Beispiel #1
0
        public async Task <IActionResult> Refresh([FromBody] AuthTokensDto dto)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            var principal = jwtService.GetPrincipalFromExpiredAccessToken(dto.AccessToken);

            if (principal == null)
            {
                ModelState.AddModelError("loginFailure", "Failure tokrn");
                return(BadRequest(ModelState));
            }

            var user = await userService.GetUserByIdAsync(principal.Claims.Single(claim => claim.Type == "uid").Value);

            if (user.IsBlocked == true)
            {
                ModelState.AddModelError("loginFailure", "Account has been blocked");
                return(BadRequest(ModelState));
            }

            var userClaims = await jwtService.GetClaimsAsync(user);

            dto.AccessToken  = jwtService.GenerateJwtAccessToken(userClaims);
            dto.RefreshToken = await jwtService.UpdateRefreshTokenAsync(dto.RefreshToken, principal);

            dto.ExpireOn = jwtService.ExpirationTime;

            return(Ok(dto));
        }