public async Task <IAuthToken> SignIn(string email, string password, int businessCode)
{
var identity = await _identityRepository.GetByEmail(email);
if (identity is null || identity.Role == Roles.SystemAdmin)
{
_logger.LogWarning($"No user found with email: {email} attempting to log into greeting system.");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
if (!await _businessRepository.IsCodeValidAsync(businessCode))
{
_logger.LogInformation($"No business found with code {businessCode}.");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
if (!_passwordManager.IsPasswordCorrect(password, identity.Hash, identity.Salt))
{
_logger.LogWarning($"Incorrect password for: {email}");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
var jwt = _jwtManager.CreateToken(Guid.NewGuid(), identity.Email, Roles.Greeting, identity.BusinessId);
//var refresh = await _tokenService.CreateRefreshToken(id)
//TODO: Add a mechanism to store more that just email here unique id needs to be stored instead.
return(AuthToken.Create(jwt, ""));
}
public async Task <IAuthToken> SignIn(string email, string password, string role)
{
var identity = await _identityRepository.GetByEmailAndRole(email, role);
if (identity is null)
{
_logger.LogWarning($"No user found with email: {email} role: {role}");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
if (!_passwordManager.IsPasswordCorrect(password, identity.Hash, identity.Salt))
{
_logger.LogWarning($"Incorrect password for: {email}");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
var jwt = _jwtManager.CreateToken(identity.Id, identity.Email, identity.Role);
var refreshToken = await _tokenService.CreateRefreshToken(identity.Email);
_logger.LogInformation($"User issued token email: {email}");
return(AuthToken.Create(jwt, refreshToken));
}
public async Task <IAuthToken> SignIn(string email, string password)
{
var identity = await _identityRepository.GetByEmail(email);
if (identity is null || identity.Role == Roles.SystemAdmin)
{
_logger.LogWarning($"No user found with email: {email}.");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
if (!_passwordManager.IsPasswordCorrect(password, identity.Hash, identity.Salt))
{
_logger.LogWarning($"Incorrect password for: {email}");
throw new VmsException(Codes.InvalidCredentials, "The credentials provided where incorrect.");
}
if (identity.BusinessId == Guid.Empty)
{
throw new VmsException("No business ID found on sign in.", "");
}
var jwt = _jwtManager.CreateToken(identity.Id, identity.Email, identity.Role, identity.BusinessId);
var refreshToken = await _tokenService.CreateRefreshToken(identity.Email);
_logger.LogInformation($"User issued token email: {email}");
return(AuthToken.Create(jwt, refreshToken));
}
/// <inheritdoc />
public async Task <UserModel> GetAsync(string username, string password)
{
var user = await _userRepository.GetByUsernameAsync(username);
if (user == null)
{
throw new InvalidCredentialsException();
}
var isPasswordCorrect = _passwordManager.IsPasswordCorrect(password, user.PasswordHash, user.Salt);
return(isPasswordCorrect ? user : throw new InvalidCredentialsException());
}
public void GetAsync_Should_Throw_InvalidCredentialsException_If_Password_Incorrect(string username, string password, UserModel userModel)
{
_userRepository.GetByUsernameAsync(username).Returns(userModel);
_passwordManager.IsPasswordCorrect(password, userModel.PasswordHash, userModel.Salt).Returns(false);
Assert.ThrowsAsync <InvalidCredentialsException>(async() => await _userServiceInstance.GetAsync(username, password));
}