public async Task <ActionResult> RefreshToken([FromBody] RefreshTokenRequest request)
{
try
{
var userName = User.Identity.Name;
_logger.LogInformation($"User [{userName}] is trying to refresh JWT token.");
if (string.IsNullOrWhiteSpace(request.RefreshToken))
{
return(Unauthorized());
}
var accessToken = await HttpContext.GetTokenAsync("Bearer", "access_token");
var jwtResult = _jwtAuthManager.Refresh(request.RefreshToken, accessToken, DateTime.Now);
_logger.LogInformation($"User [{userName}] has refreshed JWT token.");
return(Ok(new LoginResult
{
UserName = userName,
Role = User.FindFirst(ClaimTypes.Role)?.Value ?? string.Empty,
AccessToken = jwtResult.AccessToken,
RefreshToken = jwtResult.RefreshToken.TokenString
}));
}
catch (SecurityTokenException e)
{
return(Unauthorized(e.Message)); // return 401 so that the client side can redirect the user to login page
}
}