Exemplo n.º 1
0
        public async Task <LoginResponse> RefreshAsync(RefreshTokenRequest request)
        {
            try
            {
                var user      = CryptoUtils.GetClaimsPrincipalFromExpiredToken(request.AccessToken, _configuration);
                var accountId = user.GetAccountId();

                var token = await _refreshTokenRepository.FindByAccountIdAndValueAsync(accountId, request.RefreshToken);

                if (token == null)
                {
                    return(new LoginResponse {
                        Error = "Invalid access token and/or refresh token"
                    });
                }

                var account = await _accountRepository.FindByIdAsync(token.AccountId);

                var accessToken = CryptoUtils.CreateAccessToken(account, _configuration);
                token.Value   = CryptoUtils.RandomString();
                token.Expires = DateTime.UtcNow.AddDays(Convert.ToDouble(_configuration["Auth:RefreshTokenExpiresInDays"]));
                await _refreshTokenRepository.UpdateAsync(token.Id, token);

                return(new LoginResponse
                {
                    AccessToken = accessToken,
                    RefreshToken = token.Value,
                });
            }
            catch (Exception ex)
            {
                // swallow for now
                _logger.LogError(ex, "Failed to process refresh token");
            }

            return(new LoginResponse {
                Error = "Invalid access token and/or refresh token"
            });
        }