From 46de83dc4277f089dcaf65ea21d52aab5f5cd9ac Mon Sep 17 00:00:00 2001
From: Jeas0001 <jeas0001@edu.mercantec.dk>
Date: Thu, 27 Mar 2025 10:17:25 +0100
Subject: [PATCH] RefreshToken is made

---
 backend/Api/BusinessLogic/UserLogic.cs    | 13 +++++++++++--
 backend/Api/Controllers/UserController.cs |  6 ++++++
 backend/Api/DBAccess/DBAccess.cs          | 14 ++++++++++++++
 3 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/backend/Api/BusinessLogic/UserLogic.cs b/backend/Api/BusinessLogic/UserLogic.cs
index ed0a11f..d8dcf13 100644
--- a/backend/Api/BusinessLogic/UserLogic.cs
+++ b/backend/Api/BusinessLogic/UserLogic.cs
@@ -49,7 +49,7 @@ namespace Api.BusinessLogic
 
             string salt = Guid.NewGuid().ToString();
             string hashedPassword = ComputeHash(user.Password, SHA256.Create(), salt);
-            
+
             user.Salt = salt;
             user.Password = hashedPassword;
 
@@ -74,7 +74,9 @@ namespace Api.BusinessLogic
             if (user.Password == hashedPassword)
             {
                 var token = GenerateJwtToken(user);
-                return new OkObjectResult(new { token, user.UserName, user.Id });
+                user.RefreshToken = Guid.NewGuid().ToString();
+                _dbAccess.UpdatesRefreshToken(user.RefreshToken, user.Id);
+                return new OkObjectResult(new { token, user.UserName, user.Id, refreshToken = user.RefreshToken });
             }
 
             return new ConflictObjectResult(new { message = "Invalid password" });
@@ -119,6 +121,13 @@ namespace Api.BusinessLogic
             return await _dbAccess.DeleteUser(userId);
         }
 
+        public async Task<IActionResult> RefreshToken(string refreshToken)
+        {
+            User user = await _dbAccess.ReadUser(refreshToken);
+            if (user == null) { return new ConflictObjectResult(new { message = "Could not match refreshtoken" }); }
+            return new OkObjectResult(GenerateJwtToken(user));
+        }
+
         /// <summary>
         /// Generates a hash from a salt and input using the algorithm that is provided
         /// </summary>
diff --git a/backend/Api/Controllers/UserController.cs b/backend/Api/Controllers/UserController.cs
index 74cbb1b..19c90d9 100644
--- a/backend/Api/Controllers/UserController.cs
+++ b/backend/Api/Controllers/UserController.cs
@@ -51,5 +51,11 @@ namespace Api.Controllers
             return await _userLogic.DeleteUser(userId);
         }
 
+        [HttpGet("RefreshToken")]
+        public async Task<IActionResult> RefreshToken(string refreshToken)
+        {
+            return await _userLogic.RefreshToken(refreshToken);
+        }
+
     }
 }
diff --git a/backend/Api/DBAccess/DBAccess.cs b/backend/Api/DBAccess/DBAccess.cs
index 3500641..012f86d 100644
--- a/backend/Api/DBAccess/DBAccess.cs
+++ b/backend/Api/DBAccess/DBAccess.cs
@@ -75,6 +75,20 @@ namespace Api.DBAccess
             return await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
         }
 
+        // Returns a user according to refreshToken
+        public async Task<User> ReadUser(string refreshToken)
+        {
+            return await _context.Users.FirstOrDefaultAsync(u => u.RefreshToken == refreshToken);
+        }
+
+        public async void UpdatesRefreshToken(string refreshToken, int userId)
+        {
+            var user = await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
+
+            user.RefreshToken = refreshToken;
+            user.RefreshTokenExpiresAt = DateTime.Now.AddDays(7);
+        }
+
         /// <summary>
         /// Updates the user in the database
         /// </summary>