public async Task <IActionResult> Login(UserForLogInDto userForLoGInDto)
{
var userFromRepo = await _repo.LogIn(userForLoGInDto.UserName, userForLoGInDto.Password);
if (userFromRepo == null)
{
return(BadRequest(BadRequstErrors.UserPasswordIncorrect));
}
var claims = new []
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Name)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSetting:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var user = _mapper.Map <UserForListDto>(userFromRepo);
return(Ok(
new
{
token = tokenHandler.WriteToken(token),
user
}
));
}
public async Task <IActionResult> LogIn(UserForLogInDto userForLogInDto)
{
var user = await _authRepository.LogIn(userForLogInDto.UserName.ToLower(), userForLogInDto.Password);
if (user == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value));
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDecriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = cred
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDecriptor);
return(Ok(new { token = tokenHandler.WriteToken(token) }));
}
public async Task <IActionResult> Login(UserForLogInDto user)
{
try
{
User detailedUser = await _repository.LogIn(user);
ClaimsIdentity identity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, detailedUser.FirstName),
new Claim(ClaimTypes.Surname, detailedUser.LastName),
new Claim(ClaimTypes.Email, detailedUser.Email),
new Claim(ClaimTypes.NameIdentifier, detailedUser.Id.ToString()),
new Claim(ClaimTypes.Sid, await _repository.GenerateTokenAsync(user.Email, detailedUser.Id.ToString()))
}, CookieAuthenticationDefaults.AuthenticationScheme);
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);
return(RedirectToAction("Index", "Home"));
}
catch (ArgumentException exception)
{
return(View("Login", new UserForLogInDto()
{
AreCredentialsCorrect = false
}
));
}
}
/// <summary>
/// Checks if credentials of the user are correct and already exist in the database.
/// </summary>
/// <param name="email">Email address of the user.</param>
/// <param name="password">Password of the user in plain text.</param>
/// <returns>Instance of class <see cref="User"/> corresponding to both email address and password.</returns>
public async Task <User> LogIn(UserForLogInDto userToLogIn)
{
var user = await _dataContext.Users.FirstOrDefaultAsync <User>(x => string.Equals(x.Email, userToLogIn.Email));
if (user == null || !BCrypt.Net.BCrypt.Verify(userToLogIn.Password, user.Password))
{
throw new ArgumentException("Invalid email or password.");
}
return(user);
}
public void Login_TryLoginUserWithShortPassword_ErrorMessageReturned()
{
var user = new UserForLogInDto {
Email = " ", Password = "******"
};
var requiredAttribute = new RequiredAttribute();
var stringLengthAttribute = new StringLengthAttribute(maximumLength: 20)
{
MinimumLength = 5,
ErrorMessage = "Password must be between 5 and 20 characters."
};
var requiredEmailResult = requiredAttribute.IsValid(user.Email);
var requiredPasswordResult = requiredAttribute.IsValid(user.Password);
var minLengthResult = stringLengthAttribute.IsValid(user.Password);
Assert.IsTrue(requiredEmailResult == false);
Assert.IsTrue(minLengthResult == false);
Assert.IsTrue(requiredPasswordResult == true);
}
public async Task <IActionResult> LogIn([FromBody] UserForLogInDto userDto)
{
var result = await repo.LogIn(userDto.Username.ToLower(), userDto.Password);
if (result == LogInResult.NONE)
{
return(Unauthorized());
}
var tokenHandler = new JwtSecurityTokenHandler();
string tokenString = "";
if (result == LogInResult.ADMIN)
{
var admin = await repo.GetAdmin(userDto.Username.ToLower());
var token = MakeToken(admin.Id, admin.Username, admin.Role);
tokenString = tokenHandler.WriteToken(token);
