/// <summary> /// Creates the asynchronous. /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public async Task CreateAsync(AuthenticationTokenCreateContext context) { var clientid = context.Ticket.Properties.Dictionary["as:client_id"]; if (string.IsNullOrEmpty(clientid)) { return; } var refreshTokenId = Guid.NewGuid().ToString("n"); var refreshTokenLifeTime = context.OwinContext.Get<string>("as:clientRefreshTokenLifeTime"); var token = new Domain.Entities.RefreshToken() { Id = CryptHelper.GetHash(refreshTokenId), ClientId = clientid, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)) }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; token.ProtectedTicket = context.SerializeTicket(); var result = await _auth.AddRefreshToken(token); if (result) { context.SetToken(refreshTokenId); } }
public async Task <IdentityResponseDto> Handle(LoginCommand request, CancellationToken cancellationToken) { ApplicationUser user = await _userManager.FindByNameAsync(request.UserName, x => x.RefreshTokens); if (user == null) { return(IdentityResponseDto.NotExisted($"User with {request.UserName} not existed.")); } if (!await _userManager.IsEmailConfirmedAsync(user)) { return(IdentityResponseDto.EmailNotConfirmed($"You need to confirm your email.")); } if (await _userManager.IsLockedOutAsync(user)) { return(IdentityResponseDto.LockedOut($"Account has been locked.")); } if (await _userManager.CheckPasswordAsync(user, request.Password)) { JwtSecurityToken jwtSecurityToken = await _tokenClaimService.GenerateTokenAsync(user); var response = new IdentityResponseDto { Status = LoginStatus.Success, Token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken), Email = user.Email, UserName = user.UserName, Roles = (await _userManager.GetRolesAsync(user)).ToList(), Message = "Success." }; Domain.Entities.RefreshToken activeRefreshToken = user.RefreshTokens.FirstOrDefault(x => x.IsActive); if (activeRefreshToken is null) { activeRefreshToken = _tokenClaimService.GenerateRefreshToken(); user.RefreshTokens.Add(activeRefreshToken); await _userManager.UpdateAsync(user); } response.RefreshToken = activeRefreshToken.Token; response.RefreshTokenExpiration = activeRefreshToken.Expires; _logger.LogInformation($"User {user.UserName} login success."); await _mediator.Publish(new LoginSuccessEvent { UserName = user.UserName, LoginSuccessAt = DateTimeOffset.UtcNow }, cancellationToken); return(response); } return(IdentityResponseDto.Failure($"Incorrect Credentials for user {user.UserName}.")); }
public async Task <ICommandQueryResponse> Handle(Command request, CancellationToken cancellationToken) { var data = new Domain.Entities.RefreshToken { UserID = request.RefreshTokenModel.AppUserID, Token = request.RefreshTokenModel.Token, Expires = request.RefreshTokenModel.Expires, Created = request.RefreshTokenModel.Created, CreatedByIp = request.RefreshTokenModel.CreatedByIp, Revoked = request.RefreshTokenModel.Revoked, RevokedByIp = request.RefreshTokenModel.RevokedByIp, ReplacedByToken = request.RefreshTokenModel.ReplacedByToken }; _dataContext.RefreshToken.Add(data); await _dataContext.SaveChangesAsync(); return(new CreateRefreshTokenResponse(request.RefreshTokenModel)); }
public async Task <IdentityResponseDto> Handle(RefreshTokenCommand request, CancellationToken cancellationToken) { ApplicationUser user = await _userManager.FindByRefreshTokenAsync(request.Token, x => x.RefreshTokens); if (user is null) { return(IdentityResponseDto.NotExisted($"Token {request.Token} did not match with nay user.")); } var activeRefreshToken = user.RefreshTokens .FirstOrDefault(x => x.Token == request.Token && x.IsActive); if (activeRefreshToken is null) { return(IdentityResponseDto.Failure($"Token {request.Token} not active.")); } // Revoke current token activeRefreshToken.RevokedDate = DateTime.UtcNow; // Generate new token and refresh token Domain.Entities.RefreshToken newRefreshToken = _tokenClaimService.GenerateRefreshToken(); user.RefreshTokens.Add(newRefreshToken); await _userManager.UpdateAsync(user); JwtSecurityToken jwtSecurityToken = await _tokenClaimService.GenerateTokenAsync(user); return(new IdentityResponseDto { Status = LoginStatus.Success, Token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken), Email = user.Email, UserName = user.UserName, Roles = (await _userManager.GetRolesAsync(user)).ToList(), Message = "Success.", RefreshToken = newRefreshToken.Token, RefreshTokenExpiration = newRefreshToken.Expires }); }