public async Task <IActionResult> RenewAccessToken([FromBody] RequestAuthDto request)
{
ModelValidator.Validate(request);
var refreshToken = Request.Cookies["refreshToken"];
string ipaddress = Helper.getIPAddress(this.Request);
var authResponse = await authService.RenewAccessToken(request, ipaddress);
if (authResponse == null)
{
return(AppResponse.Unauthorized("Invalid Token"));
}
if (string.IsNullOrEmpty(authResponse.Token.AccessToken) || string.IsNullOrEmpty(authResponse.Token.RefreshToken))
{
return(AppResponse.Unauthorized("Invalid Token"));
}
setTokenCookie(authResponse.Token.RefreshToken);
return(AppResponse.Success(authResponse));
}
public async Task <ResponseAuthDto> RenewAccessToken(RequestAuthDto request, string ipAddress = "")
{
JwtSecurityToken decodedToken = this.tokenService.decodeToken(request.RefreshToken);
var user = await this.unitOfWork.Users.GetByIdAsync(int.Parse(decodedToken.Subject));
if (user == null)
{
throw new AppException("Invalid token.");
}
var tokenRecord = await this.unitOfWork.Users.GetUserRefreshToken(request.RefreshToken);
if (tokenRecord == null)
{
throw new AppException("Invalid refresh token.");
}
//Access token should be verified.
//because on the token storage it's been save as a paired token (access and refresh token are saved together)
if (tokenRecord.AccessToken != request.AccessToken)
{
throw new AppException("Invalid access token.");
}
if (tokenRecord.BlackListed)
{
throw new AppException("Token is blacklisted.");
}
if (tokenRecord.ExpiresAt.Subtract(DateTime.UtcNow).TotalSeconds <= 0)
{
throw new AppException("Refresh token is expired.");
}
//AutoMapper.Mapper.Map<Destination>(source);
var userInfo = _mapper.Map <UserInfo>(user);
TokenDto newAccessToken = tokenService.generateAccessToken(userInfo);
TokenDto newRefreshToken = tokenService.generateRefreshToken(userInfo);
await this.unitOfWork.Users.BlackListed(tokenRecord.TokenId);
var token = new UserTokenData()
{
AccessToken = newAccessToken.EncodedToken,
RefreshToken = newRefreshToken.EncodedToken,
BlackListed = false,
ExpiresAt = newRefreshToken.TokenModel.ValidTo,
CreatedAt = newRefreshToken.TokenModel.IssuedAt,
CreatedByIP = ipAddress
};
await this.unitOfWork.Users.AddRefreshTokenAsync(token);
var tokenInfo = new TokenInfoDto
{
AccessToken = newAccessToken.EncodedToken,
RefreshToken = newRefreshToken.EncodedToken,
ExpiresAt = newRefreshToken.TokenModel.ValidTo,
TokenType = JwtBearerDefaults.AuthenticationScheme
};
return(new ResponseAuthDto
{
Token = tokenInfo,
User = userInfo
});
}
