public override async Task <AuthenticateCommand> HandleAsync(AuthenticateCommand command, CancellationToken cancellationToken = new CancellationToken())
{
var account = await _accountRepository.GetAccountByEmail(command.Email, cancellationToken);
if (account == null || !account.IsVerified || !BC.Verify(command.Password, account.PasswordHash))
{
throw new UnauthorizedException();
}
var jwtToken = _tokenGenerator.GenerateJwtToken(account);
var refreshToken = _tokenGenerator.GenerateRefreshToken(_ipAddressGetter.GetIPAddressFromRequest());
await _accountRepository.AddRefreshToken(refreshToken, account.Id, cancellationToken);
await _accountRepository.RemoveOldRefreshTokens(account, _settings.RefreshTokenTTLInDays, cancellationToken);
command.Response = new TokenResponse
{
Account = account,
JwtToken = jwtToken,
RefreshToken = refreshToken.Token
};
return(await base.HandleAsync(command, cancellationToken));
}
public override async Task <RevokeTokenCommand> HandleAsync(RevokeTokenCommand command, CancellationToken cancellationToken = default)
{
if (string.IsNullOrEmpty(command.Token))
{
_logger.LogInformation("Refresh token provided is null");
throw new BadRequestException("Token is required");
}
var refreshToken = await _accountRepository.GetRefreshToken(command.Token, cancellationToken);
if (refreshToken != null)
{
if (refreshToken.AccountId != command.Revoker.Id && !command.Revoker.IsSuperAdmin)
{
_logger.LogError("Unable to revoke token. Only admin and user themselves can revoke tokens");
throw new UnauthorizedException();
}
var ipAddress = _ipAddressGetter.GetIPAddressFromRequest();
await _accountRepository.RevokeRefreshToken(refreshToken.Token, ipAddress, null, cancellationToken);
}
else
{
_logger.LogInformation("Refresh token provided is found");
}
return(await base.HandleAsync(command, cancellationToken));
}
public override async Task <RefreshTokenCommand> HandleAsync(RefreshTokenCommand command, CancellationToken cancellationToken = default)
{
_logger.LogInformation("Refreshing token");
if (command.Token == null)
{
_logger.LogInformation("Refresh token provided is null");
throw new BadRequestException();
}
var refreshToken = await _accountRepository.GetRefreshToken(command.Token, cancellationToken);
if (refreshToken == null)
{
_logger.LogInformation("Refresh token provided is invalid/not issued");
throw new NotFoundException();
}
var account = await _accountRepository.GetAccountById(refreshToken.AccountId, cancellationToken);
if (account == null)
{
_logger.LogInformation("Account related to Refresh token not found");
throw new NotFoundException();
}
var ipAddress = _ipAddressGetter.GetIPAddressFromRequest();
var newRefreshToken = _tokenGenerator.GenerateRefreshToken(ipAddress);
await _accountRepository.RevokeRefreshToken(refreshToken.Token, ipAddress, newRefreshToken.Token, cancellationToken);
await _accountRepository.RemoveOldRefreshTokens(account, _settings.RefreshTokenTTLInDays, cancellationToken);
var jwtToken = _tokenGenerator.GenerateJwtToken(account);
command.Response = new TokenResponse
{
Account = account,
JwtToken = jwtToken,
RefreshToken = refreshToken.Token
};
return(await base.HandleAsync(command, cancellationToken));
}