public async Task <IActionResult> Login(UserForLogInDto userForLoGInDto) { var userFromRepo = await _repo.LogIn(userForLoGInDto.UserName, userForLoGInDto.Password); if (userFromRepo == null) { return(BadRequest(BadRequstErrors.UserPasswordIncorrect)); } var claims = new [] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Name) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSetting:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForListDto>(userFromRepo); return(Ok( new { token = tokenHandler.WriteToken(token), user } )); }
public async Task <IActionResult> LogIn(UserForLogInDto userForLogInDto) { var user = await _authRepository.LogIn(userForLogInDto.UserName.ToLower(), userForLogInDto.Password); if (user == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDecriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = cred }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDecriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Login(UserForLogInDto user) { try { User detailedUser = await _repository.LogIn(user); ClaimsIdentity identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, detailedUser.FirstName), new Claim(ClaimTypes.Surname, detailedUser.LastName), new Claim(ClaimTypes.Email, detailedUser.Email), new Claim(ClaimTypes.NameIdentifier, detailedUser.Id.ToString()), new Claim(ClaimTypes.Sid, await _repository.GenerateTokenAsync(user.Email, detailedUser.Id.ToString())) }, CookieAuthenticationDefaults.AuthenticationScheme); var principal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); return(RedirectToAction("Index", "Home")); } catch (ArgumentException exception) { return(View("Login", new UserForLogInDto() { AreCredentialsCorrect = false } )); } }
/// <summary> /// Checks if credentials of the user are correct and already exist in the database. /// </summary> /// <param name="email">Email address of the user.</param> /// <param name="password">Password of the user in plain text.</param> /// <returns>Instance of class <see cref="User"/> corresponding to both email address and password.</returns> public async Task <User> LogIn(UserForLogInDto userToLogIn) { var user = await _dataContext.Users.FirstOrDefaultAsync <User>(x => string.Equals(x.Email, userToLogIn.Email)); if (user == null || !BCrypt.Net.BCrypt.Verify(userToLogIn.Password, user.Password)) { throw new ArgumentException("Invalid email or password."); } return(user); }
public void Login_TryLoginUserWithShortPassword_ErrorMessageReturned() { var user = new UserForLogInDto { Email = " ", Password = "******" }; var requiredAttribute = new RequiredAttribute(); var stringLengthAttribute = new StringLengthAttribute(maximumLength: 20) { MinimumLength = 5, ErrorMessage = "Password must be between 5 and 20 characters." }; var requiredEmailResult = requiredAttribute.IsValid(user.Email); var requiredPasswordResult = requiredAttribute.IsValid(user.Password); var minLengthResult = stringLengthAttribute.IsValid(user.Password); Assert.IsTrue(requiredEmailResult == false); Assert.IsTrue(minLengthResult == false); Assert.IsTrue(requiredPasswordResult == true); }
public async Task <IActionResult> LogIn([FromBody] UserForLogInDto userDto) { var result = await repo.LogIn(userDto.Username.ToLower(), userDto.Password); if (result == LogInResult.NONE) { return(Unauthorized()); } var tokenHandler = new JwtSecurityTokenHandler(); string tokenString = ""; if (result == LogInResult.ADMIN) { var admin = await repo.GetAdmin(userDto.Username.ToLower()); var token = MakeToken(admin.Id, admin.Username, admin.Role); tokenString = tokenHandler.WriteToken(token); var user = mapper.Map <UserToReturnDto>(admin); return(Ok(new { tokenString, user })); } else if (result == LogInResult.HOST) { var host = await repo.GetHost(userDto.Username.ToLower()); var token = MakeToken(host.Id, host.Username, host.Role); tokenString = tokenHandler.WriteToken(token); var user = mapper.Map <UserToReturnDto>(host); return(Ok(new { tokenString, user })); } else { var guest = await repo.GetGuest(userDto.Username.ToLower()); var token = MakeToken(guest.Id, guest.Username, guest.Role); tokenString = tokenHandler.WriteToken(token); var user = mapper.Map <UserToReturnDto>(guest); return(Ok(new { tokenString, user })); } }
public async Task <IActionResult> Login(UserForLogInDto userForLogInDto) { var loadedUser = await _userManager.FindByNameAsync(userForLogInDto.Username); var result = await _signInMangager.CheckPasswordSignInAsync(loadedUser, userForLogInDto.Password, false); if (result.Succeeded) { var appUser = await _userManager.Users.Include(p => p.Photos) .FirstOrDefaultAsync(u => u.NormalizedUserName == userForLogInDto.Username.ToUpper()); var userToReturn = _mapper.Map <UserForListDto>(appUser); return(Ok(new { token = GenerateJwtToken(appUser).Result, user = userToReturn })); } return(Unauthorized()); }
public void Login_WrongEmailOrPassword_ExceptionThrown() { var user = new UserForLogInDto { Email = " ", Password = "******" }; var authorizationServiceMock = new Mock <IAuthRepository>(); var configureMock = new Mock <IConfiguration>(); authorizationServiceMock.Setup(x => x.LogIn(It.IsAny <UserForLogInDto>())) .Throws(new ArgumentException()); var authorizationController = new UsersController(authorizationServiceMock.Object, configureMock.Object); var task = authorizationController.Login(user); task.Wait(); var result = (ViewResult)task.Result; Assert.AreEqual(result.ViewName, "Login"); Assert.IsTrue(result.Model is UserForLogInDto userForLogIn && userForLogIn.AreCredentialsCorrect == false); authorizationServiceMock.VerifyAll(); }
public void Login_CorrectCredentials_SuccessfulLogin() { var userForLogIn = new UserForLogInDto { Email = "*****@*****.**", Password = "******" }; var user = new User { Email = userForLogIn.Email, Password = userForLogIn.Password, FirstName = "PEsho", LastName = "Peshov", Id = Guid.NewGuid() }; var urlMock = new Mock <IUrlHelper>(); var authServiceMock = new Mock <IAuthenticationService>(); authServiceMock .Setup(_ => _.SignInAsync(It.IsAny <HttpContext>(), It.IsAny <string>(), It.IsAny <ClaimsPrincipal>(), It.IsAny <AuthenticationProperties>())) .Returns(Task.FromResult((object)null)); var serviceProviderMock = new Mock <IServiceProvider>(); serviceProviderMock .Setup(_ => _.GetService(typeof(IAuthenticationService))) .Returns(authServiceMock.Object); var authorizationServiceMock = new Mock <IAuthRepository>(); var configureMock = new Mock <IConfiguration>(); authorizationServiceMock.Setup(x => x.LogIn(It.IsAny <UserForLogInDto>())) .Returns(Task.Run(() => user)); authorizationServiceMock.Setup(x => x.GenerateTokenAsync(user.Email, user.Id.ToString())) .Returns(Task.Run(() => "alabala")); var authorizationController = new UsersController(authorizationServiceMock.Object, configureMock.Object) { ControllerContext = new ControllerContext { HttpContext = new DefaultHttpContext { // How mock RequestServices? RequestServices = serviceProviderMock.Object } }, Url = urlMock.Object }; var task = authorizationController.Login(userForLogIn); task.Wait(); var result = (RedirectToActionResult)task.Result; Assert.AreEqual(result.ActionName, "Index"); Assert.AreEqual(result.ControllerName, "Home"); authorizationServiceMock.VerifyAll(); authServiceMock.VerifyAll(); serviceProviderMock.VerifyAll(); }