Support cookie-based refresh tokens in BaseAuthController

Enhanced the `RefreshToken` method to support retrieving the
refresh token from a cookie if it is not provided in the request
body. Introduced a `useCookie` flag to determine the source of
the refresh token. If using a cookie, a new random refresh token
is generated upon response. This improves flexibility in token
handling by accommodating both cookie-based and body-based
refresh token workflows.

Author: Vadim Belov

Sources/EasyExtensions.AspNetCore.Authorization/Controllers/BaseAuthController.cs

@@ -73,7 +73,8 @@ public async Task<IActionResult> ChangePassword([FromBody] ChangePasswordRequest
         [HttpPost("refresh")]
         public async Task<IActionResult> RefreshToken([FromBody] RefreshTokenRequestDto request)
         {
-            if (string.IsNullOrWhiteSpace(request.RefreshToken))
+            bool useCookie = string.IsNullOrWhiteSpace(request.RefreshToken);
+            if (useCookie)
             {
                 if (Request.Cookies.TryGetValue("refresh_token", out string? cookieRefreshToken))
                 {
@@ -106,7 +107,7 @@ public async Task<IActionResult> RefreshToken([FromBody] RefreshTokenRequestDto
             return Ok(new TokenPairDto
             {
                 AccessToken = accessToken,
-                RefreshToken = newRefreshToken
+                RefreshToken = useCookie ? StringHelpers.CreateRandomString(64) : newRefreshToken
             });
         }