public void TestRegisterUser_UsernameIsNull_ShouldReturnBadRequest()
        {
            var testUser = new UserDto
            {
                Username = null,
                DisplayName = "Michael Suyama",
                AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
            };

            var response = httpServer.Post("api/users/register", testUser);
            Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
        }
        public HttpResponseMessage LoginUser(UserDto value)
        {
            BloggingSystemContext context = null;

            try
            {
                context = new BloggingSystemContext();

                this.ValidateUserIdentifier(
                    value.Username,
                    "Username",
                    MinUsernameLength,
                    MaxUsernameLength,
                    ValidUsernameCharacters);
                this.ValidateAuthCode(value.AuthCode);

                var user = context.Users.FirstOrDefault(
                    u => u.Username == value.Username &&
                        u.AuthCode == value.AuthCode);

                if (user == null)
                {
                    throw new InvalidOperationException("Invalid username or password.");
                }

                if (user.SessionKey == null || user.SessionKey.Length != SessionKeyLength)
                {
                    user.SessionKey = this.GenerateSessionKey(user.Id);
                    context.SaveChanges();
                }

                var loggedUserDto = new LoggedUserDto()
                {
                    DisplayName = user.DisplayName,
                    SessionKey = user.SessionKey
                };

                var response = Request.CreateResponse(HttpStatusCode.Accepted, loggedUserDto);
                return response;
            }
            catch (Exception ex)
            {
                var errorResponse = Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message);
                throw new HttpResponseException(errorResponse);
            }
            finally
            {
                if (context != null)
                {
                    context.Dispose();
                }
            }
        }
        public HttpResponseMessage RegisterUser(UserDto value)
        {
            BloggingSystemContext context = null;

            try
            {
                context = new BloggingSystemContext();

                this.ValidateUserIdentifier(
                    value.Username,
                    "Username",
                    MinUsernameLength,
                    MaxUsernameLength,
                    ValidUsernameCharacters);

                this.ValidateUserIdentifier(
                    value.DisplayName,
                    "Display name",
                    MinDisplayNameLength,
                    MaxDisplayNameLength,
                    ValidDisplayNameCharacters);

                this.ValidateAuthCode(value.AuthCode);

                var user = context.Users.FirstOrDefault(
                    u => u.Username == value.Username ||
                        u.DisplayName == value.DisplayName);

                if (user != null)
                {
                    throw new InvalidOperationException("User already exists.");
                }

                user = new User()
                {
                    Username = value.Username,
                    DisplayName = value.DisplayName,
                    AuthCode = value.AuthCode
                };

                context.Users.Add(user);
                context.SaveChanges();

                user.SessionKey = this.GenerateSessionKey(user.Id);
                context.SaveChanges();

                var loggedUserDto = new LoggedUserDto()
                {
                    DisplayName = user.DisplayName,
                    SessionKey = user.SessionKey
                };

                var response = Request.CreateResponse(HttpStatusCode.Created, loggedUserDto);
                return response;
            }
            catch (Exception ex)
            {
                var errorResponse = Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message);
                throw new HttpResponseException(errorResponse);
            }
            finally
            {
                if (context != null)
                {
                    context.Dispose();
                }
            }
        }
        public void TestCreateValidPost_ShouldReturnOK()
        {
            var testPost = new CreatePostDto
            {
                Title = "NEW POST",
                Text = "this is just a test post",
                Tags = new string[] { "post" }
            };

            var testUser = new UserDto
            {
                Username = "******",
                DisplayName = "Peter Petroff",
                AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
            };

            var response = httpServer.Post("api/users/register", testUser);

            string contentString = response.Content.ReadAsStringAsync().Result;
            var loggedUser = JsonConvert.DeserializeObject<LoggedUserDto>(contentString);

            var headers = new Dictionary<string, string>();
            headers["X-SessionKey"] = loggedUser.SessionKey;

            var createPostResponse = httpServer.Post("api/posts", testPost, headers);

            string resultString = createPostResponse.Content.ReadAsStringAsync().Result;
            var createdPost = JsonConvert.DeserializeObject<CreatePostDto>(resultString);

            Assert.AreEqual(HttpStatusCode.Created, createPostResponse.StatusCode);
            Assert.AreEqual(testPost.Title, createdPost.Title);
            Assert.AreEqual(testPost.Text, createdPost.Text);
            Assert.IsNotNull(createdPost.Id);
        }
        public void TestLogoutUser_SessionKeyIsValid_ShouldReturnOK()
        {
            var testUser = new UserDto
            {
                Username = "******",
                DisplayName = "Peter Petroff",
                AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
            };

            httpServer.Post("api/users/register", testUser);
            var response = httpServer.Post("api/users/login", testUser);

            string contentString = response.Content.ReadAsStringAsync().Result;
            var loggedUser = JsonConvert.DeserializeObject<LoggedUserDto>(contentString);

            var headers = new Dictionary<string, string>();
            headers["X-SessionKey"] = loggedUser.SessionKey;

            var logoutResult = httpServer.Put("api/users/logout", headers);
            Assert.AreEqual(HttpStatusCode.OK, logoutResult.StatusCode);
        }
        public void TestRegisterUser_ValidData_ShouldReturnOK()
        {
            var testUser = new UserDto
            {
                Username = "******",
                DisplayName = "Peter Petroff",
                AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
            };

            var response = httpServer.Post("api/users/register", testUser);
            Assert.AreEqual(HttpStatusCode.Created, response.StatusCode);
        }
        public void TestRegisterUser_AuthCodeShorterThanSha1HashLength_ShouldReturnBadRequest()
        {
            var testUser = new UserDto
            {
                Username = "******",
                DisplayName = "Peter Petroff",
                AuthCode = "bff"
            };

            var response = httpServer.Post("api/users/register", testUser);
            Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
        }
        public void TestRegisterUser_DisplayNameContainsInvalidCharacters_ShouldReturnBadRequest()
        {
            var testUser = new UserDto
            {
                Username = "******",
                DisplayName = "Петър Петров",
                AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
            };

            var response = httpServer.Post("api/users/register", testUser);
            Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
        }
        public void TestRegisterUser_DisplayNameIsLongerThanMaxLength_ShouldReturnBadRequest()
        {
            var testUser = new UserDto
            {
                Username = "******",
                DisplayName = "Margaret Peacock Margaret Peacock Margaret Peacock Margaret Peacock",
                AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
            };

            var response = httpServer.Post("api/users/register", testUser);
            Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
        }