public async Task <LoginUserResponse> Handle(LoginUserCommand request, CancellationToken cancellationToken)
{
var user = await _uowGeneral.UserRepository.FindByEmail(request.Email)
?? throw new InvalidAccountException();
if (user.HasDisabledAccount())
{
throw new InvalidAccountException("Cuenta deshabilitada");
}
var loginMaxAttempt = await _uowGeneral.LoginMaxAttemptRepository.Find(GeneralConstants.DefaultId);
if (await HasReachedLoginMaxAttempts(user, loginMaxAttempt.MaxAttempts))
{
throw new LoginMaxAttemptsReachedException();
}
if (!_passwordService.Verify(request.Password, user.Password))
{
await HandleFailedLogin(user, loginMaxAttempt.MaxAttempts);
throw new InvalidAccountException();
}
user.AddEvent(new UserLogged()
{
User = user
});
await AllowUserAccess(user);
var accessToken = await _accessTokenService.GetAccessToken(user);
var refreshToken = await _refreshTokenService.GetRefreshToken(user);
await _uowGeneral.SaveChanges();
return(new LoginUserResponse()
{
AccessToken = accessToken, RefreshToken = refreshToken
});
}
public async Task <RefreshTokenResponse> Handle(RefreshTokenCommand request, CancellationToken cancellationToken)
{
var refreshToken = await _uowGeneral.RefreshTokenRepository.FindByToken(request.Token)
?? throw new InvalidRefreshTokenException();
if (refreshToken.IsExpired())
{
throw new InvalidRefreshTokenException("El token de refresco ya ha expirado");
}
var user = refreshToken.User;
var accessToken = await _accessTokenService.GetAccessToken(user);
var newRefreshToken = await _refreshTokenService.GetRefreshToken(user);
await _uowGeneral.RefreshTokenRepository.Delete(refreshToken);
await _uowGeneral.SaveChanges();
return(new RefreshTokenResponse()
{
AccessToken = accessToken, RefreshToken = newRefreshToken
});
}