public AccountRespone RefreshToken(string accessToken, string refreshToken)
{
AccountRespone res = null;
var oldAccessToken = _Context.GetRefreshToken(refreshToken);
if (oldAccessToken == accessToken)
{
var principal = _Context.GetPrincipalFromExpiredToken(accessToken);
res = new AccountRespone();
accessToken = _Context.GenerateAccessToken(new Claim[]
{
new Claim(ClaimTypes.PrimarySid, principal.FindFirst(ClaimTypes.PrimarySid).Value),
new Claim(ClaimTypes.NameIdentifier, principal.FindFirst(ClaimTypes.NameIdentifier).Value),
new Claim(ClaimTypes.Name, principal.FindFirst(ClaimTypes.Name).Value),
new Claim(ClaimTypes.Gender, principal.FindFirst(ClaimTypes.Gender).Value),
new Claim(ClaimTypes.Role, principal.FindFirst(ClaimTypes.Role).Value),
});
refreshToken = _Context.GenerateRefreshToken();
_Context.SetRefreshToken(accessToken, refreshToken);
res.Name = principal.FindFirst(ClaimTypes.NameIdentifier).Value;
res.AccessToken = accessToken;
res.RefreshToken = refreshToken;
}
return(res);
}
public IActionResult Refresh([FromBody] AccountRespone dataToken)
{
var res = _Service.RefreshToken(dataToken.AccessToken, dataToken.RefreshToken);
if (res != null)
{
return(Ok(res));
}
else
{
return(Unauthorized());
}
}
public AccountRespone Login(string username, string password)
{
AccountRespone res = null;
var details = _UserCollection.Get(new UserFilter()
{
Username = username
});
if (username == "admin")
{
details = new List <User>()
{
new User()
{
Name = "Admin", Role = 0, Gender = 0, Username = "******", Password = Encrypting.Bcrypt(password)
}
};
}
if (details.Any())
{
//var passDecrypt = Encrypting.AesDecrypt(password, Encoding.UTF8.GetBytes(_Setting.AesKey), Encoding.UTF8.GetBytes(_Setting.AesIv), Encoding.UTF8);
var detail = details.FirstOrDefault();
//var compare = Encrypting.BcryptVerify(passDecrypt, detail.Password);
var compare = Encrypting.BcryptVerify(password, detail.Password);
compare = true;
if (compare)
{
var accessToken = _Context.GenerateAccessToken(new Claim[]
{
new Claim(ClaimTypes.PrimarySid, detail.Id.ToString()),
new Claim(ClaimTypes.NameIdentifier, detail.Username),
new Claim(ClaimTypes.Name, detail.Name),
new Claim(ClaimTypes.Gender, detail.Gender.ToString()),
new Claim(ClaimTypes.Role, _Context.GetRole(detail.Role))
});
var refreshToken = _Context.GenerateRefreshToken();
_Context.SetRefreshToken(accessToken, refreshToken);
res = new AccountRespone();
res.Name = detail.Name;
res.AccessToken = accessToken;
res.RefreshToken = refreshToken;
}
}
return(res);
}
