jbourdon/social-media
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): handles refresh token flow correctly

Browse Source
This commit is contained in:
Jonathan Bourdon
2025-05-08 02:15:56 -04:00
parent e073ef8540
commit 41379e821e
4 changed files with 5 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/Web/DependencyInjection.cs
View File

@@ -39,11 +39,7 @@ public static class DependencyInjection
.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie("Identity.Application", options =>
{
options.LoginPath = "/api/Users/login";
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
});
var authJwt = configuration.GetSection("Authentication:Jwt");

1
backend/src/Web/Features/Users/DependencyInjection.cs
View File

@@ -30,7 +30,6 @@ public static class DependencyInjection
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddApiEndpoints()
.AddSignInManager<SignInManager<IdentityUser>>()
.AddDefaultTokenProviders();
// Singleton services

3
backend/src/Web/Features/Users/Handlers/LoginWithFacebook.cs
View File

@@ -42,7 +42,6 @@ public record LoginWithFacebookResponse(
public class LoginWithFacebookHandler(
IHttpClientFactory httpClientFactory,
IdentityUserManager userManager,
SignInManager<IdentityUser> signInManager,
IOptionsSnapshot<JwtOptions> jwtOptions)
: Endpoint<LoginWithFacebookRequest, LoginWithFacebookResponse>
{
@@ -116,8 +115,6 @@ public class LoginWithFacebookHandler(
user = generatedUser;
}
await signInManager.SignInAsync(user, isPersistent: false);
// Generate refresh token
var refreshToken = RefreshTokenGenerator.Next();

11
backend/src/Web/Features/Users/Handlers/LoginWithGoogle.cs
View File

@@ -42,7 +42,6 @@ public record LoginWithGoogleResponse(
public class LoginWithGoogleHandler(
IHttpClientFactory httpClientFactory,
IdentityUserManager userManager,
SignInManager<IdentityUser> signInManager,
IOptionsSnapshot<JwtOptions> jwtOptions)
: Endpoint<LoginWithGoogleRequest, LoginWithGoogleResponse>
{
@@ -123,16 +122,10 @@ public class LoginWithGoogleHandler(
user = generatedUser;
}
await signInManager.SignInAsync(user, isPersistent: false);
// Generate refresh token for existing users
if (user.RefreshToken == null)
{
var refreshToken = RefreshTokenGenerator.Next();
user.RefreshToken = refreshToken;
// Generate new refresh token
user.RefreshToken = RefreshTokenGenerator.Next();
user.RefreshTokenExpiryTime = DateTime.UtcNow.Add(jwtOptions.Value.RefreshTokenLifetime);
await userManager.UpdateAsync(user);
}
var accessToken = JwtTokenHelper.GenerateJwtToken(
expiresIn: jwtOptions.Value.Lifetime,