jbourdon/social-media
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): handles refresh token flow correctly

Browse Source
This commit is contained in:
Jonathan Bourdon
2025-05-08 02:15:56 -04:00
parent e073ef8540
commit 41379e821e
4 changed files with 5 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/Web/DependencyInjection.cs
View File

@@ -39,11 +39,7 @@ public static class DependencyInjection
.AddAuthentication(options => .AddAuthentication(options =>
{ {
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddCookie("Identity.Application", options =>
{
options.LoginPath = "/api/Users/login";
}); });
var authJwt = configuration.GetSection("Authentication:Jwt"); var authJwt = configuration.GetSection("Authentication:Jwt");

1
backend/src/Web/Features/Users/DependencyInjection.cs
View File

@@ -30,7 +30,6 @@ public static class DependencyInjection
.AddRoles<IdentityRole>() .AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>() .AddEntityFrameworkStores<ApplicationDbContext>()
.AddApiEndpoints() .AddApiEndpoints()
.AddSignInManager<SignInManager<IdentityUser>>()
.AddDefaultTokenProviders(); .AddDefaultTokenProviders();
// Singleton services // Singleton services

3
backend/src/Web/Features/Users/Handlers/LoginWithFacebook.cs
View File

@@ -42,7 +42,6 @@ public record LoginWithFacebookResponse(
public class LoginWithFacebookHandler( public class LoginWithFacebookHandler(
IHttpClientFactory httpClientFactory, IHttpClientFactory httpClientFactory,
IdentityUserManager userManager, IdentityUserManager userManager,
SignInManager<IdentityUser> signInManager,
IOptionsSnapshot<JwtOptions> jwtOptions) IOptionsSnapshot<JwtOptions> jwtOptions)
: Endpoint<LoginWithFacebookRequest, LoginWithFacebookResponse> : Endpoint<LoginWithFacebookRequest, LoginWithFacebookResponse>
{ {
@@ -116,8 +115,6 @@ public class LoginWithFacebookHandler(
user = generatedUser; user = generatedUser;
} }
await signInManager.SignInAsync(user, isPersistent: false);
// Generate refresh token // Generate refresh token
var refreshToken = RefreshTokenGenerator.Next(); var refreshToken = RefreshTokenGenerator.Next();

15
backend/src/Web/Features/Users/Handlers/LoginWithGoogle.cs
View File

@@ -42,7 +42,6 @@ public record LoginWithGoogleResponse(
public class LoginWithGoogleHandler( public class LoginWithGoogleHandler(
IHttpClientFactory httpClientFactory, IHttpClientFactory httpClientFactory,
IdentityUserManager userManager, IdentityUserManager userManager,
SignInManager<IdentityUser> signInManager,
IOptionsSnapshot<JwtOptions> jwtOptions) IOptionsSnapshot<JwtOptions> jwtOptions)
: Endpoint<LoginWithGoogleRequest, LoginWithGoogleResponse> : Endpoint<LoginWithGoogleRequest, LoginWithGoogleResponse>
{ {
@@ -123,16 +122,10 @@ public class LoginWithGoogleHandler(
user = generatedUser; user = generatedUser;
} }
await signInManager.SignInAsync(user, isPersistent: false); // Generate new refresh token
user.RefreshToken = RefreshTokenGenerator.Next();
// Generate refresh token for existing users user.RefreshTokenExpiryTime = DateTime.UtcNow.Add(jwtOptions.Value.RefreshTokenLifetime);
if (user.RefreshToken == null) await userManager.UpdateAsync(user);
{
var refreshToken = RefreshTokenGenerator.Next();
user.RefreshToken = refreshToken;
user.RefreshTokenExpiryTime = DateTime.UtcNow.Add(jwtOptions.Value.RefreshTokenLifetime);
await userManager.UpdateAsync(user);
}
var accessToken = JwtTokenHelper.GenerateJwtToken( var accessToken = JwtTokenHelper.GenerateJwtToken(
expiresIn: jwtOptions.Value.Lifetime, expiresIn: jwtOptions.Value.Lifetime,