var user = mapper.Map <UserToReturnDto>(admin);
return(Ok(new { tokenString, user }));
}
else if (result == LogInResult.HOST)
{
var host = await repo.GetHost(userDto.Username.ToLower());
var token = MakeToken(host.Id, host.Username, host.Role);
tokenString = tokenHandler.WriteToken(token);
var user = mapper.Map <UserToReturnDto>(host);
return(Ok(new { tokenString, user }));
}
else
{
var guest = await repo.GetGuest(userDto.Username.ToLower());
var token = MakeToken(guest.Id, guest.Username, guest.Role);
tokenString = tokenHandler.WriteToken(token);
var user = mapper.Map <UserToReturnDto>(guest);
return(Ok(new { tokenString, user }));
}
}
public async Task <IActionResult> Login(UserForLogInDto userForLogInDto)
{
var loadedUser = await _userManager.FindByNameAsync(userForLogInDto.Username);
var result = await _signInMangager.CheckPasswordSignInAsync(loadedUser, userForLogInDto.Password, false);
if (result.Succeeded)
{
var appUser = await _userManager.Users.Include(p => p.Photos)
.FirstOrDefaultAsync(u => u.NormalizedUserName == userForLogInDto.Username.ToUpper());
var userToReturn = _mapper.Map <UserForListDto>(appUser);
return(Ok(new
{
token = GenerateJwtToken(appUser).Result,
user = userToReturn
}));
}
return(Unauthorized());
}
public void Login_WrongEmailOrPassword_ExceptionThrown()
{
var user = new UserForLogInDto {
Email = " ", Password = "******"
};
var authorizationServiceMock = new Mock <IAuthRepository>();
var configureMock = new Mock <IConfiguration>();
authorizationServiceMock.Setup(x => x.LogIn(It.IsAny <UserForLogInDto>()))
.Throws(new ArgumentException());
var authorizationController = new UsersController(authorizationServiceMock.Object, configureMock.Object);
var task = authorizationController.Login(user);
task.Wait();
var result = (ViewResult)task.Result;
Assert.AreEqual(result.ViewName, "Login");
Assert.IsTrue(result.Model is UserForLogInDto userForLogIn && userForLogIn.AreCredentialsCorrect == false);
authorizationServiceMock.VerifyAll();
}
public void Login_CorrectCredentials_SuccessfulLogin()
{
var userForLogIn = new UserForLogInDto {
Email = "*****@*****.**", Password = "******"
};
var user = new User
{
Email = userForLogIn.Email,
Password = userForLogIn.Password,
FirstName = "PEsho",
LastName = "Peshov",
Id = Guid.NewGuid()
};
var urlMock = new Mock <IUrlHelper>();
var authServiceMock = new Mock <IAuthenticationService>();
authServiceMock
.Setup(_ => _.SignInAsync(It.IsAny <HttpContext>(), It.IsAny <string>(), It.IsAny <ClaimsPrincipal>(), It.IsAny <AuthenticationProperties>()))
.Returns(Task.FromResult((object)null));
var serviceProviderMock = new Mock <IServiceProvider>();
serviceProviderMock
.Setup(_ => _.GetService(typeof(IAuthenticationService)))
.Returns(authServiceMock.Object);
var authorizationServiceMock = new Mock <IAuthRepository>();
var configureMock = new Mock <IConfiguration>();
authorizationServiceMock.Setup(x => x.LogIn(It.IsAny <UserForLogInDto>()))
.Returns(Task.Run(() => user));
authorizationServiceMock.Setup(x => x.GenerateTokenAsync(user.Email, user.Id.ToString()))
.Returns(Task.Run(() => "alabala"));
var authorizationController = new UsersController(authorizationServiceMock.Object, configureMock.Object)
{
ControllerContext = new ControllerContext
{
HttpContext = new DefaultHttpContext
{
// How mock RequestServices?
RequestServices = serviceProviderMock.Object
}
},
Url = urlMock.Object
};
var task = authorizationController.Login(userForLogIn);
task.Wait();
var result = (RedirectToActionResult)task.Result;
Assert.AreEqual(result.ActionName, "Index");
Assert.AreEqual(result.ControllerName, "Home");
authorizationServiceMock.VerifyAll();
authServiceMock.VerifyAll();
serviceProviderMock.VerifyAll();
}
