88 lines
3.1 KiB
C#
88 lines
3.1 KiB
C#
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Security.Claims;
|
|
using System.Text;
|
|
using WebAppServer1.ApplicationDbContext;
|
|
using WebAppServer1.Models;
|
|
|
|
namespace WebAppServer1.Authentication
|
|
{
|
|
public class TokenService
|
|
{
|
|
private readonly IConfiguration _config;
|
|
private readonly AppDbContext pgSql;
|
|
|
|
public TokenService(IConfiguration config, AppDbContext appDbContext)
|
|
{
|
|
_config = config;
|
|
pgSql = appDbContext;
|
|
}
|
|
|
|
public string GenerateAccessToken(string username, int userid)
|
|
{
|
|
var claims = new List<Claim>()
|
|
{
|
|
new Claim(ClaimTypes.Name, username),
|
|
//new Claim(ClaimTypes.Email, username),
|
|
new Claim(ClaimTypes.NameIdentifier, userid.ToString()),
|
|
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
|
|
};
|
|
|
|
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]!));
|
|
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
|
|
|
var token = new JwtSecurityToken(
|
|
issuer: _config["Jwt:Issuer"],
|
|
audience: _config["Jwt:Audience"],
|
|
claims: claims,
|
|
expires: DateTime.UtcNow.AddMinutes(Convert.ToDouble(_config["Jwt:AccessTokenExpirationMinutes"])),
|
|
signingCredentials: creds);
|
|
|
|
return new JwtSecurityTokenHandler().WriteToken(token);
|
|
}
|
|
|
|
public async Task<string> GenerateRefreshToken(int userid, string username)
|
|
{
|
|
var refreshToken = Guid.NewGuid().ToString("N");
|
|
var refreshTokenExpiry = DateTime.UtcNow.AddDays(Convert.ToDouble(_config["Jwt:RefreshTokenExpirationDays"]));
|
|
var tokens = new Tokens
|
|
{
|
|
UserId = userid,
|
|
UserName = username,
|
|
RefreshToken = refreshToken,
|
|
IsRevoked = false,
|
|
IssuedAt = DateTime.UtcNow,
|
|
ExpiresAt = refreshTokenExpiry,
|
|
};
|
|
pgSql.Add(tokens);
|
|
await pgSql.SaveChangesAsync();
|
|
return refreshToken;
|
|
}
|
|
|
|
public async Task<bool> ValidateRefreshToken(string refreshToken)
|
|
{
|
|
var exists = await pgSql.Tokens.AnyAsync(t => t.RefreshToken == refreshToken);
|
|
if (!exists) { return false; }
|
|
var token = await pgSql.Tokens.FirstOrDefaultAsync(t => t.RefreshToken == refreshToken);
|
|
if (token == null || token.IsRevoked ) { return false; }
|
|
if (token.ExpiresAt < DateTime.UtcNow)
|
|
{
|
|
token.IsRevoked = true;
|
|
await pgSql.SaveChangesAsync();
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public async Task RevokeRefreshToken(string refreshToken)
|
|
{
|
|
var token = await pgSql.Tokens.FirstOrDefaultAsync(t => t.RefreshToken == refreshToken);
|
|
pgSql.Tokens.Remove(token!);
|
|
await pgSql.SaveChangesAsync();
|
|
}
|
|
}
|
|
|
|
|
|
}
|