private bool ValidateRefresh(Employee Employee, string refreshToken)
{
RefreshTokenEmployee refreshTokenEmployee = _context.RefreshTokenEmployees.Where(rt => rt.Token == refreshToken)
.OrderByDescending(rt => rt.ExpiryDate)
.FirstOrDefault();
if (refreshTokenEmployee != null && refreshTokenEmployee.EmployeeId == Employee.EmployeeId &&
refreshTokenEmployee.ExpiryDate > DateTime.UtcNow)
{
return(true);
}
return(false);
}
private RefreshTokenEmployee GenerateRefreshToken()
{
RefreshTokenEmployee refreshToken = new RefreshTokenEmployee();
var randomNumber = new byte[32];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(randomNumber);
refreshToken.Token = Convert.ToBase64String(randomNumber);
}
refreshToken.ExpiryDate = DateTime.UtcNow.AddDays(1);
return(refreshToken);
}
public async Task <ActionResult <EmployeeViewModel> > Login([FromBody] EmployeeLoginViewModel employeeLoginViewModel)
{
if (string.IsNullOrEmpty(employeeLoginViewModel.Email) || string.IsNullOrEmpty(employeeLoginViewModel.PassWord))
{
return(Ok("Email hoặc mật khẩu không chính xác."));
}
var employee = await _context.Employees
.Where(u => u.Email == employeeLoginViewModel.Email &&
u.PassWord == Auth.MD5.CreateMD5(employeeLoginViewModel.PassWord))
.FirstOrDefaultAsync();
if (employee == null)
{
return(Ok("Email hoặc mật khẩu không chính xác."));
}
if (employee.IsBlocked)
{
return(Ok("Tài khoản đang tạm khóa."));
}
EmployeeViewModel employeeViewModel = null;
if (employee != null)
{
RefreshTokenEmployee refreshToken = GenerateRefreshToken();
employee.RefreshTokenEmployees.Add(refreshToken);
await _context.SaveChangesAsync();
employeeViewModel = new EmployeeViewModel(employee);
employeeViewModel.RefreshToken = refreshToken.Token;
}
//sign token here
employeeViewModel.AccessToken = GenerateAccessToken(employee.EmployeeId);
return(employeeViewModel);
}
