public IActionResult Refresh(TokenTransferDTO tokens)
{
var jwtHelper = new JwtHelper();
List <Claim> claims;
Guid userId;
try
{
claims = jwtHelper.GetClaimsFromExpiredToken(tokens.Token);
userId = Guid.Parse(claims.First(claim => claim.Type == "userId").Value);
}
catch (Exception)
{
return(Forbid());
}
var savedRefreshToken = _userRepository.GetRefreshTokens(userId); //retrieve the refresh token from a data store
if (savedRefreshToken.All(rt => rt.Value != tokens.RefreshToken))
{
throw new SecurityTokenException("Invalid refresh token");
}
var newJwtToken = jwtHelper.GenerateToken(claims);
var newRefreshToken = jwtHelper.GenerateRefreshToken();
_userRepository.DeleteRefreshToken(userId, tokens.RefreshToken);
_userRepository.SaveRefreshToken(userId, newRefreshToken);
return(new ObjectResult(new
{
token = newJwtToken,
refreshToken = newRefreshToken
}));
}
