private bool ValidateRefresh(Employee Employee, string refreshToken) { RefreshTokenEmployee refreshTokenEmployee = _context.RefreshTokenEmployees.Where(rt => rt.Token == refreshToken) .OrderByDescending(rt => rt.ExpiryDate) .FirstOrDefault(); if (refreshTokenEmployee != null && refreshTokenEmployee.EmployeeId == Employee.EmployeeId && refreshTokenEmployee.ExpiryDate > DateTime.UtcNow) { return(true); } return(false); }
private RefreshTokenEmployee GenerateRefreshToken() { RefreshTokenEmployee refreshToken = new RefreshTokenEmployee(); var randomNumber = new byte[32]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(randomNumber); refreshToken.Token = Convert.ToBase64String(randomNumber); } refreshToken.ExpiryDate = DateTime.UtcNow.AddDays(1); return(refreshToken); }
public async Task <ActionResult <EmployeeViewModel> > Login([FromBody] EmployeeLoginViewModel employeeLoginViewModel) { if (string.IsNullOrEmpty(employeeLoginViewModel.Email) || string.IsNullOrEmpty(employeeLoginViewModel.PassWord)) { return(Ok("Email hoặc mật khẩu không chính xác.")); } var employee = await _context.Employees .Where(u => u.Email == employeeLoginViewModel.Email && u.PassWord == Auth.MD5.CreateMD5(employeeLoginViewModel.PassWord)) .FirstOrDefaultAsync(); if (employee == null) { return(Ok("Email hoặc mật khẩu không chính xác.")); } if (employee.IsBlocked) { return(Ok("Tài khoản đang tạm khóa.")); } EmployeeViewModel employeeViewModel = null; if (employee != null) { RefreshTokenEmployee refreshToken = GenerateRefreshToken(); employee.RefreshTokenEmployees.Add(refreshToken); await _context.SaveChangesAsync(); employeeViewModel = new EmployeeViewModel(employee); employeeViewModel.RefreshToken = refreshToken.Token; } //sign token here employeeViewModel.AccessToken = GenerateAccessToken(employee.EmployeeId); return(employeeViewModel); }