public IActionResult GetNewTokens(Guid id, string ip, string userAgent)
{
var user = _userService.Get(id);
var token = _cookieService.Extract(HttpContext, AuthOptions.REFRESH_TOKEN_COOKIE);
var isVerified = _tokenService.VerifyRefreshToken(user, token);
if (isVerified)
{
var identity = _accountService.GetIdentity(user);
var tokens = _accountService.GetNewTokenPair(user, identity, token);
_cookieService.RemoveCookie(HttpContext, AuthOptions.REFRESH_TOKEN_COOKIE);
_cookieService.SetCookie(HttpContext, AuthOptions.REFRESH_TOKEN_COOKIE, tokens.RefreshToken);
return(Ok(tokens.AccessToken));
}
else
{
return(Forbid());
}
}
