public async Task <ActionResult> RevokeTokenAsync([FromBody] TokenRevokeRequest request) { var requestDTO = new TokenRevokeDTO { RefreshToken = request.RefreshToken, UserName = User.Identity.Name }; await authService.RevokeTokenAsync(requestDTO); return(Ok()); }
public async Task <IActionResult> RevokeAsync() { string userEmail = User.Identity.Name; string refreshToken = HttpContext.Request.Cookies["refreshToken"]; var request = new TokenRevokeDTO { Email = userEmail, RefreshToken = refreshToken }; await authService.RevokeTokenAsync(request); return(Ok()); }
public async Task RevokeTokenAsync(TokenRevokeDTO revokeRequest) { var user = await usersRepository.GetUserOrDefaultByUserNameAsync(revokeRequest.UserName); if (user == null) { throw new BadRequestException("Not valid user!"); } bool validRefreshToken = await usersRepository.HasRefreshTokenAsync(user, revokeRequest.RefreshToken); if (!validRefreshToken) { throw new BadRequestException("Not valid refresh token!"); } await usersRepository.DeleteRefreshTokenAsync(user, revokeRequest.RefreshToken); }
public async Task RevokeTokenAsync(TokenRevokeDTO request) { User user = await usersRepository.FindByEmailAsync(request.Email); if (user == null) { throw new BadRequestException("User does not exist!"); } RefreshToken refreshToken = usersRepository.GetRefreshToken(user, request.RefreshToken); if (refreshToken == null) { throw new ForbiddenException("Refresh token is not valid!"); } await usersRepository.DeleteRefreshTokenAsync(refreshToken); }