From c5cbf1b7f4b96c83b2d3e1f23a153b8eb2dac431 Mon Sep 17 00:00:00 2001
From: "Abdelsamad, Mouaz R (UG - Comp Sci & Elec Eng)" <ma03081@surrey.ac.uk>
Date: Sun, 28 Apr 2024 22:30:43 +0000
Subject: [PATCH] Fix Automatic Re-Authentication

---
 UserMicroservice/Controllers/UserController.cs | 13 +++++--------
 UserMicroservice/Services/AuthService.cs       |  6 ++++++
 UserMicroservice/Services/IAuthService.cs      |  3 +--
 3 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/UserMicroservice/Controllers/UserController.cs b/UserMicroservice/Controllers/UserController.cs
index 27706ab..c1a9d51 100644
--- a/UserMicroservice/Controllers/UserController.cs
+++ b/UserMicroservice/Controllers/UserController.cs
@@ -52,18 +52,15 @@ namespace UserMicroservice.Controllers
             if (!_authService.ValidateRefreshToken(refreshToken))
                 return Unauthorized("Invalid or expired refresh token.");
 
-            string? userIdString = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value;
-            if(userIdString == null)
-                return BadRequest();
-
-            if (!int.TryParse(userIdString, out int userId))
-                return BadRequest("User ID is invalid.");
+            int? userId = _authService.GetUserId(refreshToken);
+            if (!userId.HasValue)
+                return BadRequest("Could not get User ID from refresh token");
 
-            User? user = _userService.GetUser(userId);
+            User? user = _userService.GetUser(userId.Value);
             if(user == null)
               return Unauthorized();
 
-            setAuthCookies(userId);
+            setAuthCookies(user.Id);
             return Ok(new { user.Id, user.Username, user.Email, user.Type });
         }
 
diff --git a/UserMicroservice/Services/AuthService.cs b/UserMicroservice/Services/AuthService.cs
index 36f144c..d5e1d0e 100644
--- a/UserMicroservice/Services/AuthService.cs
+++ b/UserMicroservice/Services/AuthService.cs
@@ -28,6 +28,12 @@ namespace UserMicroservice.Services
             return new AuthTokenPair(accessToken, refreshToken);
         }
 
+        public int? GetUserId(string refreshToken) 
+        {
+            RefreshToken? token = _context.RefreshTokens.SingleOrDefault(t => t.Token == refreshToken);
+            return token?.UserId;
+        }
+
         private string GenerateAccessToken(int userId)
         {
             string? configuredKey = _configuration["Jwt:Key"];
diff --git a/UserMicroservice/Services/IAuthService.cs b/UserMicroservice/Services/IAuthService.cs
index 26bff1f..8fb59de 100644
--- a/UserMicroservice/Services/IAuthService.cs
+++ b/UserMicroservice/Services/IAuthService.cs
@@ -5,9 +5,8 @@ namespace UserMicroservice.Services
     public interface IAuthService
     {
         AuthTokenPair AuthenticateUser(int userId);
-
         void RevokeRefreshToken(string token);
-
         bool ValidateRefreshToken(string token);
+        int? GetUserId(string refreshToken);
     }
 }
-- 
GitLab