public async Task <User> Handle(Query request, CancellationToken cancellationToken) { // handler logic goes here var user = await _userManager.FindByEmailAsync(request.Email); if (user == null) { throw new RestException(HttpStatusCode.Unauthorized); } if (!user.EmailConfirmed) { throw new RestException(HttpStatusCode.BadRequest, new { Email = "Email is not confirmed" }); } var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false); if (result.Succeeded) { var refreshToken = _jwtGenerator.GetRefreshToken(); user.RefreshTokens.Add(refreshToken); await _userManager.UpdateAsync(user); return(new User(user, _jwtGenerator, refreshToken.Token)); } throw new RestException(HttpStatusCode.Unauthorized); }
public async Task <User> Handle(Command request, CancellationToken cancellationToken) { //Get the current logged in user var user = await _userManager.FindByNameAsync(_userAccessor.GetCurrentUsername()); // Check if the previouly held refresh token (old token) is valid var oldToken = user.RefreshTokens.SingleOrDefault(x => x.Token == request.RefreshToken); // If not throw Application error 'Unauthorized' if (oldToken != null && !oldToken.IsActive) { throw new RestException(HttpStatusCode.Unauthorized); } // Revoke the old token if having one if (oldToken != null) { oldToken.Revoked = DateTime.UtcNow; } // Create a new refresh token var newRefreshToken = _jwtGenerator.GetRefreshToken(); // Add the newly created refresh token to the user user.RefreshTokens.Add(newRefreshToken); // Update the user in database await _userManager.UpdateAsync(user); // Return the user with a new refresh token. return(new User(user, _jwtGenerator, newRefreshToken.Token)); }
public async Task <User> Handle(Query request, CancellationToken cancellationToken) { var user = await _userManager.FindByNameAsync(_userAccessor.GetCurrentUsername()); var refreshToken = _jwtGenerator.GetRefreshToken(); user.RefreshTokens.Add(refreshToken); await _userManager.UpdateAsync(user); return(new User(user, _jwtGenerator, refreshToken.Token)); }
public async Task <User> Handle(Query request, CancellationToken cancellationToken) { // handler logic goes here var userInfo = await _facebookAccessor.FacebookLogin(request.AccessToken); if (userInfo == null) { throw new RestException(HttpStatusCode.BadRequest, new { User = "******" }); } var user = await _userManager.FindByEmailAsync(userInfo.Email); var refreshToken = _jwtGenerator.GetRefreshToken(); if (user != null) { user.RefreshTokens.Add(refreshToken); await _userManager.UpdateAsync(user); return(new User(user, _jwtGenerator, refreshToken.Token)); } user = new AppUser { DisplayName = userInfo.Name, Id = userInfo.Id, Email = userInfo.Email, UserName = "******" + userInfo.Id, EmailConfirmed = true }; var photo = new Photo { Id = "fb_" + userInfo.Id, Url = userInfo.Picture.Data.Url, IsMain = true }; user.Photos.Add(photo); user.RefreshTokens.Add(refreshToken); var result = await _userManager.CreateAsync(user); if (!result.Succeeded) { throw new RestException(HttpStatusCode.BadRequest, new { User = "******" }); } return(new User(user, _jwtGenerator, refreshToken.Token)); }