public IActionResult Login([FromBody] APIUsers.Library.Models.UserMin user)
{
if (user == null)
{
return(BadRequest("Invalid client request"));
}
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorAzure");
using (APIUsers.Library.Interfaces.ILogin Login = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicioLogin(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)){
APIUsers.Library.Models.User objusr = Login.EstablecerLogin(user.Nick, user.Password);
if (objusr == null)
{
return(Unauthorized());
}
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, objusr.Nick),
new Claim(ClaimTypes.Role, objusr.Role),
new Claim("Id", objusr.ID.ToString()),
new Claim("imagen", objusr.Imagen)
};
var tokeOptions = new JwtSecurityToken(
issuer: "https://api03mtw102.azurewebsites.net",
audience: "https://api03mtw102.azurewebsites.net",
claims: claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: signinCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
var refreshString = GenerateRefreshToken();
objusr.RefreshToken = refreshString;
objusr.RefreshTokenExpiryTime = DateTime.Now.AddDays(7);
using (APIUsers.Library.Interfaces.IUser User = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
User.UpdateUserRefreshToken(objusr);
}
return(Ok(new {
Token = tokenString,
RefreshToken = refreshString
}));
}
}
public IActionResult Refresh(Models.Token token)
{
if (token is null)
{
return(BadRequest("Invalid client request"));
}
string accessToken = token.AccessToken;
string refreshToken = token.RefreshToken;
var principal = GetPrincipalFromExpiredToken(accessToken);
var username = principal.Identity.Name; //this is mapped to the Name claim by default
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorAzure");
using (APIUsers.Library.Interfaces.IUser User = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
APIUsers.Library.Models.User objusr = User.CheckRefreshToken(username);
if (objusr == null || objusr.RefreshToken != refreshToken || objusr.RefreshTokenExpiryTime <= DateTime.Now)
{
return(BadRequest("Invalid client request"));
}
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var tokeOptions = new JwtSecurityToken(
issuer: "https://api03mtw102.azurewebsites.net",
audience: "https://api03mtw102.azurewebsites.net",
claims: principal.Claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: signinCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
var refreshString = GenerateRefreshToken();
objusr.RefreshToken = refreshString;
objusr.RefreshTokenExpiryTime = DateTime.Now.AddDays(7);
using (APIUsers.Library.Interfaces.IUser User2 = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
User2.UpdateUserRefreshToken(objusr);
}
return(new ObjectResult(new
{
Token = tokenString,
RefreshToken = refreshString
}));
}
}
