Exemple #1
0
        public async Task <PasswordUpdateDto> PasswordUpdateAsync(string userId, string password, string token)
        {
            var user = await _userManager.FindByIdAsync(userId);

            if (user is null)
            {
                return new PasswordUpdateDto {
                           Errors = new[] { "This user does not exist anymore" }, CriticalError = true
                }
            }
            ;

            var passwordUpdateResult = await _userManager.ResetPasswordAsync(user, token, password);

            if (!passwordUpdateResult.Succeeded)
            {
                //Valid token
                if (passwordUpdateResult.Errors.FirstOrDefault(x => x.Description == "Invalid token.") is null)
                {
                    return new PasswordUpdateDto {
                               Errors = passwordUpdateResult.Errors.Select(x => x.Description)
                    }
                }
                ;

                //-----------

                //Invalid token
                return(new PasswordUpdateDto {
                    Errors = new[] { "Expired link, please make another request" }
                });
                //-------------
            }

            var refreshToken = _dataContext.RefreshTokens.FirstOrDefault(x => x.UserId == user.Id);

            if (refreshToken != null)
            {
                refreshToken.Invalidated = true;
            }

            await _dataContext.SaveChangesAsync();

            return(new PasswordUpdateDto {
                Success = true
            });
        }
        public async Task <AuthenticationDto> RefreshTokenAsync(string token, string refreshToken)
        {
            var validatedToken = GetPrincipalFromToken(token);

            if (validatedToken is null)
            {
                return new AuthenticationDto {
                           Errors = new[] { "Invalid Token" }, CriticalError = true
                }
            }
            ;

            var expiryDateUnix =
                long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);

            var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)
                                    .AddSeconds(expiryDateUnix);

            var storedRefreshToken = await _context.RefreshTokens.SingleOrDefaultAsync(x => x.Token == refreshToken);

            if (storedRefreshToken is null)
            {
                return new AuthenticationDto {
                           Errors = new[] { "This refresh token does not exist" }, CriticalError = true
                }
            }
            ;

            if (storedRefreshToken.Invalidated)
            {
                return new AuthenticationDto {
                           Errors = new[] { "This refresh token has been invalidated" }, CriticalError = true
                }
            }
            ;

            if (expiryDateTimeUtc > DateTime.UtcNow)
            {
                return new AuthenticationDto {
                           Errors = new[] { "This token hasn't expired jet" }
                }
            }
            ;

            if (storedRefreshToken.Used)
            {
                return new AuthenticationDto {
                           Errors = new[] { "This refresh token has been used" }, CriticalError = true
                }
            }
            ;

            if (DateTime.UtcNow > storedRefreshToken.ExpiryDate)
            {
                return new AuthenticationDto {
                           Errors = new[] { "This refresh token has expired" }, CriticalError = true
                }
            }
            ;

            var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;

            if (storedRefreshToken.JwtId != jti)
            {
                return new AuthenticationDto {
                           Errors = new[] { "This refresh token does not match this JWT" }, CriticalError = true
                }
            }
            ;

            storedRefreshToken.Used = true;
            _context.RefreshTokens.Update(storedRefreshToken);
            await _context.SaveChangesAsync();

            var user = await _userManager.FindByIdAsync(validatedToken.Claims
                                                        .Single(x => x.Type == "userId").Value);

            return(await GenerateAuthenticationResultForUserAsync(user));
        }