public async Task <RefreshTokenResultModel> RefreshToken(string authenticationToken, string refreshToken)
{
var principal = _jwtGenerator.GetPrincipalFromExpiredToken(_jwtSettings, authenticationToken);
var username = principal.Identity.Name; //this is mapped to the Name claim by default
var user = _context.UserRefreshTokens.SingleOrDefault(u => u.Username == username);
if (user == null || user.RefreshToken != refreshToken)
{
throw new Exception("wrong refresh token");
}
var account = await _userManager.FindByNameAsync(principal.Identity.Name);
var userRoles = await _userManager.GetRolesAsync(account);
var newJwtToken = _jwtGenerator.GenerateToken(_jwtSettings, new JwtModel
{
Username = account.UserName,
Roles = userRoles
});
var newRefreshToken = _jwtGenerator.GenerateRefreshToken();
user.RefreshToken = newRefreshToken;
await _context.SaveChangesAsync();
return(new RefreshTokenResultModel
{
AccessToken = newJwtToken,
RefreshToken = newRefreshToken
});
}
public async Task <IActionResult> Refresh(RefreshTokenDTO refreshTokenDTO)
{
try
{
var principal = _jwtGenerator.GetPrincipalFromExpiredToken(refreshTokenDTO.Token);
// email pawa jay na for loop diye
string email = null;
var tempClaimPrincipal = principal.Claims.ToList();
email = tempClaimPrincipal[2].Value;
//-----
var userExist = await _userManager.FindByEmailAsync(email);
if (userExist == null || userExist.RefreshToken != refreshTokenDTO.RefreshToken)
{
return(BadRequest($"this {email} is not resisrered"));
}
var role = await _userManager.GetRolesAsync(userExist);
//string[] roleAssigned = role.ToArray();
return(Ok(_jwtGenerator.CreateToken(userExist, role.ToList())));
}
catch (Exception ex)
{
throw;
}
}
public async Task <UserDto> Handle(CurrentUserCommand request, CancellationToken cancellationToken)
{
var token = AppContext.Current.Request.Headers[HeaderNames.Authorization].ToString().Replace("Bearer ", "");
var refreshToken = AppContext.Current.Request.Cookies[Constants.RefreshToken];
var principal = _jwtGenerator.GetPrincipalFromExpiredToken(token);
var username = principal.Claims.FirstOrDefault(x => x.Type == ClaimTypes.NameIdentifier)?.Value;
var user = await _context.Users
.Where(x => x.UserName == username)
.Include(x => x.RefreshTokens)
.SingleOrDefaultAsync(x => x.RefreshTokens.Any(y => y.Token == refreshToken),
cancellationToken);
if (user == null)
{
ThrowUnauthorized();
}
var oldToken = user !.RefreshTokens.SingleOrDefault(x => x.Token == refreshToken);
if (oldToken != null && !oldToken.IsActive)
{
ThrowUnauthorized();
}
if (oldToken != null)
{
oldToken.Revoked = DateTime.UtcNow;
}
var newRefreshToken = _jwtGenerator.GenerateRefreshToken(user);
await _context.RefreshTokens.AddAsync(newRefreshToken, cancellationToken);
var revokedTokens = user.RefreshTokens.Where(x => x.IsExpired);
_context.RefreshTokens.RemoveRange(revokedTokens);
var success = await _context.SaveChangesAsync(cancellationToken) > 0;
if (success)
{
_cookieService.SetTokenCookie(newRefreshToken.Token);
return(new UserDto
{
UserName = user.UserName,
Token = _jwtGenerator.GenerateAccessToken(user),
RefreshToken = newRefreshToken.Token
});
}
throw new Exception(Constants.ServerSavingError);
}
public async Task <TokenResponse> Handle(RefreshTokenCommand request, CancellationToken cancellationToken)
{
var token = new TokenResponse();
var principal = jwtGenerator.GetPrincipalFromExpiredToken(request.Token);
// email pawa jay na for loop diye
string email = null;
var tempClaimPrincipal = principal.Claims.ToList();
email = tempClaimPrincipal[2].Value;
//-----
var userExist = this.repository.GetItem <User>(x => x.Email == email);
if (userExist == null || userExist.RefreshToken != request.RefreshToken)
{
return(null);
}
var role = userExist.Roles;
string[] roleAssigned = role.ToArray();
token = jwtGenerator.CreateToken(userExist, roleAssigned);
return(token);
}