public async Task <IActionResult> RefreshToken([FromQuery] string token) { var user = await _userService.GetUserByToken(token); if (user == null) { return(Ok(new { message = "User not found." })); } var ipAddress = await HttpHelper.GetIP4Address(HttpContext); var response = await JwtHelper.GenerateRefreshToken(ipAddress); if (response == null) { return(Unauthorized(new { message = "Invalid token" })); } var newToken = await JwtHelper.GenerateToken(user, _setting); await _userService.RefreshToken(token, ipAddress, newToken); return(Ok(new UserResponse { Id = user.Id, FirstName = user.FirstName, LastName = user.LastName, Username = user.Username, Token = newToken })); }
public IActionResult Refresh(TokenTransferDTO tokens) { var jwtHelper = new JwtHelper(); List <Claim> claims; Guid userId; try { claims = jwtHelper.GetClaimsFromExpiredToken(tokens.Token); userId = Guid.Parse(claims.First(claim => claim.Type == "userId").Value); } catch (Exception) { return(Forbid()); } var savedRefreshToken = _userRepository.GetRefreshTokens(userId); //retrieve the refresh token from a data store if (savedRefreshToken.All(rt => rt.Value != tokens.RefreshToken)) { throw new SecurityTokenException("Invalid refresh token"); } var newJwtToken = jwtHelper.GenerateToken(claims); var newRefreshToken = jwtHelper.GenerateRefreshToken(); _userRepository.DeleteRefreshToken(userId, tokens.RefreshToken); _userRepository.SaveRefreshToken(userId, newRefreshToken); return(new ObjectResult(new { token = newJwtToken, refreshToken = newRefreshToken })); }
public IActionResult Login(LoginDTO login) { var wasLoginSuccessful = _userRepository.Login(login.Username, login.Password); if (wasLoginSuccessful == null) { return(Forbid()); } var jwtHelper = new JwtHelper(); var newJwtToken = jwtHelper.GenerateToken(new List <Claim> { new Claim(ClaimTypes.Name, login.Username), new Claim("userId", $"{wasLoginSuccessful.Value}") }); var newRefreshToken = jwtHelper.GenerateRefreshToken(); _userRepository.SaveRefreshToken(wasLoginSuccessful.Value, newRefreshToken); return(Ok(new ObjectResult(new { token = newJwtToken, refreshToken = newRefreshToken, userId = wasLoginSuccessful.Value }))); }