private async Task <IActionResult> GenerateNewToken(TokenRequest model)
{
var user = await userManager.FindByNameAsync(model.Username);
if (user != null && await userManager.CheckPasswordAsync(user, model.Password))
{
if (!await userManager.IsEmailConfirmedAsync(user))
{
return(BadRequest(new { response = ApiMessages.AccountNotConfirmed() }));
}
var newRefreshToken = CreateRefreshToken(appSettings.ClientId, user.Id);
var oldRefreshTokens = db.Tokens.Where(rt => rt.UserId == user.Id);
if (oldRefreshTokens != null)
{
foreach (var token in oldRefreshTokens)
{
db.Tokens.Remove(token);
}
}
db.Tokens.Add(newRefreshToken);
await db.SaveChangesAsync();
var accessToken = await CreateAccessToken(user, newRefreshToken.Value);
return(Ok(new { response = accessToken }));
}
return(Unauthorized(new { response = ApiMessages.AuthenticationFailed() }));
}
private async Task <IActionResult> GenerateNewToken(TokenRequest model)
{
var user = await userManager.FindByNameAsync(model.Username);
if (user != null && user.IsActive && await userManager.CheckPasswordAsync(user, model.Password))
{
if (this.IsFirstLogin(user))
{
await this.UpdateFirstLogin(user);
}
else
{
if (IsOneTimePasswordChanged(user) == false)
{
return(StatusCode(401, new { response = ApiMessages.AuthenticationFailed() }));
}
}
if (!await userManager.IsEmailConfirmedAsync(user))
{
return(StatusCode(495, new { response = ApiMessages.AccountNotConfirmed() }));
}
var newRefreshToken = CreateRefreshToken(settings.ClientId, user.Id);
var oldRefreshTokens = db.Tokens.Where(rt => rt.UserId == user.Id);
if (oldRefreshTokens != null)
{
foreach (var token in oldRefreshTokens)
{
db.Tokens.Remove(token);
}
}
db.Tokens.Add(newRefreshToken);
await db.SaveChangesAsync();
var accessToken = await CreateAccessToken(user, newRefreshToken.Value);
return(StatusCode(200, new { response = accessToken }));
}
return(StatusCode(401, new { response = ApiMessages.AuthenticationFailed() }));
}
