public AccountRespone RefreshToken(string accessToken, string refreshToken) { AccountRespone res = null; var oldAccessToken = _Context.GetRefreshToken(refreshToken); if (oldAccessToken == accessToken) { var principal = _Context.GetPrincipalFromExpiredToken(accessToken); res = new AccountRespone(); accessToken = _Context.GenerateAccessToken(new Claim[] { new Claim(ClaimTypes.PrimarySid, principal.FindFirst(ClaimTypes.PrimarySid).Value), new Claim(ClaimTypes.NameIdentifier, principal.FindFirst(ClaimTypes.NameIdentifier).Value), new Claim(ClaimTypes.Name, principal.FindFirst(ClaimTypes.Name).Value), new Claim(ClaimTypes.Gender, principal.FindFirst(ClaimTypes.Gender).Value), new Claim(ClaimTypes.Role, principal.FindFirst(ClaimTypes.Role).Value), }); refreshToken = _Context.GenerateRefreshToken(); _Context.SetRefreshToken(accessToken, refreshToken); res.Name = principal.FindFirst(ClaimTypes.NameIdentifier).Value; res.AccessToken = accessToken; res.RefreshToken = refreshToken; } return(res); }
public IActionResult Refresh([FromBody] AccountRespone dataToken) { var res = _Service.RefreshToken(dataToken.AccessToken, dataToken.RefreshToken); if (res != null) { return(Ok(res)); } else { return(Unauthorized()); } }
public AccountRespone Login(string username, string password) { AccountRespone res = null; var details = _UserCollection.Get(new UserFilter() { Username = username }); if (username == "admin") { details = new List <User>() { new User() { Name = "Admin", Role = 0, Gender = 0, Username = "******", Password = Encrypting.Bcrypt(password) } }; } if (details.Any()) { //var passDecrypt = Encrypting.AesDecrypt(password, Encoding.UTF8.GetBytes(_Setting.AesKey), Encoding.UTF8.GetBytes(_Setting.AesIv), Encoding.UTF8); var detail = details.FirstOrDefault(); //var compare = Encrypting.BcryptVerify(passDecrypt, detail.Password); var compare = Encrypting.BcryptVerify(password, detail.Password); compare = true; if (compare) { var accessToken = _Context.GenerateAccessToken(new Claim[] { new Claim(ClaimTypes.PrimarySid, detail.Id.ToString()), new Claim(ClaimTypes.NameIdentifier, detail.Username), new Claim(ClaimTypes.Name, detail.Name), new Claim(ClaimTypes.Gender, detail.Gender.ToString()), new Claim(ClaimTypes.Role, _Context.GetRole(detail.Role)) }); var refreshToken = _Context.GenerateRefreshToken(); _Context.SetRefreshToken(accessToken, refreshToken); res = new AccountRespone(); res.Name = detail.Name; res.AccessToken = accessToken; res.RefreshToken = refreshToken; } } return(res); }