Giters

jasontaylordev / NorthwindTraders

Northwind Traders is a sample application built using ASP.NET Core and Entity Framework Core.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Question] Should JWT/RefreshToken creation be on infrastructure?

lHersey opened this issue · comments

commented

Hello! I'm working on authorization/authentication and I added a custom table to the ApplicationDbContext called RefreshTokens.

I tried to create everything on the WebUI layer and had a JsonWebTokenService (At first, only to generate the JWT access token) on WebUI, there is no interface for that class, I just added it as singleton since it's only meant to be used on WebUI.

The flow was:

  1. I receive the user crendentials/social token (WebUI)
  2. Pass a command to Application (Application)
  3. Pass the command to UserManager implementation (Infrastructure)
  4. Check the ApplicationUser with the credentials.
  5. If the credentials are correct, return a UserModel (Mapped from ApplicationUser with all the user info) back to the WebUI
  6. If the credentials aren’t correct, throw an AuthenticationException from the Infrastructure layer that is handled by the CustomExceptionHandler (WebUI)
  7. Now with the UserModel on the controller, I just pass it to the JsonWebToken service that returns a JWT.

The problem is when I try to implement RefreshTokens, I added a extra table to the ApplicationDbContext and make a FK with ApplicationUser, now each time that the user wants to authenticate I need to go to the DB, check the RefreshToken and create a new one. So JWT Service (WebUI) need to connect to the Infrastructure layer (Or at least the ApplicationDbContext).

My question is, if I want to implement JWT login with refresh tokens, where everything should be? (JWT creation, UserManagerService, RefreshTokens table, etc)

I saw on WebUI there are some "Areas" with login/register page, but I'm trying to implement this on a mobile app. (Is it correct that this Areas on the WebUI call the UserManager directly from infrastructure?)

Thanks in advance!

commented

Thank you for your interest in this project. This repository has been archived and is no longer actively maintained or supported. We appreciate your understanding. Feel free to explore the codebase and adapt it to your own needs if it serves as a useful reference. If you have any further questions or concerns, please refer to the README for more information.