Merge pull request #2 from SculptTechProject/feature/auth/refresh_logout

SculptTechProject · web-flow · commit 8f90b59dfe2b · 2025-11-15T01:45:06.000+01:00
Add refresh token support
diff --git a/Migrations/20251114234534_RefreshToken.Designer.cs b/Migrations/20251114234534_RefreshToken.Designer.cs
diff --git a/Migrations/20251114234534_RefreshToken.cs b/Migrations/20251114234534_RefreshToken.cs
@@ -0,0 +1,51 @@
+﻿using System;
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace sparkly_server.Migrations
+{
+    /// <inheritdoc />
+    public partial class RefreshToken : Migration
+    {
+        /// <inheritdoc />
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "refresh_tokens",
+                columns: table => new
+                {
+                    Id = table.Column<Guid>(type: "uuid", nullable: false),
+                    Token = table.Column<string>(type: "character varying(512)", maxLength: 512, nullable: false),
+                    UserId = table.Column<Guid>(type: "uuid", nullable: false),
+                    ExpiresAt = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
+                    CreatedAt = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
+                    RevokedAt = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
+                    RevokedByIp = table.Column<string>(type: "text", nullable: true),
+                    ReplacedByToken = table.Column<string>(type: "text", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_refresh_tokens", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_refresh_tokens_users_UserId",
+                        column: x => x.UserId,
+                        principalTable: "users",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_refresh_tokens_UserId",
+                table: "refresh_tokens",
+                column: "UserId");
+        }
+
+        /// <inheritdoc />
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "refresh_tokens");
+        }
+    }
+}
diff --git a/Migrations/AppDbContextModelSnapshot.cs b/Migrations/AppDbContextModelSnapshot.cs
@@ -22,6 +22,42 @@ protected override void BuildModel(ModelBuilder modelBuilder)
 
             NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
 
+            modelBuilder.Entity("sparkly_server.Domain.Auth.RefreshToken", b =>
+                {
+                    b.Property<Guid>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("uuid");
+
+                    b.Property<DateTime>("CreatedAt")
+                        .HasColumnType("timestamp with time zone");
+
+                    b.Property<DateTime>("ExpiresAt")
+                        .HasColumnType("timestamp with time zone");
+
+                    b.Property<string>("ReplacedByToken")
+                        .HasColumnType("text");
+
+                    b.Property<DateTime?>("RevokedAt")
+                        .HasColumnType("timestamp with time zone");
+
+                    b.Property<string>("RevokedByIp")
+                        .HasColumnType("text");
+
+                    b.Property<string>("Token")
+                        .IsRequired()
+                        .HasMaxLength(512)
+                        .HasColumnType("character varying(512)");
+
+                    b.Property<Guid>("UserId")
+                        .HasColumnType("uuid");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("refresh_tokens", (string)null);
+                });
+
             modelBuilder.Entity("sparkly_server.Domain.User", b =>
                 {
                     b.Property<Guid>("Id")
@@ -55,6 +91,22 @@ protected override void BuildModel(ModelBuilder modelBuilder)
 
                     b.ToTable("users", (string)null);
                 });
+
+            modelBuilder.Entity("sparkly_server.Domain.Auth.RefreshToken", b =>
+                {
+                    b.HasOne("sparkly_server.Domain.User", "User")
+                        .WithMany("RefreshTokens")
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+
+                    b.Navigation("User");
+                });
+
+            modelBuilder.Entity("sparkly_server.Domain.User", b =>
+                {
+                    b.Navigation("RefreshTokens");
+                });
 #pragma warning restore 612, 618
         }
     }
diff --git a/sparkly-server.sln.DotSettings.user b/sparkly-server.sln.DotSettings.user
@@ -0,0 +1,2 @@
+﻿<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003APrincipalExtensions_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003FAppData_003FRoaming_003FJetBrains_003FRider2025_002E2_003Fresharper_002Dhost_003FSourcesCache_003Fcc1ad596b4fde937674ff6c832655e53b7c6cc97b1b7a38893ad352a788057_003FPrincipalExtensions_002Ecs/@EntryIndexedValue">ForceIncluded</s:String></wpf:ResourceDictionary>
diff --git a/src/Controllers/AuthController.cs b/src/Controllers/AuthController.cs
@@ -45,5 +45,35 @@ public async Task<IActionResult> Login([FromBody] LoginRequest request, Cancella
 
             return Ok(response);
         }
+        
+        [Authorize]
+        [HttpPost("logout")]
+        public async Task<IActionResult> Logout([FromBody] LogoutRequest request, CancellationToken ct)
+        {
+            await _authService.LogoutAsync(request.RefreshToken, ct);
+            return NoContent();
+        }
+        
+        [HttpPost("refresh")]
+        [AllowAnonymous]
+        public async Task<IActionResult> Refresh(
+            [FromBody] RefreshRequest request,
+            CancellationToken ct)
+        {
+            if (string.IsNullOrWhiteSpace(request.RefreshToken))
+            {
+                return BadRequest(new { message = "Refresh token is required." });
+            }
+
+            var result = await _authService.RefreshAsync(request.RefreshToken, ct);
+
+            if (result is null)
+            {
+                return Unauthorized(new { message = "Invalid or expired refresh token." });
+            }
+
+            return Ok(result);
+        }
+
     }
 }
diff --git a/src/DTO/Auth/Auth.cs b/src/DTO/Auth/Auth.cs
@@ -3,4 +3,6 @@ namespace sparkly_server.DTO
     public record RegisterRequest(string Username, string Email, string Password);
     public record LoginRequest(string Identifier, string Password);
     public record AuthResponse(string AccessToken, string RefreshToken);
+    public record LogoutRequest(string RefreshToken);
+    public record RefreshRequest(string RefreshToken);
 }
diff --git a/src/Domain/Auth/RefreshToken.cs b/src/Domain/Auth/RefreshToken.cs
@@ -4,16 +4,37 @@ public class RefreshToken
     {
         public Guid Id { get; private set; } = Guid.NewGuid();
         public string Token { get; private set; } = default!;
+
+        public Guid UserId { get; private set; }
+        public User User { get; private set; } = null!;
+
         public DateTime ExpiresAt { get; private set; }
         public DateTime CreatedAt { get; private set; } = DateTime.UtcNow;
-        public bool Revoked { get; private set; }
 
