From 36b05fcb6a9810cbcec2a011082d49ec02ca3874 Mon Sep 17 00:00:00 2001
From: Lucca Santangelo <luccasant95@gmail.com>
Date: Sun, 25 Oct 2020 15:45:13 -0300
Subject: [PATCH] refresh token
---
.../Tsi1.Api/Controllers/UserController.cs | 32 +++++++++++++++++++
.../Tsi1.Api/Infrastructure/JwtAuthManager.cs | 2 +-
Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user | 4 +++
Tsi1.Api/Tsi1.Api/appsettings.json | 2 +-
4 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs b/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs
index b1fb277..bc4b6fa 100644
--- a/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs
+++ b/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs
@@ -2,8 +2,10 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
+using Microsoft.IdentityModel.Tokens;
using Tsi1.Api.Infrastructure;
using Tsi1.Api.Models;
using Tsi1.BusinessLayer.Dtos;
@@ -60,6 +62,36 @@ namespace Tsi1.Api.Controllers
});
}
+ [HttpPost("RefreshToken")]
+ [Authorize]
+ public async Task<ActionResult> RefreshToken([FromBody] RefreshTokenRequest request)
+ {
+ try
+ {
+ var username = HttpContext.User.Claims.FirstOrDefault(x => x.Type == "Username").Value;
+
+ if (string.IsNullOrWhiteSpace(request.RefreshToken))
+ {
+ return Unauthorized();
+ }
+
+ var accessToken = await HttpContext.GetTokenAsync("Bearer", "access_token");
+ var jwtResult = _jwtAuthManager.Refresh(request.RefreshToken, accessToken, DateTime.Now);
+
+ return Ok(new LoginResult
+ {
+ UserName = username,
+ Role = User.FindFirst(ClaimTypes.Role)?.Value ?? string.Empty,
+ AccessToken = jwtResult.AccessToken,
+ RefreshToken = jwtResult.RefreshToken.TokenString
+ });
+ }
+ catch (SecurityTokenException e)
+ {
+ return Unauthorized(e.Message); // return 401 so that the client side can redirect the user to login page
+ }
+ }
+
[Authorize(Roles = UserTypes.FacultyAdmin)]
[HttpPost("Register")]
public async Task<IActionResult> Register(UserRegisterDto dto)
diff --git a/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs b/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs
index ef61c06..672247e 100644
--- a/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs
+++ b/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs
@@ -81,7 +81,7 @@ namespace Tsi1.Api.Infrastructure
throw new SecurityTokenException("Invalid token");
}
- var userName = principal.Identity.Name;
+ var userName = principal.Claims.FirstOrDefault(x => x.Type == "Username").Value;
if (!_usersRefreshTokens.TryGetValue(refreshToken, out var existingRefreshToken))
{
throw new SecurityTokenException("Invalid token");
diff --git a/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user b/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user
index ecbf551..1413b79 100644
--- a/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user
+++ b/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user
@@ -4,5 +4,9 @@
<Controller_SelectedScaffolderID>ApiControllerEmptyScaffolder</Controller_SelectedScaffolderID>
<Controller_SelectedScaffolderCategoryPath>root/Controller</Controller_SelectedScaffolderCategoryPath>
<WebStackScaffolding_ControllerDialogWidth>600</WebStackScaffolding_ControllerDialogWidth>
+ <ActiveDebugProfile>Tsi1.Api</ActiveDebugProfile>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
+ <DebuggerFlavor>ProjectDebugger</DebuggerFlavor>
</PropertyGroup>
</Project>
\ No newline at end of file
diff --git a/Tsi1.Api/Tsi1.Api/appsettings.json b/Tsi1.Api/Tsi1.Api/appsettings.json
index a12bc5f..45af97f 100644
--- a/Tsi1.Api/Tsi1.Api/appsettings.json
+++ b/Tsi1.Api/Tsi1.Api/appsettings.json
@@ -1,5 +1,5 @@
{
- "IsElasticCloud": true,
+ "IsElasticCloud": false,
"ConnectionStrings": {
"PostgreSql": "Host=localhost;Database=tsi1;Username=postgres;Password=111111",
"PostgreSqlCloud": "Host=postgres;Database=tsi1;Username=postgres;Password=postgres"
--
GitLab