public async Task <AuthenticationResult> AuthenticateAsync(RefreshTokenModel model)
{
_logger.LogInformation($"Authenticating: {model.Email}");
var tokenClaims = _deserializeToken.DeserializeToken(model.BearerToken);
var tokenEmail = GetEmailFromClaims(tokenClaims);
if (!model.Email.Equals(tokenEmail))
{
_logger.LogError($"Credentials do not match: {model.Email} || {tokenEmail}");
return(AuthenticationResult.CREDENTIALS_MISMATCH);
}
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
_logger.LogError($"User not found: {model.Email}");
return(AuthenticationResult.USER_NOT_FOUND);
}
if (await _userManager.IsLockedOutAsync(user))
{
_logger.LogError($"User locked out: {model.Email}");
return(AuthenticationResult.ACCOUNT_LOCKED);
}
if (user.RefreshTokenExpiry < DateTime.Now)
{
_logger.LogError($"Refresh Token Expired for: {model.Email}");
return(AuthenticationResult.EXPIRED_TOKEN);
}
if (!user.RefreshToken.Equals(model.RefreshToken))
{
_logger.LogError($"Refresh Token mismatch: {model.RefreshToken} || {user.RefreshToken}");
return(AuthenticationResult.CREDENTIALS_MISMATCH);
}
_logger.LogInformation($"Authenticated: {model.Email}");
return(AuthenticationResult.OK);
}
