public ActionResult Logout() { // TODO: ??? // optionally "revoke" JWT token on the server side --> add the current token to a block-list // https://github.com/auth0/node-jsonwebtoken/issues/375 var userName = User.Identity?.Name; _jwtAuthManager.RemoveRefreshTokenByUserName(userName); _logger.LogInformation($"User [{userName}] logged out the system."); return(Ok()); }
public ActionResult Logout() { var userName = User.Identity.Name; _jwtAuthManager.RemoveRefreshTokenByUserName(userName); return(Ok()); }
public async Task <IActionResult> AuthenticateUser([FromBody] AuthenticateUserDto authUser) { ServiceResponse <GetUserDto> response = await _userService.AuthenticateUser(authUser); if (response.Data == null) { return(Unauthorized(response)); } else { ServiceResponse <JwtTokens> respjwtTokens = new ServiceResponse <JwtTokens>(); _jwtAuthManager.RemoveRefreshTokenByUserName(authUser.Email); var claims = new[] { new Claim("Email", authUser.Email), new Claim("Role", "role"), new Claim("Activated", response.Data.Status == UserStatus.Disabled ? "False": "True") }; var jwtResult = _jwtAuthManager.GenerateTokens(authUser.Email, claims, DateTime.Now); _logger.LogInformation($"User [{authUser.Email}] logged in the system."); JwtTokens jwtTokens = new JwtTokens(); jwtTokens.AccessToken = jwtResult.AccessToken.ToString(); jwtTokens.RefreshToken = jwtResult.RefreshToken.TokenString; respjwtTokens.Data = jwtTokens; respjwtTokens.Message = "Validated"; return(Ok(jwtResult)); } }
public ActionResult Logout() { var userName = User.Identity?.Name; _jwtAuthManager.RemoveRefreshTokenByUserName(userName); _logger.LogInformation($"User [{userName}] logged out the system."); return(Ok()); }
public ActionResult Logout() { var userName = User.Identity?.Name; _jwtAuthManager.RemoveRefreshTokenByUserName(userName); _loggerService.Info("User:"******"logged out from the system."); return(Ok()); }
public IActionResult Logout() { var userName = User.Identity.Name; _jwtAuthManager.RemoveRefreshTokenByUserName(userName); // can be more specific to ip, user agent, device name, etc. _logger.LogInformation($"User [{userName}] logged out the system."); return(Ok()); }
public ActionResult Logout() //The logout method invalidates the refresh token on the server-side, { //In order to invalidate the JWT access token on the server-side block-list strategy can be used or just keep the exp of the token short var userName = User.Identity.Name; _jwtAuthManager.RemoveRefreshTokenByUserName(userName);//remove the refresh token from the dictionary _logger.LogInformation($"User [{userName}] logged out the system."); return(Ok()); }
private string CreateToken(User user) { _jwtAuthManager.RemoveRefreshTokenByUserName(user.Name); var claims = new[] { new Claim("Email", user.Name), new Claim("Role", "role"), new Claim("Activated", user.Status == UserStatus.Enabled ? "Yes": "No"), new Claim("Id", user.Id.ToString()), new Claim("Name", user.Name) }; var jwtResult = _jwtAuthManager.GenerateTokens(user.Name, claims, DateTime.Now); return(jwtResult.AccessToken); }
public ActionResult Delete(Guid key) { User doomed = _ctx.Users.FirstOrDefault(p => p.id == key); if (null == doomed) { return(NotFound()); } User currentUser = _userService.findUserByUserName(User.Identity.Name); if (doomed.username == currentUser.username || currentUser.isAdmin) { _jwtAuthManager.RemoveRefreshTokenByUserName(doomed.username); _ctx.Users.Remove(doomed); _ctx.SaveChanges(); } else { return(BadRequest("Users may only delete their own account, or must be an administrator")); } return(NoContent()); }
public IActionResult Logout() { _jwtAuthManager.RemoveRefreshTokenByUserName(User.Identity.Name); ClearTokenCookie(); return(Ok()); }