public async Task <AuthenticateUserMediatorCommandResponse> Handle(AuthenticateUserMediatorCommand request, CancellationToken cancellationToken)
{
var readUser = await _readUserRepository.LoadUserByUserNameAsync(request.UserName, cancellationToken);
if (readUser == null)
{
throw new KeyNotFoundException($"User with username {request.UserName} was not found.");
}
var user = await _userRepository.LoadUserAsync(readUser.AggregateRootId, cancellationToken);
//Check if the password entered by the user is the same as what is stored in our database
var scope = _mediatorFactory.CreateScope();
var passwordResult = await scope.SendAsync(ValidateHashedPasswordMediatorQuery.CreateQuery(
request.Password,
user.Password.HashedPassword,
user.Password.Salt),
cancellationToken);
if (!passwordResult.IsValid)
{
throw new InvalidCredentialException($"User with username {request.UserName} entered an invalid password");
}
var jwtToken = await _securityService.GenerateJsonWebTokenAsync(user, cancellationToken);
return(AuthenticateUserMediatorCommandResponse.CreateResponse(readUser.AggregateRootId, jwtToken));
}
public async Task Given_A_Hashed_Password_Validation__Fail()
{
// Arrange
var hashedPassword = "******";
var salt = "salt";
var password = "******";
A.CallTo(() => _securityService.GenerateHashedPassword(password, salt)).Returns(Task.FromResult("anotherhash"));
// Act
var result = await _sut.Handle(ValidateHashedPasswordMediatorQuery.CreateQuery(password, hashedPassword, salt), default);
// Assert
Assert.AreEqual(false, result.IsValid);
}
