenDTO()
                {
                    AccessToken = writeToken,
                    RefreshToken = newRefreshToken
                });
            }
            return(null);
        }
Beispiel #2
0
        public async Task <AccessTokenDTO> GenerateToken(string email)
        {
            var user = await _unitOfWork.User.FindOneAsync(u => u.Email == email);

            if (user != null)
            {
                var role = await _userManager.GetRolesAsync(user);

                var tokenHandler    = new JwtSecurityTokenHandler();
                var tokenKey        = Encoding.ASCII.GetBytes("Tomojsekretnyklucz");
                var tokenDescriptor = new SecurityTokenDescriptor
                {
                    //Token contain
                    Subject = new ClaimsIdentity(new Claim[]
                    {
                        new Claim(ClaimTypes.Name, email),
                        new Claim(ClaimTypes.Role, role[0])
                    }),
                    Expires            = DateTime.UtcNow.AddMinutes(30),
                    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenKey),
                                                                SecurityAlgorithms.HmacSha256)
                };
                var token        = tokenHandler.CreateToken(tokenDescriptor);
                var writeToken   = tokenHandler.WriteToken(token);
                var refreshToken = GenerateRefreshTokenJwt.GenerateRefreshToken();
                user.RefreshToken = refreshToken;
                await _unitOfWork.SaveChangesAsync();

                return(new AccessTokenDTO()
                {
                    AccessToken = writeToken,
                    RefreshToken = refreshToken
                });
            }
            return(null);
        }