Пример #1
0
        public async Task <IActionResult> RefreshToken([FromQuery] string token)
        {
            var user = await _userService.GetUserByToken(token);

            if (user == null)
            {
                return(Ok(new { message = "User not found." }));
            }

            var ipAddress = await HttpHelper.GetIP4Address(HttpContext);

            var response = await JwtHelper.GenerateRefreshToken(ipAddress);

            if (response == null)
            {
                return(Unauthorized(new { message = "Invalid token" }));
            }

            var newToken = await JwtHelper.GenerateToken(user, _setting);

            await _userService.RefreshToken(token, ipAddress, newToken);

            return(Ok(new UserResponse
            {
                Id = user.Id,
                FirstName = user.FirstName,
                LastName = user.LastName,
                Username = user.Username,
                Token = newToken
            }));
        }
Пример #2
0
        public IActionResult Refresh(TokenTransferDTO tokens)
        {
            var          jwtHelper = new JwtHelper();
            List <Claim> claims;
            Guid         userId;

            try
            {
                claims = jwtHelper.GetClaimsFromExpiredToken(tokens.Token);
                userId = Guid.Parse(claims.First(claim => claim.Type == "userId").Value);
            }
            catch (Exception)
            {
                return(Forbid());
            }
            var savedRefreshToken = _userRepository.GetRefreshTokens(userId); //retrieve the refresh token from a data store

            if (savedRefreshToken.All(rt => rt.Value != tokens.RefreshToken))
            {
                throw new SecurityTokenException("Invalid refresh token");
            }

            var newJwtToken     = jwtHelper.GenerateToken(claims);
            var newRefreshToken = jwtHelper.GenerateRefreshToken();

            _userRepository.DeleteRefreshToken(userId, tokens.RefreshToken);
            _userRepository.SaveRefreshToken(userId, newRefreshToken);

            return(new ObjectResult(new
            {
                token = newJwtToken,
                refreshToken = newRefreshToken
            }));
        }
Пример #3
0
        public IActionResult Login(LoginDTO login)
        {
            var wasLoginSuccessful = _userRepository.Login(login.Username, login.Password);

            if (wasLoginSuccessful == null)
            {
                return(Forbid());
            }
            var jwtHelper   = new JwtHelper();
            var newJwtToken = jwtHelper.GenerateToken(new List <Claim> {
                new Claim(ClaimTypes.Name, login.Username), new Claim("userId", $"{wasLoginSuccessful.Value}")
            });
            var newRefreshToken = jwtHelper.GenerateRefreshToken();

            _userRepository.SaveRefreshToken(wasLoginSuccessful.Value, newRefreshToken);
            return(Ok(new ObjectResult(new
            {
                token = newJwtToken,
                refreshToken = newRefreshToken,
                userId = wasLoginSuccessful.Value
            })));
        }