coderamins
diff --git a/‎src/Common/General/SiteSettings.cs
Lines changed: 1 addition & 0 deletions b/‎src/Common/General/SiteSettings.cs
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Core/Application/Users/Command/RefreshToken/RefreshTokenCommand.cs
Lines changed: 15 additions & 0 deletions b/‎src/Core/Application/Users/Command/RefreshToken/RefreshTokenCommand.cs
Lines changed: 15 additions & 0 deletions
diff --git a/‎src/Core/Application/Users/Command/RefreshToken/RefreshTokenResponse.cs
Lines changed: 14 additions & 0 deletions b/‎src/Core/Application/Users/Command/RefreshToken/RefreshTokenResponse.cs
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/Core/Domain/Entities/Users/User.cs
Lines changed: 2 additions & 0 deletions b/‎src/Core/Domain/Entities/Users/User.cs
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Infrastructure/Persistance/CommandHandlers/Users/LoginCommandHandler.cs
Lines changed: 3 additions & 1 deletion b/‎src/Infrastructure/Persistance/CommandHandlers/Users/LoginCommandHandler.cs
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/Infrastructure/Persistance/CommandHandlers/Users/RefreshTokenCommandHandler.cs
Lines changed: 51 additions & 0 deletions b/‎src/Infrastructure/Persistance/CommandHandlers/Users/RefreshTokenCommandHandler.cs
Lines changed: 51 additions & 0 deletions
diff --git a/‎src/Infrastructure/Persistance/Jwt/AccessToken.cs
Lines changed: 9 additions & 0 deletions b/‎src/Infrastructure/Persistance/Jwt/AccessToken.cs
Lines changed: 9 additions & 0 deletions
diff --git a/‎src/Infrastructure/Persistance/Jwt/IJwtService.cs
Lines changed: 1 addition & 0 deletions b/‎src/Infrastructure/Persistance/Jwt/IJwtService.cs
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Infrastructure/Persistance/Jwt/JwtService.cs
Lines changed: 41 additions & 1 deletion b/‎src/Infrastructure/Persistance/Jwt/JwtService.cs
Lines changed: 41 additions & 1 deletion
@@ -24,5 +24,6 @@ public class JwtSettings
         public string Audience { get; set; }
         public int NotBeforeMinutes { get; set; }
         public int ExpirationMinutes { get; set; }
+        public int RefreshTokenValidityInDays { get; set; }
     }
 }
@@ -0,0 +1,15 @@
+using MediatR;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace CleanTemplate.Application.Users.Command.RefreshToken
+{
+    public class RefreshTokenCommand : IRequest<RefreshTokenResponse>
+    {
+        public string RefreshToken { get; set; }
+        public string AccessToken { get; set; }
+    }
+}
@@ -0,0 +1,14 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace CleanTemplate.Application.Users.Command.RefreshToken
+{
+    public class RefreshTokenResponse
+    {
+        public string RefreshToken { get; set; }
+        public string AccessToken { get; set; }
+    }
+}
@@ -21,6 +21,8 @@ public User()
         public bool IsActive { get; set; }
 
         public DateTimeOffset? LastLoginDate { get; set; }
+        public string? RefreshToken { get; set; }
+        public DateTime? RefreshTokenExpiryTime { get; set; }
     }
 
     public enum GenderType
 
@@ -37,7 +37,9 @@ public async Task<LoginResponse> Handle(LoginCommand request, CancellationToken
                 throw new CleanArchAppException("username or password is incorrect");
 
             var jwt = await _jwtService.GenerateAsync(user);
-
+            user.RefreshToken = jwt.refresh_token;
+            user.RefreshTokenExpiryTime = DateTime.Now.AddDays(jwt.refreshToken_expiresIn);
+            await _userManager.UpdateAsync(user);
             return new LoginResponse
             {
                 accessToken = jwt.access_token,
 
