public async Task <IActionResult> RefreshToken([FromBody] TokensDTO tokens)
{
return(await HandleRequestAsync(async() =>
{
return Ok(await _jwtTokenService.RefreshAuthToken(tokens.Token, tokens.RefreshToken));
}));
}
public async Task <TokensDTO> RefreshAuthToken(string oldAuthToken, string refreshToken)
{
var principal = this.GetPrincipalFromExpiredToken(oldAuthToken);
var username = principal.FindFirstValue("name");
var user = await _userManager.Users.FirstOrDefaultAsync(t => t.UserName == username);
if (user == null)
{
throw new Exception("Tokens are invalid");
}
var userRefreshToken =
await _context.RefreshTokens
.Include(t => t.User)
.SingleOrDefaultAsync(t => t.User.Id == user.Id && t.Token == refreshToken);
if (userRefreshToken == null)
{
throw new Exception("Tokens are invalid");
}
TokensDTO model = new TokensDTO()
{
Token = CreateToken(user),
RefreshToken = CreateRefreshToken(user)
};
return(model);
}
public async Task <ActionResult <TokensDTO> > Refresh([FromBody] TokensDTO tokens)
{
var principal = TokenHelper.GetPrincipalFromExpiredToken(tokens.Token);
var pseudo = principal.Identity.Name;
var savedRefreshToken = await _tokenHelper.GetRefreshTokenAsync(pseudo);
if (savedRefreshToken != tokens.RefreshToken)
{
throw new SecurityTokenException("Invalid refresh token");
}
var newToken = TokenHelper.GenerateJwtToken(principal.Claims);
var newRefreshToken = TokenHelper.GenerateRefreshToken();
await _tokenHelper.SaveRefreshTokenAsync(pseudo, newRefreshToken);
return(new TokensDTO {
Token = newToken,
RefreshToken = newRefreshToken
});
}
public IActionResult SetDataLogin(TokensDTO logindto)
{
HttpContext.Session.SetString("refreshtoken", logindto.refreshToken);
HttpContext.Session.SetString("token", logindto.token);
return(Redirect("/"));
}
