public ActionResult User_ConfirmEmail(string token, string email) { byte[] encryptedEmail = HelperMethods.EncryptStringToBytes_Aes(email, _keyAndIV); User userToConfirm = _context.Users.Single(a => a.Email.SequenceEqual(encryptedEmail)); // check if email is already verified if (userToConfirm.EmailVerified) { ErrorMessage error = new ErrorMessage("Failed to confirm email", "Email address is already confirmed."); return(new BadRequestObjectResult(error)); } // verify that the email provided matches the email in the token. if (!encryptedEmail.SequenceEqual(HelperMethods.GetUserFromAccessToken(token, _context, _configuration.GetValue <string>("EmailConfirmationTokenKey")).Email)) { ErrorMessage error = new ErrorMessage("Failed to confirm email", "Token is invalid."); return(new BadRequestObjectResult(error)); } // ok now we save the users email as verified userToConfirm.EmailVerified = true; _context.Users.Update(userToConfirm); _context.SaveChanges(); return(Ok()); }
public IActionResult Refresh() { try { // attempt getting user from claims User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("UserJwtTokenKey")); // make sure this is a valid token for the user if (!HelperMethods.ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"])) { throw new SecurityTokenException("Invalid refresh token!"); } string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.Role, user.Email, _configuration.GetValue <string>("UserJwtTokenKey")); RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context); LoginResponse rtrn = new LoginResponse { ID = user.ID, AccessToken = newTokenStr, RefreshToken = new ReturnableRefreshToken(newRefToken) }; // append cookies after refresh HelperMethods.SetCookies(Response, newTokenStr, newRefToken); return(new OkObjectResult(rtrn)); } catch (Exception ex) { ErrorMessage error = new ErrorMessage("Error refreshing access.", ex.Message); return(new InternalServerErrorResult(error)); } }
public IActionResult Refresh() { // check for access token if (!Request.Headers.ContainsKey("AccessToken")) { ErrorMessage error = new ErrorMessage("Failed to refresh access", "User does not have the access token."); return(new BadRequestObjectResult(error)); } // check for refresh token if (!Request.Headers.ContainsKey("RefreshToken")) { ErrorMessage error = new ErrorMessage("Failed to refresh access", "User does not have the refresh token."); return(new BadRequestObjectResult(error)); } // attempt getting user from claims User user = HelperMethods.GetUserFromAccessToken(Request.Headers["AccessToken"].ToString(), _context, _configuration.GetValue <string>("UserJwtTokenKey"), _configuration.GetValue <string>("ApiUrl")); // make sure this is a valid token for the user if (!HelperMethods.ValidateRefreshToken(user, Request.Headers["RefreshToken"].ToString(), _keyAndIV)) { ErrorMessage error = new ErrorMessage("Invalid refresh token", "Refrsh token could not be validated."); return(new BadRequestObjectResult(error)); } string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.ID, _configuration.GetValue <string>("UserJwtTokenKey"), _configuration.GetValue <string>("ApiUrl")); RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context, _keyAndIV); LoginResponse rtrn = new LoginResponse { ID = user.ID, AccessToken = newTokenStr, RefreshToken = new ReturnableRefreshToken(newRefToken, _keyAndIV) }; return(new OkObjectResult(rtrn)); }
public string Refresh() { // attempt getting user from claims User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("JwtTokenKey")); ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"]); // make sure this is a valid token for the user string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.Role, user.Email, _configuration.GetValue <string>("JwtTokenKey")); RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context); string ret = HelperMethods.GenerateLoginResponse(newTokenStr, newRefToken, user.ID); _context.SaveChanges(); // save refresh token just before returning string to be safe // append cookies after refresh HelperMethods.SetCookies(Response, newTokenStr, newRefToken); return(ret); }
public IActionResult Refresh() { // attempt getting user from claims User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("UserJwtTokenKey")); // make sure this is a valid token for the user if (!HelperMethods.ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"])) { ErrorMessage error = new ErrorMessage("Invalid refresh token", "Refrsh token could not be validated."); return(new BadRequestObjectResult(error)); } string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.ID, _configuration.GetValue <string>("UserJwtTokenKey")); RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context); LoginResponse rtrn = new LoginResponse { ID = user.ID, AccessToken = newTokenStr, RefreshToken = new ReturnableRefreshToken(newRefToken) }; // append cookies after refresh HelperMethods.SetCookies(Response, newTokenStr, newRefToken); return(new OkObjectResult(rtrn)); }