// RefreshToken
public Task <RefreshToken> CreateRefreshToken(ApplicationUser user, int expiresInHours = 24)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
return(_refreshTokenStore.Create(user.Id, expiresInHours));
}
public async Task <Token> AuthenticationByPassword(string email, string password,
CancellationToken cancellationToken)
{
var user = await _userRepository.GetByEmail(email, cancellationToken);
if (user == null)
{
throw new InvalidCredentialsException();
}
if (!_passwordHasher.VerifyHashedPassword(user.PasswordHash, password))
{
throw new InvalidCredentialsException();
}
var refreshToken = await _refreshTokenStore.Create(user.Id);
var accessToken = await _jwtAccessTokenFactory.Create(user, cancellationToken);
return(new Token(accessToken.Value, accessToken.ExpiresIn, refreshToken));
}