public async Task <PasswordUpdateDto> PasswordUpdateAsync(string userId, string password, string token) { var user = await _userManager.FindByIdAsync(userId); if (user is null) { return new PasswordUpdateDto { Errors = new[] { "This user does not exist anymore" }, CriticalError = true } } ; var passwordUpdateResult = await _userManager.ResetPasswordAsync(user, token, password); if (!passwordUpdateResult.Succeeded) { //Valid token if (passwordUpdateResult.Errors.FirstOrDefault(x => x.Description == "Invalid token.") is null) { return new PasswordUpdateDto { Errors = passwordUpdateResult.Errors.Select(x => x.Description) } } ; //----------- //Invalid token return(new PasswordUpdateDto { Errors = new[] { "Expired link, please make another request" } }); //------------- } var refreshToken = _dataContext.RefreshTokens.FirstOrDefault(x => x.UserId == user.Id); if (refreshToken != null) { refreshToken.Invalidated = true; } await _dataContext.SaveChangesAsync(); return(new PasswordUpdateDto { Success = true }); }
public async Task <AuthenticationDto> RefreshTokenAsync(string token, string refreshToken) { var validatedToken = GetPrincipalFromToken(token); if (validatedToken is null) { return new AuthenticationDto { Errors = new[] { "Invalid Token" }, CriticalError = true } } ; var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value); var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc) .AddSeconds(expiryDateUnix); var storedRefreshToken = await _context.RefreshTokens.SingleOrDefaultAsync(x => x.Token == refreshToken); if (storedRefreshToken is null) { return new AuthenticationDto { Errors = new[] { "This refresh token does not exist" }, CriticalError = true } } ; if (storedRefreshToken.Invalidated) { return new AuthenticationDto { Errors = new[] { "This refresh token has been invalidated" }, CriticalError = true } } ; if (expiryDateTimeUtc > DateTime.UtcNow) { return new AuthenticationDto { Errors = new[] { "This token hasn't expired jet" } } } ; if (storedRefreshToken.Used) { return new AuthenticationDto { Errors = new[] { "This refresh token has been used" }, CriticalError = true } } ; if (DateTime.UtcNow > storedRefreshToken.ExpiryDate) { return new AuthenticationDto { Errors = new[] { "This refresh token has expired" }, CriticalError = true } } ; var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; if (storedRefreshToken.JwtId != jti) { return new AuthenticationDto { Errors = new[] { "This refresh token does not match this JWT" }, CriticalError = true } } ; storedRefreshToken.Used = true; _context.RefreshTokens.Update(storedRefreshToken); await _context.SaveChangesAsync(); var user = await _userManager.FindByIdAsync(validatedToken.Claims .Single(x => x.Type == "userId").Value); return(await GenerateAuthenticationResultForUserAsync(user)); }