public async Task <TokenResponse> RefreshTokenAsync(string token, string refreshToken) { var validatedToken = CheckRole.getPrincipalFromToken(token, _configuration); if (validatedToken == null) { return(null); } var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value); var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDateUnix); if (expiryDateTimeUtc > DateTime.UtcNow) { return(null); } var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; var storedRefreshToken = await _tokenDb.findTokenAsync(token); if (storedRefreshToken == null || DateTime.UtcNow > storedRefreshToken.Expires || storedRefreshToken.Invalidated || storedRefreshToken.Used || storedRefreshToken.JwtId != jti) { return(null); } storedRefreshToken.Used = true; bool result = await _tokenDb.updateTokenAsync(storedRefreshToken); if (!result) { return(null); } User currentUser = await getUserByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value); if (currentUser == null) { return(null); } else { return(await LoginAsync(currentUser.EmailAddress, currentUser.Password)); } }
public IActionResult CurrentUserId() { var authorization = Request.Headers[HeaderNames.Authorization]; if (AuthenticationHeaderValue.TryParse(authorization, out var headerValue)) { var token = headerValue.Parameter; var validatedToken = CheckRole.getPrincipalFromToken(token, _configuration); string userId = validatedToken.Claims.Single(x => x.Type == "id").Value; if (userId != null) { return(Ok(new Response <string>(userId))); } } return(BadRequest("Cannot get the id of the current user")); }