public async Task <ActionResult <CustomerViewModel> > Login([FromBody] CustomerLoginViewModel customerLoginViewModel) { var customer = await _context.Customers .Where(u => u.Email == customerLoginViewModel.Email && u.PassWord == customerLoginViewModel.PassWord) .FirstOrDefaultAsync(); CustomerViewModel customerViewModel = null; if (customer == null) { return(Ok("Email hoặc mật khẩu không chính xác.")); } if (customer.IsBlocked) { return(Ok("Tài khoản đang tạm khóa.")); } if (customer != null) { RefreshTokenCustomer refreshToken = GenerateRefreshToken(); customer.RefreshTokenCustomers.Add(refreshToken); await _context.SaveChangesAsync(); customerViewModel = new CustomerViewModel(customer); customerViewModel.RefreshToken = refreshToken.Token; } //sign token here customerViewModel.AccessToken = GenerateAccessToken(customer.CustomerId); return(customerViewModel); }
private bool ValidateRefresh(Customer customer, string refreshToken) { RefreshTokenCustomer refreshTokenCustomer = _context.RefreshTokenCustomers.Where(rt => rt.Token == refreshToken) .OrderByDescending(rt => rt.ExpiryDate) .FirstOrDefault(); if (refreshTokenCustomer != null && refreshTokenCustomer.CustomerId == customer.CustomerId && refreshTokenCustomer.ExpiryDate > DateTime.UtcNow) { return(true); } return(false); }
private RefreshTokenCustomer GenerateRefreshToken() { RefreshTokenCustomer refreshToken = new RefreshTokenCustomer(); var randomNumber = new byte[32]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(randomNumber); refreshToken.Token = Convert.ToBase64String(randomNumber); } refreshToken.ExpiryDate = DateTime.UtcNow.AddDays(1); return(refreshToken); }