public async Task <bool> CheckAccess(string token, string permissionKey) { var decodedToken = AuthenticationHelpers.ReadToken(token); string userId = decodedToken.Claims.First(c => c.Type == "userId").Value; User user = await _users.Find <User>(user => user.Id == userId).FirstOrDefaultAsync(); if (user == null) { return(false); } List <Role> userRoles = new List <Role>(); foreach (string roleId in user.Roles) { userRoles.Add(await _roles.Find(role => role.Id == roleId).FirstOrDefaultAsync()); } string permissionId = Startup.StaticConfiguration.GetSection("PermissionIds")[permissionKey]; return(AuthenticationHelpers.IsPermissionGranted(user, userRoles, permissionId)); }
public async Task <IActionResult> RefreshToken([FromQuery] string refreshToken) { Token token = await _tokenService.GetByToken(refreshToken); if (token == null) { return(NotFound("refresh token not found")); } // Check if token is valid in MongoDB if (!token.ValidFlag) { return(Problem("invalidated token")); } if (token.UsedFlag) { await _tokenService.InvalidateUserTokens(token.UserId); return(Problem("refresh token already used")); } // Check token validity (Expiration, issuer, audience, etc.) if (!AuthenticationHelpers.IsTokenValid(refreshToken)) { return(Problem("token failed validation")); } var decodedToken = AuthenticationHelpers.ReadToken(refreshToken); await _tokenService.InvalidateToken(decodedToken.Claims.First(c => c.Type == "authTokenId").Value); await _tokenService.UseToken(token.Id); await _tokenService.AddUsage(token.Id, new TokenAction(DateTime.UtcNow, "Used refresh token to generate new pair.")); // Generate new token pair var user = await _userService.Get(token.UserId); string authToken = AuthenticationHelpers.GenerateAuthToken(user, await _roleService.Get(), await _permissionService.Get()); await _tokenService.Create(new Token( null, user.Id, "auth", authToken, DateTime.UtcNow, new List <TokenAction>(), false, true )); var createdAuthToken = await _tokenService.GetByToken(authToken); string newRefreshToken = AuthenticationHelpers.GenerateRefreshToken(user, createdAuthToken.Id); await _tokenService.Create(new Token( null, user.Id, "refresh", newRefreshToken, DateTime.UtcNow, new List <TokenAction>(), false, true )); return(Ok( new Dictionary <string, string> { { "authToken", authToken }, { "refreshToken", newRefreshToken } } )); }