public async Task <AuthenticateResponse> RefreshTokenAsync(string token, string ipAddress) { (AccountRefreshToken refreshToken, Account account) = await GetRefreshTokenAsync(token); // replace old refresh token with a new one and save AccountRefreshToken newRefreshToken = GenerateRefreshToken(ipAddress); refreshToken.RevokedAt = DateTime.UtcNow; refreshToken.RevokedByIp = ipAddress; refreshToken.ReplacedByToken = newRefreshToken.Token; account.RefreshTokens.Add(newRefreshToken); // remove old refresh tokens from account RemoveOldRefreshTokens(account); // save changes to db _context.Update(account); await _context.SaveChangesAsync(); // generate new jwt string jwtToken = GenerateJwtToken(account); AuthenticateResponse response = _mapper.Map <AuthenticateResponse>(account); response.JwtToken = jwtToken; response.RefreshToken = newRefreshToken.Token; response.Expires = DateTime.Now.AddMinutes(_jwtSettings.DurationInMinutes); return(response); }
private async Task <TokenModel> GetTokenModel(User user) { var refreshToken = await _context.AccountRefreshTokens.FirstOrDefaultAsync(x => x.UserId == user.Id); if (refreshToken != null) { _context.AccountRefreshTokens.Remove(refreshToken); await _context.SaveChangesAsync(); } refreshToken = new AccountRefreshToken() { Salt = Guid.NewGuid().ToString("N"), ExpiredDate = DateTime.UtcNow.AddDays(7), PrivateToken = Guid.NewGuid().ToString("N"), UserId = user.Id }; refreshToken.GenerateToken(); await _context.AccountRefreshTokens.AddAsync(refreshToken); await _context.SaveChangesAsync(); user.AccountRefreshTokenId = refreshToken.Id; _context.Users.Update(user); await _context.SaveChangesAsync(); var claims = await GetIdentityClaim(user); var encodedJwt = GenerateToken(claims.Claims); var token = new JwtSecurityTokenHandler().WriteToken(encodedJwt); TokenModel tokenModel = new TokenModel(token, encodedJwt.ValidTo.ToUniversalTime(), refreshToken.RefreshToken); return(tokenModel); }
private async Task <(AccountRefreshToken, Account)> GetRefreshTokenAsync(string token) { Account account = await _context.Accounts .Include(a => a.RefreshTokens) .SingleOrDefaultAsync(u => u.RefreshTokens.Any(t => t.Token == token)); if (account == null) { throw new ApiProblemDetailsException("Invalid token", StatusCodes.Status401Unauthorized); } AccountRefreshToken refreshToken = account.RefreshTokens.SingleOrDefault(x => x.Token == token); if (refreshToken == null || !refreshToken.IsActive) { throw new ApiProblemDetailsException("Invalid token", StatusCodes.Status401Unauthorized); } return(refreshToken, account); }