public bool RevokeToken(string token, string ipAddress) { UserRefreshTokens urt = _context.UserRefreshTokens.SingleOrDefault(x => x.Token == token); if (urt == null) { return(false); } AuthUser authUser = LoadAuthUser(urt.IdUser).FirstOrDefault(); if (authUser == null) { return(false); } LoadRefreshTokens(authUser); var refreshToken = authUser.RefreshTokens.Single(x => x.Token == token); // return false if token is not active if (!refreshToken.IsActive) { return(false); } // revoke token and save refreshToken.Revoked = DateTime.UtcNow; refreshToken.RevokedByIp = ipAddress; urt.Revoked = DateTime.UtcNow; urt.RevokedByIp = ipAddress; _context.Update <UserRefreshTokens>(urt); return(true); }
private void AddRefreshToken(AuthUser authUser, RefreshToken refreshToken) { UserRefreshTokens urt = new UserRefreshTokens() { IdUser = authUser.Id, Token = refreshToken.Token, Expires = refreshToken.Expires, Created = refreshToken.Created, CreatedByIp = refreshToken.CreatedByIp, Revoked = refreshToken.Revoked, RevokedByIp = refreshToken.RevokedByIp, ReplacedByToken = refreshToken.ReplacedByToken }; _context.UserRefreshTokens.Add(urt); _context.SaveChanges(); return; }
public AuthResponse RefreshToken(string token, string ipAddress) { UserRefreshTokens urt = _context.UserRefreshTokens.SingleOrDefault(x => x.Token == token); if (urt == null) { return(null); } AuthUser authUser = LoadAuthUser(urt.IdUser).FirstOrDefault(); if (authUser == null) { return(null); } LoadRefreshTokens(authUser); var refreshToken = authUser.RefreshTokens.Single(x => x.Token == token); // return null if token is no longer active if (!refreshToken.IsActive) { return(null); } // replace old refresh token with a new one and save var newRefreshToken = generateRefreshToken(ipAddress); refreshToken.Revoked = DateTime.UtcNow; refreshToken.RevokedByIp = ipAddress; refreshToken.ReplacedByToken = newRefreshToken.Token; authUser.RefreshTokens.Add(newRefreshToken); AddRefreshToken(authUser, newRefreshToken); // generate new jwt var jwtToken = generateJwtToken(authUser); return(new AuthResponse(authUser, jwtToken, newRefreshToken.Token)); }