@@ -0,0 +1,51 @@
+using CleanTemplate.Application.Users.Command.RefreshToken;
+using CleanTemplate.Common;
+using CleanTemplate.Domain.Entities.Users;
+using CleanTemplate.Domain.IRepositories;
+using CleanTemplate.Persistance.Jwt;
+using MediatR;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.IdentityModel.Tokens;
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.Linq;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace CleanTemplate.Persistance.CommandHandlers.Users
+{
+    public class RefreshTokenCommandHandler : IRequestHandler<RefreshTokenCommand, RefreshTokenResponse>
+    {
+        private readonly IUserRepository _userRepository;
+        private readonly IJwtService _jwtService;
+
+        public RefreshTokenCommandHandler(IUserRepository userRepository,
+                                   IJwtService jwtService)
+        {
+            _userRepository = userRepository ?? throw new ArgumentNullException(nameof(userRepository));
+            _jwtService = jwtService ?? throw new ArgumentNullException(nameof(jwtService));
+        }
+        public async Task<RefreshTokenResponse> Handle(RefreshTokenCommand request, CancellationToken cancellationToken)
+        {
+            var userId = _jwtService.ValidateJwtAccessTokenAsync(request.AccessToken);
+            if (userId == null)
+                throw new CleanArchAppException("AccessToken is not valid");
+
+            var user = await _userRepository.GetByIdAsync(cancellationToken, userId);
+            if (user.RefreshToken != request.RefreshToken)
+                throw new CleanArchAppException("RefreshToken is not valid");
+
+            var jwt = await _jwtService.GenerateAsync(user);
+            user.RefreshToken = jwt.refresh_token;
+            user.RefreshTokenExpiryTime = DateTime.Now.AddDays(jwt.refreshToken_expiresIn);
+            await _userRepository.UpdateAsync(user, cancellationToken);
+            return new RefreshTokenResponse
+            {
+                AccessToken = jwt.access_token,
+                RefreshToken = jwt.refresh_token
+            };
+        }
+    }
+}
@@ -9,12 +9,21 @@ public class AccessToken
         public string refresh_token { get; set; }
         public string token_type { get; set; }
         public int expires_in { get; set; }
+        public int refreshToken_expiresIn { get; set; }
 
         public AccessToken(JwtSecurityToken securityToken)
         {
             access_token = new JwtSecurityTokenHandler().WriteToken(securityToken);
             token_type = "Bearer";
             expires_in = (int)(securityToken.ValidTo - DateTime.UtcNow).TotalSeconds;
         }
+        public AccessToken(JwtSecurityToken securityToken,string refreshToken, int refreshTokenExpiresIn)
+        {
+            access_token = new JwtSecurityTokenHandler().WriteToken(securityToken);
+            token_type = "Bearer";
+            expires_in = (int)(securityToken.ValidTo - DateTime.UtcNow).TotalSeconds;
+            refresh_token = refreshToken;
+            refreshToken_expiresIn = refreshTokenExpiresIn;
+        }
     }
 }
@@ -6,5 +6,6 @@ namespace CleanTemplate.Persistance.Jwt
     public interface IJwtService
     {
         Task<AccessToken> GenerateAsync(User user);
+        int? ValidateJwtAccessTokenAsync(string token);
     }
 }
@@ -7,7 +7,9 @@
 using System;
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
+using System.Linq;
 using System.Security.Claims;
+using System.Security.Cryptography;
 using System.Text;
 using System.Threading.Tasks;
 
@@ -51,7 +53,38 @@ public async Task<AccessToken> GenerateAsync(User user)
 
             var securityToken = tokenHandler.CreateJwtSecurityToken(descriptor);
 
