Add hashing and other security features #12
@ -57,4 +57,33 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
|||||||
RefreshToken = authTokenStruct.RefreshToken
|
RefreshToken = authTokenStruct.RefreshToken
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async Task<AuthTokenResponse> RefreshTokenAsync(TokenRequest request, string refreshToken, CancellationToken cancellation = default)
|
||||||
|
{
|
||||||
|
var authToken = await cache.GetAsync<AuthToken>(GetAuthCacheKey(request.Fingerprint), cancellation)
|
||||||
|
?? throw new SecurityException(request.Fingerprint);
|
||||||
|
|
||||||
|
if (authToken.RefreshToken != refreshToken ||
|
||||||
|
authToken.UserAgent != request.UserAgent &&
|
||||||
|
authToken.Ip != request.Ip)
|
||||||
|
{
|
||||||
|
await cache.RemoveAsync(request.Fingerprint, cancellation);
|
||||||
|
await RevokeAccessToken(authToken.AccessToken);
|
||||||
|
|
||||||
|
throw new SecurityException(request.Fingerprint);
|
||||||
|
}
|
||||||
|
|
||||||
|
var accessToken = GenerateAccessToken(authToken.UserId);
|
||||||
|
await RevokeAccessToken(authToken.AccessToken);
|
||||||
|
|
||||||
|
authToken.AccessToken = accessToken.Token;
|
||||||
|
await SetAuthTokenDataToCache(request.Fingerprint, authToken, cancellation);
|
||||||
|
|
||||||
|
return new AuthTokenResponse
|
||||||
|
{
|
||||||
|
AccessToken = accessToken.Token,
|
||||||
|
ExpiresIn = accessToken.ExpireIn,
|
||||||
|
RefreshToken = GenerateRefreshToken()
|
||||||
|
};
|
||||||
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user