-        public RefreshToken(string token, DateTime expiresAt)
+        public DateTime? RevokedAt { get; private set; }
+        public string? RevokedByIp { get; private set; }
+        public string? ReplacedByToken { get; private set; }
+
+        public bool IsActive =>
+            RevokedAt is null && DateTime.UtcNow <= ExpiresAt;
+
+        public RefreshToken(Guid userId, string token, DateTime expiresAt)
         {
+            UserId = userId;
             Token = token;
             ExpiresAt = expiresAt;
         }
 
-        public void Revoke() => Revoked = true;
+        public void Revoke(string? ip = null, string? replacedByToken = null)
+        {
+            if (RevokedAt is not null)
+            {
+                return; // already revoked
+            }
+
+            RevokedAt = DateTime.UtcNow;
+            RevokedByIp = ip;
+            ReplacedByToken = replacedByToken;
+        }
     }
 }
diff --git a/src/Domain/Users/User.cs b/src/Domain/Users/User.cs
@@ -9,6 +9,7 @@ public class User
         public string UserName { get; set; } = default!;
         public string PasswordHash { get; private set; } = default!;
         public string Role { get; private set; } = "User";
+        public ICollection<RefreshToken> RefreshTokens { get; set; } = new List<RefreshToken>();
         public DateTime CreatedAt { get; private set; } = DateTime.UtcNow;
 
         private User() { }
diff --git a/src/Infrastructure/AppDbContext.cs b/src/Infrastructure/AppDbContext.cs
@@ -1,11 +1,13 @@
 using Microsoft.EntityFrameworkCore;
 using sparkly_server.Domain;
+using sparkly_server.Domain.Auth;
 
 namespace sparkly_server.Infrastructure
 {
     public class AppDbContext : DbContext
     {
         public DbSet<User> Users => Set<User>();
+        public DbSet<RefreshToken> RefreshTokens { get; set; } = null!;
 
         public AppDbContext(DbContextOptions<AppDbContext> options)
             : base(options)
@@ -16,6 +18,7 @@ protected override void OnModelCreating(ModelBuilder modelBuilder)
         {
             base.OnModelCreating(modelBuilder);
 
+            // Users
             modelBuilder.Entity<User>(cfg =>
             {
                 cfg.ToTable("users");
@@ -34,6 +37,29 @@ protected override void OnModelCreating(ModelBuilder modelBuilder)
 
                 cfg.Property(u => u.PasswordHash)
                     .IsRequired();
+                
+                cfg.HasMany(u => u.RefreshTokens)
+                    .WithOne(rt => rt.User)
+                    .HasForeignKey(rt => rt.UserId)
+                    .OnDelete(DeleteBehavior.Cascade);
+            });
+            
+            // Refresh Tokens
+            modelBuilder.Entity<RefreshToken>(cfg =>
+            {
+                cfg.ToTable("refresh_tokens");
+
+                cfg.HasKey(rt => rt.Id);
+
+                cfg.Property(rt => rt.Token)
+                    .IsRequired()
+                    .HasMaxLength(512);
+
+                cfg.Property(rt => rt.CreatedAt)
+                    .IsRequired();
+
+                cfg.Property(rt => rt.ExpiresAt)
+                    .IsRequired();
             });
         }
     }
diff --git a/src/Services/Auth/AuthService.cs b/src/Services/Auth/AuthService.cs
diff --git a/src/Services/Auth/JwtProvider.cs b/src/Services/Auth/JwtProvider.cs

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">`
	`2`	`+ <s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003APrincipalExtensions_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003FAppData_003FRoaming_003FJetBrains_003FRider2025_002E2_003Fresharper_002Dhost_003FSourcesCache_003Fcc1ad596b4fde937674ff6c832655e53b7c6cc97b1b7a38893ad352a788057_003FPrincipalExtensions_002Ecs/@EntryIndexedValue">ForceIncluded</s:String></wpf:ResourceDictionary>`
Original file line number	Diff line number	Diff line change
`@@ -3,4 +3,6 @@ namespace sparkly_server.DTO`
`3`	`3`	`public record RegisterRequest(string Username, string Email, string Password);`
`4`	`4`	`public record LoginRequest(string Identifier, string Password);`
`5`	`5`	`public record AuthResponse(string AccessToken, string RefreshToken);`
	`6`	`+ public record LogoutRequest(string RefreshToken);`
	`7`	`+ public record RefreshRequest(string RefreshToken);`
`6`	`8`	`}`