public ActionResult User_ConfirmEmail(string token, string email)
{
byte[] encryptedEmail = HelperMethods.EncryptStringToBytes_Aes(email, _keyAndIV);
User userToConfirm = _context.Users.Single(a => a.Email.SequenceEqual(encryptedEmail));
// check if email is already verified
if (userToConfirm.EmailVerified)
{
ErrorMessage error = new ErrorMessage("Failed to confirm email", "Email address is already confirmed.");
return(new BadRequestObjectResult(error));
}
// verify that the email provided matches the email in the token.
if (!encryptedEmail.SequenceEqual(HelperMethods.GetUserFromAccessToken(token, _context, _configuration.GetValue <string>("EmailConfirmationTokenKey")).Email))
{
ErrorMessage error = new ErrorMessage("Failed to confirm email", "Token is invalid.");
return(new BadRequestObjectResult(error));
}
// ok now we save the users email as verified
userToConfirm.EmailVerified = true;
_context.Users.Update(userToConfirm);
_context.SaveChanges();
return(Ok());
}
public IActionResult Refresh()
{
try
{
// attempt getting user from claims
User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("UserJwtTokenKey"));
// make sure this is a valid token for the user
if (!HelperMethods.ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"]))
{
throw new SecurityTokenException("Invalid refresh token!");
}
string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.Role, user.Email, _configuration.GetValue <string>("UserJwtTokenKey"));
RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context);
LoginResponse rtrn = new LoginResponse {
ID = user.ID, AccessToken = newTokenStr, RefreshToken = new ReturnableRefreshToken(newRefToken)
};
// append cookies after refresh
HelperMethods.SetCookies(Response, newTokenStr, newRefToken);
return(new OkObjectResult(rtrn));
}
catch (Exception ex)
{
ErrorMessage error = new ErrorMessage("Error refreshing access.", ex.Message);
return(new InternalServerErrorResult(error));
}
}
public IActionResult Refresh()
{
// check for access token
if (!Request.Headers.ContainsKey("AccessToken"))
{
ErrorMessage error = new ErrorMessage("Failed to refresh access", "User does not have the access token.");
return(new BadRequestObjectResult(error));
}
// check for refresh token
if (!Request.Headers.ContainsKey("RefreshToken"))
{
ErrorMessage error = new ErrorMessage("Failed to refresh access", "User does not have the refresh token.");
return(new BadRequestObjectResult(error));
}
// attempt getting user from claims
User user = HelperMethods.GetUserFromAccessToken(Request.Headers["AccessToken"].ToString(), _context, _configuration.GetValue <string>("UserJwtTokenKey"), _configuration.GetValue <string>("ApiUrl"));
// make sure this is a valid token for the user
if (!HelperMethods.ValidateRefreshToken(user, Request.Headers["RefreshToken"].ToString(), _keyAndIV))
{
ErrorMessage error = new ErrorMessage("Invalid refresh token", "Refrsh token could not be validated.");
return(new BadRequestObjectResult(error));
}
string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.ID, _configuration.GetValue <string>("UserJwtTokenKey"), _configuration.GetValue <string>("ApiUrl"));
RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context, _keyAndIV);
LoginResponse rtrn = new LoginResponse {
ID = user.ID, AccessToken = newTokenStr, RefreshToken = new ReturnableRefreshToken(newRefToken, _keyAndIV)
};
return(new OkObjectResult(rtrn));
}
public string Refresh()
{
// attempt getting user from claims
User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("JwtTokenKey"));
ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"]); // make sure this is a valid token for the user
string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.Role, user.Email, _configuration.GetValue <string>("JwtTokenKey"));
RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context);
string ret = HelperMethods.GenerateLoginResponse(newTokenStr, newRefToken, user.ID);
_context.SaveChanges(); // save refresh token just before returning string to be safe
// append cookies after refresh
HelperMethods.SetCookies(Response, newTokenStr, newRefToken);
return(ret);
}
public IActionResult Refresh()
{
// attempt getting user from claims
User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("UserJwtTokenKey"));
// make sure this is a valid token for the user
if (!HelperMethods.ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"]))
{
ErrorMessage error = new ErrorMessage("Invalid refresh token", "Refrsh token could not be validated.");
return(new BadRequestObjectResult(error));
}
string newTokenStr = HelperMethods.GenerateJWTAccessToken(user.ID, _configuration.GetValue <string>("UserJwtTokenKey"));
RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context);
LoginResponse rtrn = new LoginResponse {
ID = user.ID, AccessToken = newTokenStr, RefreshToken = new ReturnableRefreshToken(newRefToken)
};
// append cookies after refresh
HelperMethods.SetCookies(Response, newTokenStr, newRefToken);
return(new OkObjectResult(rtrn));
}
