public async Task <LoginCustomerUserCommandResponse> Handle(LoginCustomerUserCommandRequest request, CancellationToken cancellationToken, RequestHandlerDelegate <LoginCustomerUserCommandResponse> next)
{
var adminUser = await _userManager.FindByNameAsync(request.UserName);
if (adminUser is null || adminUser.IsDeleted)
{
throw new AppException(ResultCode.BadRequest, "user password or username is not correct");
}
var passwordChecker = await _userManager.CheckPasswordAsync(adminUser, request.Password);
if (!passwordChecker)
{
throw new AppException(ResultCode.BadRequest, "user password or username is not correct");
}
var command = new AccessTokenCommandRequest
{
SubjectId = adminUser.SubjectId.ToString(),
UserType = UserType.customer,
UserId = adminUser.Id
};
var userToken = await _eventBus.Issue(command, cancellationToken);
_currentUser.SetHttpOnlyUserCookie("X-Access-Token", userToken.Data.AccessToken,
DateTimeOffset.Now.AddSeconds(int.Parse(_configuration["JwtToken:AccessTokenExpiredTime"])),
_configuration["JwtToken:DomainUrl"]);
_currentUser.SetHttpOnlyUserCookie("X-Refresh-Token", userToken.Data.RefreshToken,
DateTimeOffset.Now.AddDays(int.Parse(_configuration["JwtToken:ExpirationDays"])), _configuration["JwtToken:DomainUrl"]);
return(new LoginCustomerUserCommandResponse(true, ResultCode.Success));
}
public async Task <ExtendAccessTokenCommandResponse> Handle(ExtendAccessTokenCommandRequest request, CancellationToken cancellationToken, RequestHandlerDelegate <ExtendAccessTokenCommandResponse> next)
{
var user = await _userManager.Users.Include(a => a.PersistGrants).Where(a =>
a.PersistGrants.Any(b => b.RefreshToken == request.RefreshToken)).FirstOrDefaultAsync();
var existedPersist = user.PersistGrants.FirstOrDefault(a => a.RefreshToken == request.RefreshToken);
if (existedPersist is not null && !existedPersist.IsActive)
{
throw new AppException(ResultCode.UnAuthorized, "your refresh token InActived");
}
if (existedPersist.IsExpired)
{
throw new AppException(ResultCode.UnAuthorized, "your refresh Token is Expired");
}
if (user is null)
{
throw new AppException(ResultCode.UnAuthorized, "Your RefreshToken Not Valid");
}
var userRoles = await _userManager.GetRolesAsync(user);
var command = new AccessTokenCommandRequest
{
Roles = userRoles.ToList(),
SubjectId = user.SubjectId.ToString(),
UserType = UserType.admin,
UserId = user.Id
};
var userToken = await _eventBus.Issue(command);
_currentUser.SetHttpOnlyUserCookie("X-Access-Token", userToken.Data.AccessToken,
DateTimeOffset.Now.AddSeconds(int.Parse(_configuration["JwtToken:AccessTokenExpiredTime"])),
_configuration["JwtToken:DomainUrl"]);
_currentUser.SetHttpOnlyUserCookie("X-Refresh-Token", userToken.Data.RefreshToken,
DateTimeOffset.Now.AddDays(int.Parse(_configuration["JwtToken:ExpirationDays"])), _configuration["JwtToken:DomainUrl"]);
var tokens = new ExtendRefreshTokenViewModel
{
AccessToken = userToken.Data.AccessToken,
RefreshToken = userToken.Data.RefreshToken
};
return(new ExtendAccessTokenCommandResponse(true, ResultCode.Success, tokens));
}
