public async Task <LoginCustomerUserCommandResponse> Handle(LoginCustomerUserCommandRequest request, CancellationToken cancellationToken, RequestHandlerDelegate <LoginCustomerUserCommandResponse> next) { var adminUser = await _userManager.FindByNameAsync(request.UserName); if (adminUser is null || adminUser.IsDeleted) { throw new AppException(ResultCode.BadRequest, "user password or username is not correct"); } var passwordChecker = await _userManager.CheckPasswordAsync(adminUser, request.Password); if (!passwordChecker) { throw new AppException(ResultCode.BadRequest, "user password or username is not correct"); } var command = new AccessTokenCommandRequest { SubjectId = adminUser.SubjectId.ToString(), UserType = UserType.customer, UserId = adminUser.Id }; var userToken = await _eventBus.Issue(command, cancellationToken); _currentUser.SetHttpOnlyUserCookie("X-Access-Token", userToken.Data.AccessToken, DateTimeOffset.Now.AddSeconds(int.Parse(_configuration["JwtToken:AccessTokenExpiredTime"])), _configuration["JwtToken:DomainUrl"]); _currentUser.SetHttpOnlyUserCookie("X-Refresh-Token", userToken.Data.RefreshToken, DateTimeOffset.Now.AddDays(int.Parse(_configuration["JwtToken:ExpirationDays"])), _configuration["JwtToken:DomainUrl"]); return(new LoginCustomerUserCommandResponse(true, ResultCode.Success)); }
public async Task <ExtendAccessTokenCommandResponse> Handle(ExtendAccessTokenCommandRequest request, CancellationToken cancellationToken, RequestHandlerDelegate <ExtendAccessTokenCommandResponse> next) { var user = await _userManager.Users.Include(a => a.PersistGrants).Where(a => a.PersistGrants.Any(b => b.RefreshToken == request.RefreshToken)).FirstOrDefaultAsync(); var existedPersist = user.PersistGrants.FirstOrDefault(a => a.RefreshToken == request.RefreshToken); if (existedPersist is not null && !existedPersist.IsActive) { throw new AppException(ResultCode.UnAuthorized, "your refresh token InActived"); } if (existedPersist.IsExpired) { throw new AppException(ResultCode.UnAuthorized, "your refresh Token is Expired"); } if (user is null) { throw new AppException(ResultCode.UnAuthorized, "Your RefreshToken Not Valid"); } var userRoles = await _userManager.GetRolesAsync(user); var command = new AccessTokenCommandRequest { Roles = userRoles.ToList(), SubjectId = user.SubjectId.ToString(), UserType = UserType.admin, UserId = user.Id }; var userToken = await _eventBus.Issue(command); _currentUser.SetHttpOnlyUserCookie("X-Access-Token", userToken.Data.AccessToken, DateTimeOffset.Now.AddSeconds(int.Parse(_configuration["JwtToken:AccessTokenExpiredTime"])), _configuration["JwtToken:DomainUrl"]); _currentUser.SetHttpOnlyUserCookie("X-Refresh-Token", userToken.Data.RefreshToken, DateTimeOffset.Now.AddDays(int.Parse(_configuration["JwtToken:ExpirationDays"])), _configuration["JwtToken:DomainUrl"]); var tokens = new ExtendRefreshTokenViewModel { AccessToken = userToken.Data.AccessToken, RefreshToken = userToken.Data.RefreshToken }; return(new ExtendAccessTokenCommandResponse(true, ResultCode.Success, tokens)); }