logout possibility BE

Diligent.WebAPI.Business/Services/Interfaces/IUserService.cs

@@ -15,5 +15,7 @@
         Task<RefreshToken?> GetRefreshTokenByUserId(int userId);
 
         Task UpdateRefreshToken(RefreshToken refreshToken);
+
+        Task<ServiceResponseDTO<string>> DeleteRefreshToken(int userId);
     }
 }

Diligent.WebAPI.Business/Services/UserService.cs

@@ -123,7 +123,7 @@ namespace Diligent.WebAPI.Business.Services
                 ExpiryDate = DateTime.UtcNow.AddMinutes(_authSettings.JwtRefreshExpiredTime)
             };
 
-            var existRefreshToken = await _databaseContext.RefreshTokens.Where(x => x.Id == user.Id).FirstOrDefaultAsync();
+            var existRefreshToken = await _databaseContext.RefreshTokens.Where(x => x.UserId == user.Id).FirstOrDefaultAsync();
 
             if(existRefreshToken != null)
             {
@@ -138,7 +138,7 @@ namespace Diligent.WebAPI.Business.Services
                     existRefreshToken.Invalidated = false;
                 }
 
-                //_databaseContext.RefreshTokens.Update(existRefreshToken);
+                _databaseContext.RefreshTokens.Update(existRefreshToken);
                 await UpdateRefreshToken(existRefreshToken);
             }
             else
@@ -183,8 +183,6 @@ namespace Diligent.WebAPI.Business.Services
 
             if (expiryDateTimeUtc < DateTime.UtcNow)
             {
-                storedRefreshToken.ExpiryDate = DateTime.UtcNow.AddMinutes(_authSettings.JwtRefreshExpiredTime);
-                await _databaseContext.SaveChangesAsync();
                 return new RefreshTokenResultDto
                 {
                     Data = new AuthenticateResponseDto
@@ -236,6 +234,34 @@ namespace Diligent.WebAPI.Business.Services
             };
         }
 
+        public async Task<ServiceResponseDTO<string>> DeleteRefreshToken(int userId)
+        {
+            var refreshToken = await _databaseContext.RefreshTokens.Where(r => r.UserId == userId).FirstOrDefaultAsync();
+
+            if (refreshToken is null)
+                return new ServiceResponseDTO<string>
+                {
+                    IsError = true,
+                    ErrorMessage = "There is no refresh token for user"
+                };
+
+            _databaseContext.RefreshTokens.Remove(refreshToken);
+
+            var result = await _databaseContext.SaveChangesAsync() > 0;
+
+            if (!result)
+                return new ServiceResponseDTO<string>
+                {
+                    IsError = true,
+                    ErrorMessage = "Problem with saving changes into database"
+                };
+
+            return new ServiceResponseDTO<string>
+            {
+                Data = null
+            };
+        }
+
         private ClaimsPrincipal? GetPrincipalFromToken(string token)
         {
             var tokenHandler = new JwtSecurityTokenHandler();

Diligent.WebAPI.Host/Controllers/V1/UsersController.cs

@@ -50,5 +50,18 @@
 
             return Ok(response);
         }
+
+        [HttpPost("logout")]
+        public async Task<IActionResult> Logout(int userId)
+        {
+            var response = await _userService.DeleteRefreshToken(userId);
+
+            if (response.IsError)
+            {
+                return BadRequest(new { message = response.ErrorMessage });
+            }
+
+            return Ok();
+        }
     }
 }