public string Login([FromBody] LogInRequest req)
{
ResponseData Resp = new ResponseData();
User u = MySQLDapperQueries.GetUserByUserName(req.username);
if (u == null)
{
Resp = new ResponseData
{
Code = "501",
Message = "User Not found",
Data = null
};
}
else
{
string hashedpassword = Authentication.GenerateHashedPWD(req.password, u.salt.ToString());
if (u.password == hashedpassword)
{
AccessToken atoken = Authentication.GenerateAccessToken(GetIP());
RefreshToken rtoken = Authentication.GenerateRefreshToken(GetIP());
MySQLDapperQueries.UpdateUserTokens(u.id, atoken.Token, atoken.ExpiryDate, rtoken.Token, rtoken.ExpiryDate);
Resp = new ResponseData
{
Code = "200",
Message = "Verified",
Data = new
{
Accesstoken = atoken.Token,
RefreshToken = rtoken.Token,
ID = u.id
}
};
}
else
{
Resp = new ResponseData
{
Code = "503",
Message = "Wrong Password",
Data = null
};
}
}
return(JsonConvert.SerializeObject(Resp, Formatting.None));
}
public string RefreshToken([FromBody] RefreshTokenRequest request)
{
ResponseData resp = new ResponseData();
string accesstoken = request.accesstoken;
string oldrefreshtoken = request.refreshtoken;
User u = MySQLDapperQueries.GetUserByAccessTokenAndRefreshToken(accesstoken, oldrefreshtoken);
// if refresh token if expired... return to login page
// if not use it to generate new access token and new refreshtoken
if (u == null)
{
resp = new ResponseData
{
Code = "506",
Message = "invalid user",
Data = null
};
}
else if (u.refresh_token_expiration < DateTime.Now)
{
// return to login page
resp = new ResponseData
{
Code = "700",
Message = "refresh token has expired",
Data = null
};
}
else
{
RefreshToken rtoken = Authentication.RefreshToken(GetIP(), accesstoken, oldrefreshtoken);
u.refresh_token = rtoken.Token;
u.refresh_token_expiration = rtoken.ExpiryDate;
AccessToken atoken = Authentication.GenerateAccessToken(GetIP());
u.token = atoken.Token;
u.token_expiration = atoken.ExpiryDate;
int updatedrow = MySQLDapperQueries.UpdateUserTokens(u.id, u.token, u.token_expiration, u.refresh_token, u.refresh_token_expiration);
if (updatedrow > 0)
{
resp = new ResponseData
{
Code = "200",
Message = "Tokens Refreshed",
Data = new
{
Accesstoken = u.token,
RefreshToken = u.refresh_token,
ID = u.id
}
};
}
else
{
resp = new ResponseData
{
Code = "508",
Message = "Couldn't Refresh Tokens",
Data = null
};
}
}
return(JsonConvert.SerializeObject(resp, Formatting.None));
}