public IActionResult RefreshToken(string requestToken)
{
var result = _service.ExtractRefreshToken(requestToken);
if (result.login == null)
{
return(BadRequest(result.error));
}
else
{
var role = _service.GetRole(result.login);
var claims = new[]
{
new Claim(ClaimTypes.Name, result.login),
new Claim(ClaimTypes.Role, role)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SecretKey"]));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: credentials
);
var refreshToken = Guid.NewGuid();
if (_service.RefreshTokenInserted(result.login, refreshToken))
{
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken = refreshToken
}));
}
else
{
return(BadRequest("Couldn't insert token in DB"));
}
}
}
