public ActionResult <RefreshRequest> Refresh([FromBody] RefreshRequest refreshRequest) { DealingWithRefreshToken dealingWithRefreshToken = new DealingWithRefreshToken(); string refreshToken = Request.Headers["Authorization"].ToString().Split(" ")[1]; refreshRequest.RefreshToken = refreshToken; int userId = dealingWithRefreshToken.GetUserIdFromAccessToken(refreshRequest.AccessToken, _jwtSettings.SecretKey); Users userFromDbViaAccessToken = _context.Users.FirstOrDefault(u => u.Id == userId); TblRefreshToken refreshTokenUser = _context.TblRefreshToken .Where(rt => rt.RefreshToken == refreshToken) .OrderByDescending(x => x.ExpiryDate) .FirstOrDefault(); if (userFromDbViaAccessToken != null && dealingWithRefreshToken.ValidateRefreshToken(refreshTokenUser, userFromDbViaAccessToken, refreshToken)) { UserDTO userWithTokens = _mapper.Map <UserDTO>(userFromDbViaAccessToken); userWithTokens.Token = GenerateJWT.CreateJWT(userFromDbViaAccessToken.Id, _jwtSettings.SecretKey, DateTime.UtcNow.AddSeconds(_expiryTimeSeconds)); RefreshRequest userTokens = new RefreshRequest(); var userFromDb = _context.TblRefreshToken.FirstOrDefault(x => x.User.RegistrationToken == refreshRequest.AccessToken); userFromDb.User.RegistrationToken = userWithTokens.Token; string newRefreshToken = Guid.NewGuid().ToString(); userFromDb.RefreshToken = newRefreshToken; _context.SaveChanges(); userTokens.AccessToken = userWithTokens.Token; userTokens.RefreshToken = newRefreshToken; return(Ok(userTokens)); } return(null); }
public async Task <ActionResult <UserDTO> > Login([FromBody] LoginDTO userClaims) { DealingWithRefreshToken dealingWithRefreshToken = new DealingWithRefreshToken(); Users user = _loginRepository.GetUserOrDefault(userClaims); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect..." })); } UserDTO userDTO = _mapper.Map <UserDTO>(user); TblRefreshToken refreshToken = dealingWithRefreshToken.GenerateRefreshToken(_expiryTimeSeconds); user.TblRefreshToken.Add(refreshToken); var tokenHandler = new JwtSecurityTokenHandler(); string accessToken = GenerateJWT.CreateJWT(userDTO.Id, _jwtSettings.SecretKey, DateTime.UtcNow.AddSeconds(_expiryTimeSeconds)); userDTO.RefreshToken = refreshToken.RefreshToken; userDTO.Token = accessToken; user.RegistrationToken = accessToken; await _context.SaveChangesAsync(); return(userDTO); }