/// <summary>
/// Creates an access token and refresh token for the user associated with the provided token
/// saves the new refresh token to database, overwriting the old token
/// refresh token will be set to expire after 30 days
/// </summary>
/// <param name="refreshToken"></param>
/// <returns>New Access and Refresh Tokens (to send to client), or null if the token is invalid or expired</returns>
public async Task <TokenPair> CreateAuthTokens(string refreshToken)
{
validationService.AssertNonNull(refreshToken, nameof(refreshToken));
var tokenDoc = await refreshTokenRepo.Find(refreshToken);
if (tokenDoc == null || tokenDoc.ExpiresAt < timeService.GetCurrentTime())
{
return(null);
}
try
{
await UpdateToken(tokenDoc);
}
catch (DocumentConflictException)
{
await UpdateToken(tokenDoc);
}
return(new TokenPair
{
RefreshToken = tokenDoc.Token,
AccessToken = tokenService.CreateAccessToken(tokenDoc.UID),
User = await userRepo.FindById(tokenDoc.UID),
Persistent = tokenDoc.Persistent
});
}
