public async Task <IActionResult> Remove(int id)
{
try
{
var result = await refreshTokenRepository.Remove(id);
if (result != null)
{
return(Ok(new
{
Results = result
}));
}
else
{
return(BadRequest(new
{
Errors = new { Code = "InvalidId", Description = "Invalid Id!" }
}));
}
}
catch (Exception e)
{
Console.WriteLine($"ErrorMesages: {e}");
return(BadRequest(new
{
Errors = new { Code = "InvalidId", Description = "Invalid Id!" }
}));
}
}
private async Task <bool> RevokeRefreshToken()
{
string accessToken = HttpContext.Request.Cookies["accessToken"];
string refreshToken = HttpContext.Request.Cookies["refreshToken"];
if (accessToken == null || refreshToken == null)
{
return(true);
}
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(accessToken);
var tokenS = handler.ReadToken(accessToken) as JwtSecurityToken;
var userName = tokenS.Claims.First(claim => claim.Type == "unique_name").Value;
var identityUser = await userManager.FindByNameAsync(userName);
if (identityUser == null)
{
return(false);
}
var refreshTokens = refreshTokenRepository.GetByUserId(identityUser.Id);
var selectedRefreshToken = refreshTokens.Where <RefreshToken>(c => c.Token == refreshToken).FirstOrDefault();
if (selectedRefreshToken != null)
{
await refreshTokenRepository.Remove(selectedRefreshToken.Id);
}
// Set Token Cookie
var cookieOptions = new CookieOptions
{
HttpOnly = true,
Secure = true,
SameSite = SameSiteMode.None,
Expires = DateTime.UtcNow.AddDays(-1)
};
HttpContext.Response.Cookies.Append("accessToken", "", cookieOptions);
HttpContext.Response.Cookies.Append("refreshToken", "", cookieOptions);
return(true);
}
public async Task Invoke(HttpContext httpContext, IOptions <JwtBearerTokenSettings> jwtTokenOptions, UserManager <User> userMgr, RefreshTokenRepository refreshTokenRepository)
{
string accessToken = httpContext.Request.Cookies["accessToken"];
string refreshToken = httpContext.Request.Cookies["refreshToken"];
httpContext.Items["accessToken"] = httpContext.Request.Cookies["accessToken"];
if (accessToken != null && refreshToken != null)
{
var tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token = tokenHandler.ReadJwtToken(accessToken);
var expDate = token.ValidTo;
if (expDate < DateTime.UtcNow)
{
var nameid = token.Claims.Where(c => c.Type == "nameid").FirstOrDefault();
RefreshToken refresh = refreshTokenRepository.GetByUserIdAndToken(nameid.Value, refreshToken);
User identityUser = await userMgr.FindByIdAsync(nameid.Value);
if (refresh != null)
{
if (refresh.ExpiryOn < DateTime.UtcNow || identityUser.IsLocked == true)
{
await refreshTokenRepository.Remove(refresh.Id);
// Set Token Cookie
var cookieOptions = new CookieOptions
{
HttpOnly = true,
Secure = true,
SameSite = SameSiteMode.None,
Expires = DateTime.UtcNow.AddDays(-1)
};
httpContext.Response.Cookies.Append("accessToken", "", cookieOptions);
httpContext.Response.Cookies.Append("refreshToken", "", cookieOptions);
httpContext.Items["accessToken"] = "";
}
else
{
var key = Encoding.UTF8.GetBytes(jwtTokenOptions.Value.SecretKey);
var unique_name = token.Claims.Where(c => c.Type == "unique_name").FirstOrDefault();
var email = token.Claims.Where(c => c.Type == "email").FirstOrDefault();
var role = token.Claims.Where(c => c.Type == "role").FirstOrDefault();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, nameid.Value),
new Claim(ClaimTypes.Name, unique_name.Value),
new Claim(ClaimTypes.Email, email.Value),
new Claim(ClaimTypes.Role, role.Value)
}),
Expires = DateTime.UtcNow.AddSeconds(jwtTokenOptions.Value.ExpiryTimeInSeconds),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
Audience = jwtTokenOptions.Value.Audience,
Issuer = jwtTokenOptions.Value.Issuer
};
// Set Access Token Cookie
var accessTokenCookieOptions = new CookieOptions
{
HttpOnly = true,
Secure = true,
SameSite = SameSiteMode.None
//Expires = DateTime.UtcNow.AddDays(7)
};
httpContext.Response.Cookies.Append("accessToken", tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)), accessTokenCookieOptions);
httpContext.Items["accessToken"] = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
}
}
}
}
//httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
await nextDelegate.Invoke(httpContext);
}
