public async Task <Result <object> > Handle(DeleteUserCommand request, CancellationToken cancellationToken) { var cacheKey = $"User-{request.UserId}"; if (!await _cacheService.IsExistsAsync(cacheKey)) { var userInDb = await _userRepository.GetAsync(u => u.Id == request.UserId); userInDb.CheckForNull(); } var token = await _tokenRepository.GetAsync(t => t.Id == request.UserId); if (token is not null) { await _tokenRepository.DeleteAsync(t => t.Id == token.Id); await _sender.PublishAsync(token, cancellationToken); } await _userRepository.DeleteAsync(u => u.Id == request.UserId); await _cacheService.RemoveAsync(cacheKey); return(Result <object> .Success()); }
public async Task <Token> ValidateRefreshTokenAsync(string refreshTokenId) { try { RefreshToken refreshToken = await _refreshTokenRepository.GetByIdAsync(refreshTokenId); if (refreshToken == null) { throw new NotFoundException("refresh token not found"); } Token token = new Token { Jwt = await GenerateAccessTokenAsync(refreshToken.User), Refresh = await GenerateRefreshTokenAsync(refreshToken.User.Id) }; await _refreshTokenRepository.DeleteAsync(refreshToken.Id); _storage.Save(); return(token); } catch (Exception ex) { throw ex; } }
public async Task <ActionResult> RefreshAsync(RefreshRequest refreshRequest, ModelStateDictionary modelState) { if (!modelState.IsValid) { return(BadRequestModelState(modelState)); } bool isValidRefreshToken = _refreshTokenValidator.Validate(refreshRequest.RefreshToken); if (!isValidRefreshToken) { return(new BadRequestObjectResult(new ErrorResponse("Invalid refresh token."))); } RefreshToken refreshTokenDTO = await _refreshTokenRepository.GetByTokenAsync(refreshRequest.RefreshToken); if (refreshTokenDTO == null) { return(new NotFoundObjectResult(new ErrorResponse("Invalid refresh token."))); } await _refreshTokenRepository.DeleteAsync(refreshTokenDTO.Id); Account account = await _accountService.GetAsync(refreshTokenDTO.AccountId); if (account == null) { return(new NotFoundObjectResult(new ErrorResponse("Account not found."))); } AuthenticatedAccountResponse response = await _authenticator.AuthenticateAsync(account); return(new OkObjectResult(response)); }
public async Task <string> CreateAsync(Guid userId) { var token = _rng.Generate(30, true); var now = _clock.CurrentDate(); var expires = now.Add(_options.ExpiryRefreshToken); var refreshToken = new RefreshToken(Guid.NewGuid(), userId, token, DateTime.UtcNow, expires); await _refreshTokenRepository.DeleteAsync(userId); await _refreshTokenRepository.AddAsync(refreshToken); return(token); }
public async Task <Result <object> > Handle(LogoutCommand request, CancellationToken cancellationToken) { var user = await _userRepository.GetAsync(u => u.Id == request.UserId); if (user == null) { throw Result <User> .Failure("id", "Invalid id"); } user.SessionId = null; var token = await _tokenRepository.GetAsync(t => t.User.Id == request.UserId); await _tokenRepository.DeleteAsync(t => t.Id == token.Id); await _sender.PublishAsync(new UpdatedUser(user), cancellationToken); await _sender.PublishAsync(new DeletedToken(token.Id), cancellationToken); return(Result <object> .Success()); }
public async Task LogoutAsync(string accessToken, string refreshToken) { var userId = _jwtHandler.RetrieveUserIdFromAccessToken(accessToken); if (userId == Guid.Empty) { throw new HttpResponseException(StatusCodes.Status400BadRequest, "Invalid access_token"); } await _invalidTokenRepository.AddAsync(new InvalidToken() { UserId = userId, Token = accessToken }); var refreshTokenEntity = await _refreshTokenRepository.GetByUserIdAndToken(userId, refreshToken); if (!refreshTokenEntity.IsValid) { throw new HttpResponseException(StatusCodes.Status400BadRequest, "Invalid refresh_token"); } await _refreshTokenRepository.DeleteAsync(refreshTokenEntity); }
public async Task <Result <UserAuthenticatedDto> > Handle(RefreshTokenCommand request, CancellationToken cancellationToken) { var user = await _userRepository.GetAsync(u => u.Id == request.UserId); user.SessionId = Guid.NewGuid().ToString(); var userDto = _mapper.Map <UserDto>(user); var refreshTokenInDb = await _tokenRepository.GetAsync(t => t.User.Id == request.UserId && t.Token == request.Token.Name); refreshTokenInDb.CheckForNull(); IsValid(refreshTokenInDb); var jwtToken = JwtExtensions.GenerateJwtToken(userDto, _tokenConfiguration); var tokenString = JwtExtensions.GenerateRefreshToken(); var userInDb = _mapper.Map <User>(user); var refreshToken = new RefreshToken { Id = Guid.NewGuid().ToString(), DateCreated = DateTime.UtcNow, DateExpires = DateTime.UtcNow.AddMinutes(_tokenConfiguration.RefreshTokenExpirationMinutes), Token = tokenString, User = userInDb }; await _tokenRepository.CreateAsync(refreshToken); await _tokenRepository.DeleteAsync(t => t.Id == refreshTokenInDb.Id); await _sender.PublishAsync(new UpdatedUser(user), cancellationToken); await _sender.PublishAsync(new CreatedToken(refreshToken), cancellationToken); UserAuthenticatedDto authenticatedDto = new(userDto, jwtToken, refreshToken.Token); return(Result <UserAuthenticatedDto> .Success(authenticatedDto)); }
public async Task <bool> DeletePreviousRefreshTokenAsync(string username) { var deletePrevious = await _refreshTokenRepository.DeleteAsync(x => x.Username == username); return(deletePrevious); }
public async Task <Unit> Handle(DeleteRefreshTokenCommand request, CancellationToken cancellationToken) { await _tokenRepository.DeleteAsync(t => t.Id == request.Id); return(Unit.Value); }