public async Task <ActionResult> CurrentUser() { var currentUser = await _userManager.FindByNameAsync(User.Identity.Name); var roles = await _userManager.GetRolesAsync(currentUser); FantasyCriticUserViewModel vm = new FantasyCriticUserViewModel(currentUser, roles); return(Ok(vm)); }
public async Task <IActionResult> Refresh([FromBody] TokenRefreshRequest request) { var principal = _tokenService.GetPrincipalFromExpiredToken(request.Token); var emailAddress = principal.Identity.Name; //this is mapped to the Name claim by default var user = await _userManager.FindByNameAsync(emailAddress); if (user == null) { return(BadRequest()); } var refreshTokens = await _userManager.GetRefreshTokens(user); if (!refreshTokens.Contains(request.RefreshToken)) { return(BadRequest()); } string issuedTimeString = principal.Claims.FirstOrDefault(x => x.Type == "nbf")?.Value; if (issuedTimeString == null) { return(BadRequest("Invalid JWT.")); } Instant issuedTime = Instant.FromUnixTimeSeconds(Convert.ToInt64(issuedTimeString)); if (issuedTime < user.LastChangedCredentials) { return(StatusCode(401)); } var roles = await _userManager.GetRolesAsync(user); var claims = user.GetUserClaims(roles); var newJwtToken = _tokenService.GenerateAccessToken(claims); var newRefreshToken = _tokenService.GenerateRefreshToken(); await _userManager.RemoveRefreshToken(user, request.RefreshToken); await _userManager.AddRefreshToken(user, newRefreshToken); var newJwtString = new JwtSecurityTokenHandler().WriteToken(newJwtToken); return(new ObjectResult(new { token = newJwtString, refreshToken = newRefreshToken, expiration = newJwtToken.ValidTo })); }