private async Task <IActionResult> GenerateNewToken(TokenRequest model) { var user = await userManager.FindByNameAsync(model.Username); if (user != null && await userManager.CheckPasswordAsync(user, model.Password)) { if (!await userManager.IsEmailConfirmedAsync(user)) { return(BadRequest(new { response = ApiMessages.AccountNotConfirmed() })); } var newRefreshToken = CreateRefreshToken(appSettings.ClientId, user.Id); var oldRefreshTokens = db.Tokens.Where(rt => rt.UserId == user.Id); if (oldRefreshTokens != null) { foreach (var token in oldRefreshTokens) { db.Tokens.Remove(token); } } db.Tokens.Add(newRefreshToken); await db.SaveChangesAsync(); var accessToken = await CreateAccessToken(user, newRefreshToken.Value); return(Ok(new { response = accessToken })); } return(Unauthorized(new { response = ApiMessages.AuthenticationFailed() })); }
private async Task <IActionResult> RefreshToken(TokenRequest model) { try { var rt = db.Tokens.FirstOrDefault(t => t.ClientId == appSettings.ClientId && t.Value == model.RefreshToken.ToString()); if (rt == null) { return(new UnauthorizedResult()); } if (rt.ExpiryTime < DateTime.UtcNow) { return(Unauthorized(new { response = ApiMessages.AuthenticationFailed() })); } var user = await userManager.FindByIdAsync(rt.UserId); if (user == null) { return(Unauthorized(new { response = ApiMessages.AuthenticationFailed() })); } var rtNew = CreateRefreshToken(rt.ClientId, rt.UserId); db.Tokens.Remove(rt); db.Tokens.Add(rtNew); db.SaveChanges(); var token = await CreateAccessToken(user, rtNew.Value); return(Ok(new { response = token })); } catch { return(Unauthorized(new { response = ApiMessages.AuthenticationFailed() })); } }
public async Task <IActionResult> Auth([FromBody] TokenRequest model) { switch (model.GrantType) { case "password": return(await GenerateNewToken(model)); case "refresh_token": return(await RefreshToken(model)); default: return(Unauthorized(new { response = ApiMessages.AuthenticationFailed() })); } }
private async Task <IActionResult> GenerateNewToken(TokenRequest model) { var user = await userManager.FindByNameAsync(model.Username); if (user != null && user.IsActive && await userManager.CheckPasswordAsync(user, model.Password)) { if (this.IsFirstLogin(user)) { await this.UpdateFirstLogin(user); } else { if (IsOneTimePasswordChanged(user) == false) { return(StatusCode(401, new { response = ApiMessages.AuthenticationFailed() })); } } if (!await userManager.IsEmailConfirmedAsync(user)) { return(StatusCode(495, new { response = ApiMessages.AccountNotConfirmed() })); } var newRefreshToken = CreateRefreshToken(settings.ClientId, user.Id); var oldRefreshTokens = db.Tokens.Where(rt => rt.UserId == user.Id); if (oldRefreshTokens != null) { foreach (var token in oldRefreshTokens) { db.Tokens.Remove(token); } } db.Tokens.Add(newRefreshToken); await db.SaveChangesAsync(); var accessToken = await CreateAccessToken(user, newRefreshToken.Value); return(StatusCode(200, new { response = accessToken })); } return(StatusCode(401, new { response = ApiMessages.AuthenticationFailed() })); }