public async Task <ResultModel <object> > SaveToken(TokenRefreshDTO model)
{
ResultModel <object> result = new ResultModel <object>();
try
{
using (var transaction = _context.Database.BeginTransaction()) {
try
{
var token = _mapper.Map <TokenRefreshDTO, TokenRefresh>(model);
await _context.TokenRefreshes.AddAsync(token);
await _context.SaveChangesAsync();
transaction.Commit();
result.SetSuccess("success");
}
catch (Exception ex)
{
transaction.Rollback();
throw new Exception(ex.Message);
}
}
}
catch (Exception ex)
{
result.SetFailed(ex.Message);
_logging.WriteErr(ex);
}
return(result);
}
public async Task <TokenDTO> RefreshAsync(TokenRefreshDTO dto)
{
return(new TokenDTO()
{
Access_token = "part1.part2.part3",
Token_type = "bearer",
Expires_in = 1799,
Refresh_token = "1234567890",
});
}
public async Task <AuthResultDTO> GenerateToken(int userId, string userName, string fullName)
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Security:Tokens:Key"]));
var token = new JwtSecurityToken(
issuer: _configuration["Security:Tokens:Issuer"],
audience: _configuration["Security:Tokens:Audience"],
claims: new[]
{
new Claim(type: "Id", value: userId.ToString()),
new Claim(ClaimTypes.Name, userName),
new Claim(ClaimTypes.NameIdentifier, userId.ToString()),
new Claim(ClaimTypes.Surname, fullName ?? string.Empty),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
},
expires: DateTime.UtcNow.AddMinutes(1),
notBefore: DateTime.UtcNow,
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
);
var jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
var tokenRefresh = new TokenRefreshDTO()
{
JwtId = token.Id,
IsUsed = false,
UserId = userId,
AddedDate = DateTime.UtcNow,
ExpiryDate = DateTime.UtcNow.AddYears(1),
IsRevoked = false,
Token = RandomString(25) + Guid.NewGuid()
};
await _user.SaveToken(tokenRefresh);
Response.Cookies.Append("X-Access-Token", jwtToken, new CookieOptions()
{
HttpOnly = true, SameSite = SameSiteMode.Strict
});
Response.Cookies.Append("X-Refresh-Token", tokenRefresh.Token, new CookieOptions()
{
HttpOnly = true, SameSite = SameSiteMode.Strict
});
return(new AuthResultDTO()
{
Token = jwtToken,
Success = true,
RefreshToken = tokenRefresh.Token
});
}
public IActionResult updateTokens([FromBody] TokenRefreshDTO tokenRefreshDTO)
{
try
{
if (tokenRefreshDTO.Token == null)
{
return(StatusCode(401));
}
string refreshToken = _userService.updateTokens(tokenRefreshDTO.Token, tokenRefreshDTO.UserId);
if (refreshToken == null)
{
return(StatusCode(401));
}
UserDTO userDTO = _userService.GetUserData(tokenRefreshDTO.UserId);//_userService.GetUserAccount(userDTO.Email, userDTO.Password);
if (userDTO == null)
{
return(StatusCode(401));
}
var claims = new[] {
new Claim(ClaimsIdentity.DefaultNameClaimType, userDTO.Email),
new Claim(ClaimTypes.Role, userDTO.Role.Name)
};
var tokenExpires = DateTime.Now.Add(TimeSpan.FromMinutes(_jwtAuthentication.Value.Lifetime));
var token = _userService.createToken(claims, tokenExpires);
var response = new
{
access_token = token,
refresh_token = refreshToken,
expires = tokenExpires,
user = userDTO
};
return(Ok(response));
}
catch (Exception ex)
{
return(StatusCode(404));
}
}
public Task <TokenDTO> RefreshAsync(TokenRefreshDTO dto, CancellationToken cancellationToken)
{
throw new NotImplementedException();
}
