public void MultipleAccountTest()
{
var tAuthDb = new TestAuthDb();
IAuthDb authDb = tAuthDb;
const string user1Email = "*****@*****.**";
const string user2Email = "*****@*****.**";
const string password = "******";
var user1 = CreateUserAccountWithStandardLogin(authDb, user1Email, password);
var user2 = CreateUserAccountWithStandardLogin(authDb, user2Email, password);
Assert.IsNotNull(user1);
Assert.IsTrue(tAuthDb.SaveCalled);
ILoginManager <TestUser> loginManager = new LoginManager <TestUser, TestLogin>(authDb, DefaultSitePepper, _userNameValidator);
var res = loginManager.AttemptLogin(user1Email, password);
Assert.AreEqual(LoginResult <TestUser> .Type.success, res.ResultType, "LoginManager returned failiure.");
Assert.AreEqual(user1, res.User, "User returned from LoginManager was not correct.");
res = loginManager.AttemptLogin(user2Email, password);
Assert.AreEqual(LoginResult <TestUser> .Type.success, res.ResultType, "LoginManager returned failiure.");
Assert.AreEqual(user2, res.User);
Assert.AreEqual(user2, res.User, "User returned from LoginManager was not correct.");
}
public async Task <IActionResult> DeleteUserAccount(
[HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = "UserAccount/DeleteUserAccount")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(DeleteUserAccount) processed a request.");
try
{
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var userAccountCreateModel = JsonConvert.DeserializeObject <UserAccountCreateModel>(requestBody);
var loginManager = new LoginManager();
var loginResult = loginManager.AttemptLogin(userAccountCreateModel.EmailAddress, userAccountCreateModel.Password);
if (loginResult.Status == LoginStatus.Success)
{
var userAccountRepo = new UserAccountRepository();
userAccountRepo.DeleteUserAccount(loginResult.UserAccount.UserAccountId);
return(new OkObjectResult($"User {loginResult.UserAccount.EmailAddress}) has been deleted."));
}
else
{
// maybe change this so there's only 1 fail condition instead of having Error & Failure
return(new BadRequestObjectResult(loginResult.FailureReason));
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public void InvalidEmptySaltTest()
{
var tAuthDb = new TestAuthDb();
IAuthDb authDb = tAuthDb;
const string primaryEmail = "*****@*****.**";
const string password = "******";
var user = CreateUserAccountWithStandardLogin(authDb, primaryEmail, password);
Assert.IsNotNull(user);
Assert.IsTrue(tAuthDb.SaveCalled);
(tAuthDb.Backing[typeof(TestLogin)][0] as TestLogin).Salt = string.Empty;
var loginManager = new LoginManager <TestUser, TestLogin>(authDb, DefaultSitePepper, _userNameValidator);
var threw = false;
try
{
loginManager.AttemptLogin(primaryEmail, password);
}
catch (InvalidOperationException)
{
threw = true;
}
Assert.IsTrue(threw);
}
public async Task <IActionResult> DeleteOrganisation(
[HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = "Organisation/DeleteOrganisation")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(DeleteOrganisation) processed a request.");
try
{
// Validate JWT
var accessTokenResult = _tokenProvider.ValidateToken(req);
if (accessTokenResult.Status != AccessTokenStatus.Valid)
{
return(new UnauthorizedResult());
}
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var userAccountCreateModel = JsonConvert.DeserializeObject <UserAccountCreateModel>(requestBody);
// Validate Email/Password
var loginManager = new LoginManager();
var loginResult = loginManager.AttemptLogin(userAccountCreateModel.EmailAddress, userAccountCreateModel.Password);
if (loginResult.Status != LoginStatus.Success)
{
return(new BadRequestObjectResult(loginResult.FailureReason));
}
Guid userAccountId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "UserAccount").Value);
Guid organisationId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "Organisation").Value);
// Make sure this UserAccount is the Organisation Owner
var organisationMembershipRepository = new OrganisationMembershipRepository();
var organisationMembership = organisationMembershipRepository.GetOrganisationMembership(userAccountId, organisationId);
if (organisationMembership.UserType == UserType.OrganisationOwner)
{
var organisationRepo = new OrganisationRepository();
bool deleted = organisationRepo.DeleteOrganisation(organisationId);
return(new OkObjectResult(deleted));
}
else
{
return(new UnauthorizedResult());
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public void InvalidSitePepperLoginTest()
{
var tAuthDb = new TestAuthDb();
IAuthDb authDb = tAuthDb;
const string primaryEmail = "*****@*****.**";
const string password = "******";
var user = CreateUserAccountWithStandardLogin(authDb, primaryEmail, password);
Assert.IsNotNull(user);
Assert.IsTrue(tAuthDb.SaveCalled);
ILoginManager <TestUser> loginManager = new LoginManager <TestUser, TestLogin>(authDb, $"{DefaultSitePepper}1", _userNameValidator);
var res = loginManager.AttemptLogin(primaryEmail, password);
Assert.AreEqual(LoginResult <TestUser> .Type.failiure, res.ResultType, "LoginManager incorrectly authenticated login.");
}
public async Task <IActionResult> ChangeEmailAddress(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "UserAccount/ChangeEmailAddress")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(ChangeEmailAddress) processed a request.");
try
{
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var userAccountUpdateModel = JsonConvert.DeserializeObject <UserAccountUpdateModel>(requestBody);
var loginManager = new LoginManager();
var loginResult = loginManager.AttemptLogin(userAccountUpdateModel.EmailAddress, userAccountUpdateModel.Password);
if (loginResult.Status == LoginStatus.Success)
{
// Make sure the email address is not already in use
if (loginManager.AccountExists(userAccountUpdateModel.NewEmailAddress))
{
return(new BadRequestObjectResult("Email Address is already in use."));
}
else
{
loginResult.UserAccount.EmailAddress = userAccountUpdateModel.NewEmailAddress;
}
// Update the UserAccount with the new value
var userAccountRepo = new UserAccountRepository();
userAccountRepo.UpdateUserAccount(loginResult.UserAccount);
return(new OkObjectResult($"Email Address updated to {userAccountUpdateModel.NewEmailAddress})."));
}
else
{
// maybe change this so there's only 1 fail condition instead of having Error & Failure
return(new BadRequestObjectResult(loginResult.FailureReason));
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public void InvalidIncorrectSaltTest()
{
var tAuthDb = new TestAuthDb();
IAuthDb authDb = tAuthDb;
const string primaryEmail = "*****@*****.**";
const string password = "******";
var user = CreateUserAccountWithStandardLogin(authDb, primaryEmail, password);
Assert.IsNotNull(user);
Assert.IsTrue(tAuthDb.SaveCalled);
var login = tAuthDb.Backing[typeof(TestLogin)][0] as TestLogin;
login.Salt = $"{login.Salt}1";
ILoginManager <TestUser> loginManager = new LoginManager <TestUser, TestLogin>(authDb, DefaultSitePepper, _userNameValidator);
var res = loginManager.AttemptLogin(primaryEmail, password);
Assert.AreEqual(LoginResult <TestUser> .Type.failiure, res.ResultType, "LoginManager allowed user to login despite salt having changed");
}
