public async Task <LoginUserResponse> Handle(LoginUserCommand request, CancellationToken cancellationToken) { var user = await _uowGeneral.UserRepository.FindByEmail(request.Email) ?? throw new InvalidAccountException(); if (user.HasDisabledAccount()) { throw new InvalidAccountException("Cuenta deshabilitada"); } var loginMaxAttempt = await _uowGeneral.LoginMaxAttemptRepository.Find(GeneralConstants.DefaultId); if (await HasReachedLoginMaxAttempts(user, loginMaxAttempt.MaxAttempts)) { throw new LoginMaxAttemptsReachedException(); } if (!_passwordService.Verify(request.Password, user.Password)) { await HandleFailedLogin(user, loginMaxAttempt.MaxAttempts); throw new InvalidAccountException(); } user.AddEvent(new UserLogged() { User = user }); await AllowUserAccess(user); var accessToken = await _accessTokenService.GetAccessToken(user); var refreshToken = await _refreshTokenService.GetRefreshToken(user); await _uowGeneral.SaveChanges(); return(new LoginUserResponse() { AccessToken = accessToken, RefreshToken = refreshToken }); }
public async Task <RefreshTokenResponse> Handle(RefreshTokenCommand request, CancellationToken cancellationToken) { var refreshToken = await _uowGeneral.RefreshTokenRepository.FindByToken(request.Token) ?? throw new InvalidRefreshTokenException(); if (refreshToken.IsExpired()) { throw new InvalidRefreshTokenException("El token de refresco ya ha expirado"); } var user = refreshToken.User; var accessToken = await _accessTokenService.GetAccessToken(user); var newRefreshToken = await _refreshTokenService.GetRefreshToken(user); await _uowGeneral.RefreshTokenRepository.Delete(refreshToken); await _uowGeneral.SaveChanges(); return(new RefreshTokenResponse() { AccessToken = accessToken, RefreshToken = newRefreshToken }); }