public async Task <IActionResult> RenewAccessToken([FromBody] RequestAuthDto request) { ModelValidator.Validate(request); var refreshToken = Request.Cookies["refreshToken"]; string ipaddress = Helper.getIPAddress(this.Request); var authResponse = await authService.RenewAccessToken(request, ipaddress); if (authResponse == null) { return(AppResponse.Unauthorized("Invalid Token")); } if (string.IsNullOrEmpty(authResponse.Token.AccessToken) || string.IsNullOrEmpty(authResponse.Token.RefreshToken)) { return(AppResponse.Unauthorized("Invalid Token")); } setTokenCookie(authResponse.Token.RefreshToken); return(AppResponse.Success(authResponse)); }
public async Task <ResponseAuthDto> RenewAccessToken(RequestAuthDto request, string ipAddress = "") { JwtSecurityToken decodedToken = this.tokenService.decodeToken(request.RefreshToken); var user = await this.unitOfWork.Users.GetByIdAsync(int.Parse(decodedToken.Subject)); if (user == null) { throw new AppException("Invalid token."); } var tokenRecord = await this.unitOfWork.Users.GetUserRefreshToken(request.RefreshToken); if (tokenRecord == null) { throw new AppException("Invalid refresh token."); } //Access token should be verified. //because on the token storage it's been save as a paired token (access and refresh token are saved together) if (tokenRecord.AccessToken != request.AccessToken) { throw new AppException("Invalid access token."); } if (tokenRecord.BlackListed) { throw new AppException("Token is blacklisted."); } if (tokenRecord.ExpiresAt.Subtract(DateTime.UtcNow).TotalSeconds <= 0) { throw new AppException("Refresh token is expired."); } //AutoMapper.Mapper.Map<Destination>(source); var userInfo = _mapper.Map <UserInfo>(user); TokenDto newAccessToken = tokenService.generateAccessToken(userInfo); TokenDto newRefreshToken = tokenService.generateRefreshToken(userInfo); await this.unitOfWork.Users.BlackListed(tokenRecord.TokenId); var token = new UserTokenData() { AccessToken = newAccessToken.EncodedToken, RefreshToken = newRefreshToken.EncodedToken, BlackListed = false, ExpiresAt = newRefreshToken.TokenModel.ValidTo, CreatedAt = newRefreshToken.TokenModel.IssuedAt, CreatedByIP = ipAddress }; await this.unitOfWork.Users.AddRefreshTokenAsync(token); var tokenInfo = new TokenInfoDto { AccessToken = newAccessToken.EncodedToken, RefreshToken = newRefreshToken.EncodedToken, ExpiresAt = newRefreshToken.TokenModel.ValidTo, TokenType = JwtBearerDefaults.AuthenticationScheme }; return(new ResponseAuthDto { Token = tokenInfo, User = userInfo }); }