-            return new AccessToken(securityToken);
+            return new AccessToken(securityToken: securityToken,
+                refreshToken: GenerateRefreshToken(),
+                refreshTokenExpiresIn: _siteSetting.JwtSettings.RefreshTokenValidityInDays);
+        }
+
+        public int? ValidateJwtAccessTokenAsync(string token)
+        {
+            var secretKey = Encoding.UTF8.GetBytes(_siteSetting.JwtSettings.SecretKey); // longer that 16 character
+            var encryptionkey = Encoding.UTF8.GetBytes(_siteSetting.JwtSettings.EncryptKey); //must be 16 character
+
+            var tokenHandler = new JwtSecurityTokenHandler();
+            try
+            {
+                tokenHandler.ValidateToken(token, new TokenValidationParameters
+                {
+                    ValidateIssuerSigningKey = true,
+                    IssuerSigningKey = new SymmetricSecurityKey(secretKey),
+                    TokenDecryptionKey = new SymmetricSecurityKey(encryptionkey), 
+                    ValidateIssuer = false,
+                    ValidateAudience = false,
+                    // set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later)
+                    ClockSkew = TimeSpan.Zero
+                }, out SecurityToken validatedToken);
+
+                var jwtSecurityToken = (JwtSecurityToken)validatedToken;
+                var userId = int.Parse(jwtSecurityToken.Claims.First(claim => claim.Type == "nameid").Value);
+                return userId;
+            }
+            catch 
+            {
+                return null;
+            }
         }
 
         private async Task<IEnumerable<Claim>> GetClaimsAsync(User user)
@@ -69,5 +102,12 @@ private async Task<IEnumerable<Claim>> GetClaimsAsync(User user)
 
             return claims;
         }
+        private static string GenerateRefreshToken()
+        {
+            var randomNumber = new byte[64];
+            using var rng = RandomNumberGenerator.Create();
+            rng.GetBytes(randomNumber);
+            return Convert.ToBase64String(randomNumber);
+        }
     }
 }
Original file line number	Diff line number	Diff line change
`@@ -24,5 +24,6 @@ public class JwtSettings`
`24`	`24`	`public string Audience { get; set; }`
`25`	`25`	`public int NotBeforeMinutes { get; set; }`
`26`	`26`	`public int ExpirationMinutes { get; set; }`
	`27`	`+ public int RefreshTokenValidityInDays { get; set; }`
`27`	`28`	`}`
`28`	`29`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,8 @@ public User()`
`21`	`21`	`public bool IsActive { get; set; }`
`22`	`22`
`23`	`23`	`public DateTimeOffset? LastLoginDate { get; set; }`
	`24`	`+ public string? RefreshToken { get; set; }`
	`25`	`+ public DateTime? RefreshTokenExpiryTime { get; set; }`
`24`	`26`	`}`
`25`	`27`
`26`	`28`	`public enum GenderType`
Original file line number	Diff line number	Diff line change
`@@ -9,12 +9,21 @@ public class AccessToken`
`9`	`9`	`public string refresh_token { get; set; }`
`10`	`10`	`public string token_type { get; set; }`
`11`	`11`	`public int expires_in { get; set; }`
	`12`	`+ public int refreshToken_expiresIn { get; set; }`
`12`	`13`
`13`	`14`	`public AccessToken(JwtSecurityToken securityToken)`
`14`	`15`	`{`
`15`	`16`	`access_token = new JwtSecurityTokenHandler().WriteToken(securityToken);`
`16`	`17`	`token_type = "Bearer";`
`17`	`18`	`expires_in = (int)(securityToken.ValidTo - DateTime.UtcNow).TotalSeconds;`
`18`	`19`	`}`
	`20`	`+ public AccessToken(JwtSecurityToken securityToken,string refreshToken, int refreshTokenExpiresIn)`
	`21`	`+ {`
	`22`	`+ access_token = new JwtSecurityTokenHandler().WriteToken(securityToken);`
	`23`	`+ token_type = "Bearer";`
	`24`	`+ expires_in = (int)(securityToken.ValidTo - DateTime.UtcNow).TotalSeconds;`
	`25`	`+ refresh_token = refreshToken;`
	`26`	`+ refreshToken_expiresIn = refreshTokenExpiresIn;`
	`27`	`+ }`
`19`	`28`	`}`
`20`	`29`	`}`
Original file line number	Diff line number	Diff line change
`@@ -6,5 +6,6 @@ namespace CleanTemplate.Persistance.Jwt`
`6`	`6`	`public interface IJwtService`
`7`	`7`	`{`
`8`	`8`	`Task<AccessToken> GenerateAsync(User user);`
	`9`	`+ int? ValidateJwtAccessTokenAsync(string token);`
`9`	`10`	`}`
`10`	`11`	`}`