public async Task <PasswordUpdateDto> PasswordUpdateAsync(string userId, string password, string token)
{
var user = await _userManager.FindByIdAsync(userId);
if (user is null)
{
return new PasswordUpdateDto {
Errors = new[] { "This user does not exist anymore" }, CriticalError = true
}
}
;
var passwordUpdateResult = await _userManager.ResetPasswordAsync(user, token, password);
if (!passwordUpdateResult.Succeeded)
{
//Valid token
if (passwordUpdateResult.Errors.FirstOrDefault(x => x.Description == "Invalid token.") is null)
{
return new PasswordUpdateDto {
Errors = passwordUpdateResult.Errors.Select(x => x.Description)
}
}
;
//-----------
//Invalid token
return(new PasswordUpdateDto {
Errors = new[] { "Expired link, please make another request" }
});
//-------------
}
var refreshToken = _dataContext.RefreshTokens.FirstOrDefault(x => x.UserId == user.Id);
if (refreshToken != null)
{
refreshToken.Invalidated = true;
}
await _dataContext.SaveChangesAsync();
return(new PasswordUpdateDto {
Success = true
});
}
public async Task <AuthenticationDto> RefreshTokenAsync(string token, string refreshToken)
{
var validatedToken = GetPrincipalFromToken(token);
if (validatedToken is null)
{
return new AuthenticationDto {
Errors = new[] { "Invalid Token" }, CriticalError = true
}
}
;
var expiryDateUnix =
long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)
.AddSeconds(expiryDateUnix);
var storedRefreshToken = await _context.RefreshTokens.SingleOrDefaultAsync(x => x.Token == refreshToken);
if (storedRefreshToken is null)
{
return new AuthenticationDto {
Errors = new[] { "This refresh token does not exist" }, CriticalError = true
}
}
;
if (storedRefreshToken.Invalidated)
{
return new AuthenticationDto {
Errors = new[] { "This refresh token has been invalidated" }, CriticalError = true
}
}
;
if (expiryDateTimeUtc > DateTime.UtcNow)
{
return new AuthenticationDto {
Errors = new[] { "This token hasn't expired jet" }
}
}
;
if (storedRefreshToken.Used)
{
return new AuthenticationDto {
Errors = new[] { "This refresh token has been used" }, CriticalError = true
}
}
;
if (DateTime.UtcNow > storedRefreshToken.ExpiryDate)
{
return new AuthenticationDto {
Errors = new[] { "This refresh token has expired" }, CriticalError = true
}
}
;
var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
if (storedRefreshToken.JwtId != jti)
{
return new AuthenticationDto {
Errors = new[] { "This refresh token does not match this JWT" }, CriticalError = true
}
}
;
storedRefreshToken.Used = true;
_context.RefreshTokens.Update(storedRefreshToken);
await _context.SaveChangesAsync();
var user = await _userManager.FindByIdAsync(validatedToken.Claims
.Single(x => x.Type == "userId").Value);
return(await GenerateAuthenticationResultForUserAsync(user));
}
