diff --git a/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs b/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs
index b1fb2775ccac22639321795130fadcddae79ffeb..bc4b6fa4028264d7031c91412de327d2f4f1c4d3 100644
--- a/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs
+++ b/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs
@@ -2,8 +2,10 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
+using Microsoft.IdentityModel.Tokens;
using Tsi1.Api.Infrastructure;
using Tsi1.Api.Models;
using Tsi1.BusinessLayer.Dtos;
@@ -60,6 +62,36 @@ namespace Tsi1.Api.Controllers
});
}
+ [HttpPost("RefreshToken")]
+ [Authorize]
+ public async Task<ActionResult> RefreshToken([FromBody] RefreshTokenRequest request)
+ {
+ try
+ {
+ var username = HttpContext.User.Claims.FirstOrDefault(x => x.Type == "Username").Value;
+
+ if (string.IsNullOrWhiteSpace(request.RefreshToken))
+ {
+ return Unauthorized();
+ }
+
+ var accessToken = await HttpContext.GetTokenAsync("Bearer", "access_token");
+ var jwtResult = _jwtAuthManager.Refresh(request.RefreshToken, accessToken, DateTime.Now);
+
+ return Ok(new LoginResult
+ {
+ UserName = username,
+ Role = User.FindFirst(ClaimTypes.Role)?.Value ?? string.Empty,
+ AccessToken = jwtResult.AccessToken,
+ RefreshToken = jwtResult.RefreshToken.TokenString
+ });
+ }
+ catch (SecurityTokenException e)
+ {
+ return Unauthorized(e.Message); // return 401 so that the client side can redirect the user to login page
+ }
+ }
+
[Authorize(Roles = UserTypes.FacultyAdmin)]
[HttpPost("Register")]
public async Task<IActionResult> Register(UserRegisterDto dto)
diff --git a/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs b/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs
index ef61c06d2147c7f65a2a0d34a8a0d806bf1dc167..672247e7bf45a0cd68789cd77290da0f2f2bf606 100644
--- a/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs
+++ b/Tsi1.Api/Tsi1.Api/Infrastructure/JwtAuthManager.cs
@@ -81,7 +81,7 @@ namespace Tsi1.Api.Infrastructure
throw new SecurityTokenException("Invalid token");
}
- var userName = principal.Identity.Name;
+ var userName = principal.Claims.FirstOrDefault(x => x.Type == "Username").Value;
if (!_usersRefreshTokens.TryGetValue(refreshToken, out var existingRefreshToken))
{
throw new SecurityTokenException("Invalid token");
diff --git a/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user b/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user
index ecbf551267f5a15d0fb795acfc2ca3f808c020b0..1413b79ef7542b62245fe9e48b9fa19bc87d0384 100644
--- a/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user
+++ b/Tsi1.Api/Tsi1.Api/Tsi1.Api.csproj.user
@@ -4,5 +4,9 @@
<Controller_SelectedScaffolderID>ApiControllerEmptyScaffolder</Controller_SelectedScaffolderID>
<Controller_SelectedScaffolderCategoryPath>root/Controller</Controller_SelectedScaffolderCategoryPath>
<WebStackScaffolding_ControllerDialogWidth>600</WebStackScaffolding_ControllerDialogWidth>
+ <ActiveDebugProfile>Tsi1.Api</ActiveDebugProfile>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
+ <DebuggerFlavor>ProjectDebugger</DebuggerFlavor>
</PropertyGroup>
</Project>
\ No newline at end of file
diff --git a/Tsi1.Api/Tsi1.Api/appsettings.json b/Tsi1.Api/Tsi1.Api/appsettings.json
index a12bc5f6e104663e378e9f4150cf6c1483aa187e..45af97fda74df094689e136d9938c4e8affeab61 100644
--- a/Tsi1.Api/Tsi1.Api/appsettings.json
+++ b/Tsi1.Api/Tsi1.Api/appsettings.json
@@ -1,5 +1,5 @@
{
- "IsElasticCloud": true,
+ "IsElasticCloud": false,
"ConnectionStrings": {
"PostgreSql": "Host=localhost;Database=tsi1;Username=postgres;Password=111111",
"PostgreSqlCloud": "Host=postgres;Database=tsi1;Username=postgres;Password=postgres"