public ActionResult <RefreshRequest> Refresh([FromBody] RefreshRequest refreshRequest) { DealingWithRefreshToken dealingWithRefreshToken = new DealingWithRefreshToken(); string refreshToken = Request.Headers["Authorization"].ToString().Split(" ")[1]; refreshRequest.RefreshToken = refreshToken; int userId = dealingWithRefreshToken.GetUserIdFromAccessToken(refreshRequest.AccessToken, _jwtSettings.SecretKey); Users userFromDbViaAccessToken = _context.Users.FirstOrDefault(u => u.Id == userId); TblRefreshToken refreshTokenUser = _context.TblRefreshToken .Where(rt => rt.RefreshToken == refreshToken) .OrderByDescending(x => x.ExpiryDate) .FirstOrDefault(); if (userFromDbViaAccessToken != null && dealingWithRefreshToken.ValidateRefreshToken(refreshTokenUser, userFromDbViaAccessToken, refreshToken)) { UserDTO userWithTokens = _mapper.Map <UserDTO>(userFromDbViaAccessToken); userWithTokens.Token = GenerateJWT.CreateJWT(userFromDbViaAccessToken.Id, _jwtSettings.SecretKey, DateTime.UtcNow.AddSeconds(_expiryTimeSeconds)); RefreshRequest userTokens = new RefreshRequest(); var userFromDb = _context.TblRefreshToken.FirstOrDefault(x => x.User.RegistrationToken == refreshRequest.AccessToken); userFromDb.User.RegistrationToken = userWithTokens.Token; string newRefreshToken = Guid.NewGuid().ToString(); userFromDb.RefreshToken = newRefreshToken; _context.SaveChanges(); userTokens.AccessToken = userWithTokens.Token; userTokens.RefreshToken = newRefreshToken; return(Ok(userTokens)); } return(null); }
public async Task <ActionResult <UserWithToken> > Login([FromBody] TblUser user) { user = await _context.TblUsers.Include(u => u.Role) .Where(u => u.Login == user.Login && u.Password == user.Password).FirstOrDefaultAsync(); UserWithToken userWithToken = null; if (user != null) { TblRefreshToken refreshToken = GenerateRefreshToken(); user.TblRefreshTokens.Add(refreshToken); await _context.SaveChangesAsync(); userWithToken = new UserWithToken(user); userWithToken.RefreshToken = refreshToken.Token; } if (userWithToken == null) { return(NotFound()); } //sign your token here here.. userWithToken.AccessToken = GenerateAccessToken(user.Id); return(userWithToken); }
public async Task <ActionResult <UserWithToken> > RegisterUser([FromBody] TblUser user) { user.Password = _crypto.GenerateSaltedHash(Encoding.ASCII.GetBytes(user.Password), Encoding.ASCII.GetBytes(_salt)); _context.TblUsers.Add(user); await _context.SaveChangesAsync(); //load role for registered user user = await _context.TblUsers.Include(u => u.Role) .Where(u => u.Id == user.Id).FirstOrDefaultAsync(); UserWithToken userWithToken = null; if (user != null) { TblRefreshToken refreshToken = GenerateRefreshToken(); user.TblRefreshTokens.Add(refreshToken); await _context.SaveChangesAsync(); userWithToken = new UserWithToken(user); userWithToken.RefreshToken = refreshToken.Token; } if (userWithToken == null) { return(NotFound()); } //sign your token here here.. userWithToken.AccessToken = GenerateAccessToken(user.Id); return(userWithToken); }
public async Task <ActionResult <UserDTO> > Login([FromBody] LoginDTO userClaims) { DealingWithRefreshToken dealingWithRefreshToken = new DealingWithRefreshToken(); Users user = _loginRepository.GetUserOrDefault(userClaims); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect..." })); } UserDTO userDTO = _mapper.Map <UserDTO>(user); TblRefreshToken refreshToken = dealingWithRefreshToken.GenerateRefreshToken(_expiryTimeSeconds); user.TblRefreshToken.Add(refreshToken); var tokenHandler = new JwtSecurityTokenHandler(); string accessToken = GenerateJWT.CreateJWT(userDTO.Id, _jwtSettings.SecretKey, DateTime.UtcNow.AddSeconds(_expiryTimeSeconds)); userDTO.RefreshToken = refreshToken.RefreshToken; userDTO.Token = accessToken; user.RegistrationToken = accessToken; await _context.SaveChangesAsync(); return(userDTO); }
public TblRefreshToken GenerateRefreshToken(int _expiryTimeSeconds) { TblRefreshToken refreshToken = new TblRefreshToken(); refreshToken.RefreshToken = Guid.NewGuid().ToString(); refreshToken.ExpiryDate = DateTime.UtcNow.AddSeconds(_expiryTimeSeconds); //TODO Change the expiry time return(refreshToken); }
public bool ValidateRefreshToken(TblRefreshToken refreshTokenUser, Users userFromDbViaAccessToken, string refreshToken) { if (refreshTokenUser != null && refreshTokenUser.UserId == userFromDbViaAccessToken.Id && refreshTokenUser.ExpiryDate > DateTime.UtcNow) { return(true); } return(false); }
public void SaveRefreshToken(SaveRefreshTokenDTO tokenDto) { TblRefreshToken tblRefreshToken = new TblRefreshToken { ExpiryDate = DateTime.Now.AddMinutes(tokenDto.ExpiryMinute), RefreshToken = tokenDto.RefreshToken, UserId = tokenDto.UserId }; db_Evoucher.TblRefreshToken.Add(tblRefreshToken); DeleteExpiryRefreshToken(); db_Evoucher.SaveChanges(); }
private TblRefreshToken GenerateRefreshToken() { TblRefreshToken refreshToken = new TblRefreshToken(); var randomNumber = new byte[32]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(randomNumber); refreshToken.Token = Convert.ToBase64String(randomNumber); } refreshToken.ExpiryDate = DateTime.UtcNow.AddMonths(6); return(refreshToken); }