Less Logging In (#978)

* Implemented the framework for Refresh Token. Needs testing.

* Implemented Refresh Tokens. Users are issued tokens that last 7 days, just before the 7 days, the UI will request a new token to avoid having to re-authenticate.

API/Extensions/IdentityServiceExtensions.cs

@@ -1,8 +1,10 @@
-using System.Text;
+using System;
+using System.Text;
 using System.Threading.Tasks;
 using API.Constants;
 using API.Data;
 using API.Entities;
+using ExCSS;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization.Infrastructure;
 using Microsoft.AspNetCore.Identity;
@@ -26,6 +28,7 @@ namespace API.Extensions
                     opt.Password.RequireNonAlphanumeric = false;
                     opt.Password.RequiredLength = 6;
                 })
+                .AddTokenProvider<DataProtectorTokenProvider<AppUser>>(TokenOptions.DefaultProvider)
                 .AddRoles<AppRole>()
                 .AddRoleManager<RoleManager<AppRole>>()
                 .AddSignInManager<SignInManager<AppUser>>()
@@ -40,7 +43,8 @@ namespace API.Extensions
                         ValidateIssuerSigningKey = true,
                         IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config["TokenKey"])),
                         ValidateIssuer = false,
-                        ValidateAudience = false
+                        ValidateAudience = false,
+                        ValidIssuer = "Kavita"
                     };
 
                     options.Events = new JwtBearerEvents()