Beispiel #1
0
        public async Task <LoginUserResponse> Handle(LoginUserCommand request, CancellationToken cancellationToken)
        {
            var user = await _uowGeneral.UserRepository.FindByEmail(request.Email)
                       ?? throw new InvalidAccountException();

            if (user.HasDisabledAccount())
            {
                throw new InvalidAccountException("Cuenta deshabilitada");
            }

            var loginMaxAttempt = await _uowGeneral.LoginMaxAttemptRepository.Find(GeneralConstants.DefaultId);

            if (await HasReachedLoginMaxAttempts(user, loginMaxAttempt.MaxAttempts))
            {
                throw new LoginMaxAttemptsReachedException();
            }

            if (!_passwordService.Verify(request.Password, user.Password))
            {
                await HandleFailedLogin(user, loginMaxAttempt.MaxAttempts);

                throw new InvalidAccountException();
            }

            user.AddEvent(new UserLogged()
            {
                User = user
            });
            await AllowUserAccess(user);

            var accessToken = await _accessTokenService.GetAccessToken(user);

            var refreshToken = await _refreshTokenService.GetRefreshToken(user);

            await _uowGeneral.SaveChanges();

            return(new LoginUserResponse()
            {
                AccessToken = accessToken, RefreshToken = refreshToken
            });
        }
Beispiel #2
0
        public async Task <RefreshTokenResponse> Handle(RefreshTokenCommand request, CancellationToken cancellationToken)
        {
            var refreshToken = await _uowGeneral.RefreshTokenRepository.FindByToken(request.Token)
                               ?? throw new InvalidRefreshTokenException();

            if (refreshToken.IsExpired())
            {
                throw new InvalidRefreshTokenException("El token de refresco ya ha expirado");
            }

            var user        = refreshToken.User;
            var accessToken = await _accessTokenService.GetAccessToken(user);

            var newRefreshToken = await _refreshTokenService.GetRefreshToken(user);

            await _uowGeneral.RefreshTokenRepository.Delete(refreshToken);

            await _uowGeneral.SaveChanges();

            return(new RefreshTokenResponse()
            {
                AccessToken = accessToken, RefreshToken = newRefreshToken
            });
        }