public IActionResult Login([FromBody] APIUsers.Library.Models.UserMin user) { if (user == null) { return(BadRequest("Invalid client request")); } var ConnectionStringLocal = _configuration.GetValue <string>("ServidorAzure"); using (APIUsers.Library.Interfaces.ILogin Login = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicioLogin(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)){ APIUsers.Library.Models.User objusr = Login.EstablecerLogin(user.Nick, user.Password); if (objusr == null) { return(Unauthorized()); } var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey"))); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var claims = new List <Claim> { new Claim(ClaimTypes.Name, objusr.Nick), new Claim(ClaimTypes.Role, objusr.Role), new Claim("Id", objusr.ID.ToString()), new Claim("imagen", objusr.Imagen) }; var tokeOptions = new JwtSecurityToken( issuer: "https://api03mtw102.azurewebsites.net", audience: "https://api03mtw102.azurewebsites.net", claims: claims, expires: DateTime.Now.AddMinutes(120), signingCredentials: signinCredentials ); var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions); var refreshString = GenerateRefreshToken(); objusr.RefreshToken = refreshString; objusr.RefreshTokenExpiryTime = DateTime.Now.AddDays(7); using (APIUsers.Library.Interfaces.IUser User = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)) { User.UpdateUserRefreshToken(objusr); } return(Ok(new { Token = tokenString, RefreshToken = refreshString })); } }
public IActionResult Refresh(Models.Token token) { if (token is null) { return(BadRequest("Invalid client request")); } string accessToken = token.AccessToken; string refreshToken = token.RefreshToken; var principal = GetPrincipalFromExpiredToken(accessToken); var username = principal.Identity.Name; //this is mapped to the Name claim by default var ConnectionStringLocal = _configuration.GetValue <string>("ServidorAzure"); using (APIUsers.Library.Interfaces.IUser User = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)) { APIUsers.Library.Models.User objusr = User.CheckRefreshToken(username); if (objusr == null || objusr.RefreshToken != refreshToken || objusr.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey"))); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var tokeOptions = new JwtSecurityToken( issuer: "https://api03mtw102.azurewebsites.net", audience: "https://api03mtw102.azurewebsites.net", claims: principal.Claims, expires: DateTime.Now.AddMinutes(120), signingCredentials: signinCredentials ); var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions); var refreshString = GenerateRefreshToken(); objusr.RefreshToken = refreshString; objusr.RefreshTokenExpiryTime = DateTime.Now.AddDays(7); using (APIUsers.Library.Interfaces.IUser User2 = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)) { User2.UpdateUserRefreshToken(objusr); } return(new ObjectResult(new { Token = tokenString, RefreshToken = refreshString })); } }