private async Task <bool> RevokeRefreshToken()
{
string accessToken = HttpContext.Request.Cookies["accessToken"];
string refreshToken = HttpContext.Request.Cookies["refreshToken"];
if (accessToken == null || refreshToken == null)
{
return(true);
}
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(accessToken);
var tokenS = handler.ReadToken(accessToken) as JwtSecurityToken;
var userName = tokenS.Claims.First(claim => claim.Type == "unique_name").Value;
var identityUser = await userManager.FindByNameAsync(userName);
if (identityUser == null)
{
return(false);
}
var refreshTokens = refreshTokenRepository.GetByUserId(identityUser.Id);
var selectedRefreshToken = refreshTokens.Where <RefreshToken>(c => c.Token == refreshToken).FirstOrDefault();
if (selectedRefreshToken != null)
{
await refreshTokenRepository.Remove(selectedRefreshToken.Id);
}
// Set Token Cookie
var cookieOptions = new CookieOptions
{
HttpOnly = true,
Secure = true,
SameSite = SameSiteMode.None,
Expires = DateTime.UtcNow.AddDays(-1)
};
HttpContext.Response.Cookies.Append("accessToken", "", cookieOptions);
HttpContext.Response.Cookies.Append("refreshToken", "", cookieOptions);
return(true);
}