ProFile-org · ChienNQuang · May 27, 2023 · May 26, 2023 · May 27, 2023 · May 27, 2023
diff --git a/src/Api/Controllers/AuthController.cs b/src/Api/Controllers/AuthController.cs
@@ -1,4 +1,5 @@
 using System.IdentityModel.Tokens.Jwt;
+using System.Security.Authentication;
 using Api.Controllers.Payload.Requests;
 using Api.Controllers.Payload.Responses;
 using Application.Common.Interfaces;
@@ -67,12 +68,21 @@ public async Task<IActionResult> Refresh()
     {
         var refreshToken = Request.Cookies[nameof(RefreshToken)];
         var jweToken = Request.Cookies["JweToken"];
-
-        var authResult = await _identityService.RefreshTokenAsync(jweToken!, refreshToken!);
-
-        SetRefreshToken(authResult.RefreshToken);
-        SetJweToken(authResult.Token, authResult.RefreshToken);
-
+
+        try
+        {
+            var authResult = await _identityService.RefreshTokenAsync(jweToken!, refreshToken!);
+
+            SetRefreshToken(authResult.RefreshToken);
+            SetJweToken(authResult.Token, authResult.RefreshToken);
+        }
+        catch (AuthenticationException)
+        {
+            RemoveJweToken();
+            RemoveRefreshToken();
+            throw;
+        }
+
         return Ok();
     }
 

diff --git a/src/Infrastructure/Identity/IdentityService.cs b/src/Infrastructure/Identity/IdentityService.cs
@@ -1,6 +1,7 @@
 using System.Data;
 using System.Globalization;
 using System.IdentityModel.Tokens.Jwt;
+using System.Reflection.Metadata.Ecma335;
 using System.Security.Authentication;
 using System.Security.Claims;
 using System.Security.Cryptography;
@@ -149,19 +150,9 @@ public async Task<AuthenticationResult> RefreshTokenAsync(string token, string r
             throw new AuthenticationException("This refresh token does not match this Jwt.");
         }
 
-        var jweToken = CreateJweToken(user);
+        var result = await GenerateAuthenticationResultForUserAsync(user);
 
-        storedRefreshToken.JwtId = jweToken.Id;
-        storedRefreshToken.ExpiryDateTime =
-            LocalDateTime.FromDateTime(DateTime.UtcNow.AddDays(_jweSettings.RefreshTokenLifetimeInDays));
-        _context.RefreshTokens.Update(storedRefreshToken);
-        await _context.SaveChangesAsync();
-
-        return new AuthenticationResult()
-        {
-            Token = jweToken,
-            RefreshToken = _mapper.Map<RefreshTokenDto>(storedRefreshToken)
-        };
+        return result;
     }
 
     private ClaimsPrincipal? GetPrincipalFromToken(string token)