RefreshToken is made
This commit is contained in:
parent
edc195b234
commit
46de83dc42
@ -49,7 +49,7 @@ namespace Api.BusinessLogic
|
||||
|
||||
string salt = Guid.NewGuid().ToString();
|
||||
string hashedPassword = ComputeHash(user.Password, SHA256.Create(), salt);
|
||||
|
||||
|
||||
user.Salt = salt;
|
||||
user.Password = hashedPassword;
|
||||
|
||||
@ -74,7 +74,9 @@ namespace Api.BusinessLogic
|
||||
if (user.Password == hashedPassword)
|
||||
{
|
||||
var token = GenerateJwtToken(user);
|
||||
return new OkObjectResult(new { token, user.UserName, user.Id });
|
||||
user.RefreshToken = Guid.NewGuid().ToString();
|
||||
_dbAccess.UpdatesRefreshToken(user.RefreshToken, user.Id);
|
||||
return new OkObjectResult(new { token, user.UserName, user.Id, refreshToken = user.RefreshToken });
|
||||
}
|
||||
|
||||
return new ConflictObjectResult(new { message = "Invalid password" });
|
||||
@ -119,6 +121,13 @@ namespace Api.BusinessLogic
|
||||
return await _dbAccess.DeleteUser(userId);
|
||||
}
|
||||
|
||||
public async Task<IActionResult> RefreshToken(string refreshToken)
|
||||
{
|
||||
User user = await _dbAccess.ReadUser(refreshToken);
|
||||
if (user == null) { return new ConflictObjectResult(new { message = "Could not match refreshtoken" }); }
|
||||
return new OkObjectResult(GenerateJwtToken(user));
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Generates a hash from a salt and input using the algorithm that is provided
|
||||
/// </summary>
|
||||
|
@ -51,5 +51,11 @@ namespace Api.Controllers
|
||||
return await _userLogic.DeleteUser(userId);
|
||||
}
|
||||
|
||||
[HttpGet("RefreshToken")]
|
||||
public async Task<IActionResult> RefreshToken(string refreshToken)
|
||||
{
|
||||
return await _userLogic.RefreshToken(refreshToken);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -75,6 +75,20 @@ namespace Api.DBAccess
|
||||
return await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
|
||||
}
|
||||
|
||||
// Returns a user according to refreshToken
|
||||
public async Task<User> ReadUser(string refreshToken)
|
||||
{
|
||||
return await _context.Users.FirstOrDefaultAsync(u => u.RefreshToken == refreshToken);
|
||||
}
|
||||
|
||||
public async void UpdatesRefreshToken(string refreshToken, int userId)
|
||||
{
|
||||
var user = await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
|
||||
|
||||
user.RefreshToken = refreshToken;
|
||||
user.RefreshTokenExpiresAt = DateTime.Now.AddDays(7);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Updates the user in the database
|
||||
/// </summary>
|
||||
|
Loading…
Reference in New Issue
Block a user