public async Task <Result <object> > Handle(DeleteUserCommand request, CancellationToken cancellationToken)
{
var cacheKey = $"User-{request.UserId}";
if (!await _cacheService.IsExistsAsync(cacheKey))
{
var userInDb = await _userRepository.GetAsync(u => u.Id == request.UserId);
userInDb.CheckForNull();
}
var token = await _tokenRepository.GetAsync(t => t.Id == request.UserId);
if (token is not null)
{
await _tokenRepository.DeleteAsync(t => t.Id == token.Id);
await _sender.PublishAsync(token, cancellationToken);
}
await _userRepository.DeleteAsync(u => u.Id == request.UserId);
await _cacheService.RemoveAsync(cacheKey);
return(Result <object> .Success());
}
public async Task <Token> ValidateRefreshTokenAsync(string refreshTokenId)
{
try
{
RefreshToken refreshToken = await _refreshTokenRepository.GetByIdAsync(refreshTokenId);
if (refreshToken == null)
{
throw new NotFoundException("refresh token not found");
}
Token token = new Token
{
Jwt = await GenerateAccessTokenAsync(refreshToken.User),
Refresh = await GenerateRefreshTokenAsync(refreshToken.User.Id)
};
await _refreshTokenRepository.DeleteAsync(refreshToken.Id);
_storage.Save();
return(token);
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <ActionResult> RefreshAsync(RefreshRequest refreshRequest, ModelStateDictionary modelState)
{
if (!modelState.IsValid)
{
return(BadRequestModelState(modelState));
}
bool isValidRefreshToken = _refreshTokenValidator.Validate(refreshRequest.RefreshToken);
if (!isValidRefreshToken)
{
return(new BadRequestObjectResult(new ErrorResponse("Invalid refresh token.")));
}
RefreshToken refreshTokenDTO = await _refreshTokenRepository.GetByTokenAsync(refreshRequest.RefreshToken);
if (refreshTokenDTO == null)
{
return(new NotFoundObjectResult(new ErrorResponse("Invalid refresh token.")));
}
await _refreshTokenRepository.DeleteAsync(refreshTokenDTO.Id);
Account account = await _accountService.GetAsync(refreshTokenDTO.AccountId);
if (account == null)
{
return(new NotFoundObjectResult(new ErrorResponse("Account not found.")));
}
AuthenticatedAccountResponse response = await _authenticator.AuthenticateAsync(account);
return(new OkObjectResult(response));
}
public async Task <string> CreateAsync(Guid userId)
{
var token = _rng.Generate(30, true);
var now = _clock.CurrentDate();
var expires = now.Add(_options.ExpiryRefreshToken);
var refreshToken = new RefreshToken(Guid.NewGuid(), userId, token, DateTime.UtcNow, expires);
await _refreshTokenRepository.DeleteAsync(userId);
await _refreshTokenRepository.AddAsync(refreshToken);
return(token);
}
public async Task <Result <object> > Handle(LogoutCommand request, CancellationToken cancellationToken)
{
var user = await _userRepository.GetAsync(u => u.Id == request.UserId);
if (user == null)
{
throw Result <User> .Failure("id", "Invalid id");
}
user.SessionId = null;
var token = await _tokenRepository.GetAsync(t => t.User.Id == request.UserId);
await _tokenRepository.DeleteAsync(t => t.Id == token.Id);
await _sender.PublishAsync(new UpdatedUser(user), cancellationToken);
await _sender.PublishAsync(new DeletedToken(token.Id), cancellationToken);
return(Result <object> .Success());
}
public async Task LogoutAsync(string accessToken, string refreshToken)
{
var userId = _jwtHandler.RetrieveUserIdFromAccessToken(accessToken);
if (userId == Guid.Empty)
{
throw new HttpResponseException(StatusCodes.Status400BadRequest, "Invalid access_token");
}
await _invalidTokenRepository.AddAsync(new InvalidToken()
{
UserId = userId,
Token = accessToken
});
var refreshTokenEntity = await _refreshTokenRepository.GetByUserIdAndToken(userId, refreshToken);
if (!refreshTokenEntity.IsValid)
{
throw new HttpResponseException(StatusCodes.Status400BadRequest, "Invalid refresh_token");
}
await _refreshTokenRepository.DeleteAsync(refreshTokenEntity);
}
public async Task <Result <UserAuthenticatedDto> > Handle(RefreshTokenCommand request,
CancellationToken cancellationToken)
{
var user = await _userRepository.GetAsync(u => u.Id == request.UserId);
user.SessionId = Guid.NewGuid().ToString();
var userDto = _mapper.Map <UserDto>(user);
var refreshTokenInDb = await
_tokenRepository.GetAsync(t => t.User.Id == request.UserId && t.Token == request.Token.Name);
refreshTokenInDb.CheckForNull();
IsValid(refreshTokenInDb);
var jwtToken = JwtExtensions.GenerateJwtToken(userDto, _tokenConfiguration);
var tokenString = JwtExtensions.GenerateRefreshToken();
var userInDb = _mapper.Map <User>(user);
var refreshToken = new RefreshToken
{
Id = Guid.NewGuid().ToString(),
DateCreated = DateTime.UtcNow,
DateExpires = DateTime.UtcNow.AddMinutes(_tokenConfiguration.RefreshTokenExpirationMinutes),
Token = tokenString,
User = userInDb
};
await _tokenRepository.CreateAsync(refreshToken);
await _tokenRepository.DeleteAsync(t => t.Id == refreshTokenInDb.Id);
await _sender.PublishAsync(new UpdatedUser(user), cancellationToken);
await _sender.PublishAsync(new CreatedToken(refreshToken), cancellationToken);
UserAuthenticatedDto authenticatedDto = new(userDto, jwtToken, refreshToken.Token);
return(Result <UserAuthenticatedDto> .Success(authenticatedDto));
}
public async Task <bool> DeletePreviousRefreshTokenAsync(string username)
{
var deletePrevious = await _refreshTokenRepository.DeleteAsync(x => x.Username == username);
return(deletePrevious);
}
public async Task <Unit> Handle(DeleteRefreshTokenCommand request, CancellationToken cancellationToken)
{
await _tokenRepository.DeleteAsync(t => t.Id == request.Id);
return(Unit.Value);
}
