public async Task <IHttpActionResult> RefreshToken([FromBody] string jwToken, string refreshToken)
{
var courierPrincipal = _authService.GetPrincipalFromToken(jwToken);
var tokenActive = await _authService.IsTokenExistsAsync(jwToken);
// invalid token/signing key was passed and we can't extract courier claims
if (courierPrincipal == null || !tokenActive)
{
return(NotFound());
}
var id = courierPrincipal.Claims.First(c => c.Type == "id").Value;
var courierId = Convert.ToInt32(id);
var courier = await _refreshTokenService.GetByCourierAuthDataByIdAsync(courierId);
if (courier == null ||
courier.RefreshTokenIsActive != true ||
courier.RefreshTokenIp != GetRemoteIp() ||
courier.RefreshToken != refreshToken)
{
return(NotFound());
}
await _refreshTokenService.ClearAsync(courierId);
// RefreshToken
var newRefreshToken = GenerateTokenByRandomNumber();
var refreshTokenDto = new RefreshTokenDto
{
IsActive = true,
Token = newRefreshToken,
Expires = DateTime.Now.AddDays(5),
RemoteIp = GetRemoteIp()
};
await _refreshTokenService.SetAsync(refreshTokenDto, courierId);
// JWToken
var newJWToken = await _authService.GenerateJWTokenAsync(courierId);
await _jwTokenService.SetAsync(courierId, newJWToken);
var memCacher = new CustomMemoryCacher();
if (memCacher.GetValue(jwToken) == null)
{
memCacher.Add(newJWToken, courier.Id, DateTimeOffset.UtcNow.AddHours(12));
}
var response = new LoginResponseDto()
{
AccessToken = newJWToken,
RefreshToken = newRefreshToken
};
return(Ok(response));
}
