RefreshToken is made

2025-03-27 10:17:25 +01:00 · 2025-03-27 10:17:25 +01:00 · 46de83dc42
commit 46de83dc42
parent edc195b234
3 changed files with 31 additions and 2 deletions
--- a/backend/Api/BusinessLogic/UserLogic.cs
+++ b/backend/Api/BusinessLogic/UserLogic.cs
@ -49,7 +49,7 @@ namespace Api.BusinessLogic

            string salt = Guid.NewGuid().ToString();
            string hashedPassword = ComputeHash(user.Password, SHA256.Create(), salt);
-            
+
            user.Salt = salt;
            user.Password = hashedPassword;

@ -74,7 +74,9 @@ namespace Api.BusinessLogic
            if (user.Password == hashedPassword)
            {
                var token = GenerateJwtToken(user);
-                return new OkObjectResult(new { token, user.UserName, user.Id });
+                user.RefreshToken = Guid.NewGuid().ToString();
+                _dbAccess.UpdatesRefreshToken(user.RefreshToken, user.Id);
+                return new OkObjectResult(new { token, user.UserName, user.Id, refreshToken = user.RefreshToken });
            }

            return new ConflictObjectResult(new { message = "Invalid password" });
@ -119,6 +121,13 @@ namespace Api.BusinessLogic
            return await _dbAccess.DeleteUser(userId);
        }

+        public async Task<IActionResult> RefreshToken(string refreshToken)
+        {
+            User user = await _dbAccess.ReadUser(refreshToken);
+            if (user == null) { return new ConflictObjectResult(new { message = "Could not match refreshtoken" }); }
+            return new OkObjectResult(GenerateJwtToken(user));
+        }
+
        /// <summary>
        /// Generates a hash from a salt and input using the algorithm that is provided
        /// </summary>
--- a/backend/Api/Controllers/UserController.cs
+++ b/backend/Api/Controllers/UserController.cs
@ -51,5 +51,11 @@ namespace Api.Controllers
            return await _userLogic.DeleteUser(userId);
        }

+        [HttpGet("RefreshToken")]
+        public async Task<IActionResult> RefreshToken(string refreshToken)
+        {
+            return await _userLogic.RefreshToken(refreshToken);
+        }
+
    }
 }
--- a/backend/Api/DBAccess/DBAccess.cs
+++ b/backend/Api/DBAccess/DBAccess.cs
@ -75,6 +75,20 @@ namespace Api.DBAccess
            return await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
        }

+        // Returns a user according to refreshToken
+        public async Task<User> ReadUser(string refreshToken)
+        {
+            return await _context.Users.FirstOrDefaultAsync(u => u.RefreshToken == refreshToken);
+        }
+
+        public async void UpdatesRefreshToken(string refreshToken, int userId)
+        {
+            var user = await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
+
+            user.RefreshToken = refreshToken;
+            user.RefreshTokenExpiresAt = DateTime.Now.AddDays(7);
+        }
+
        /// <summary>
        /// Updates the user in the database
        /// </summary>