[AllowAnonymous] // need to allow login from an unathenticated state
public virtual async Task <IActionResult> AdminLogin([FromBody] AdminLoginEvent model)
{
// The eventual user
var validatedUser = _context.Admins.OfType <WebAdmin>().FirstOrDefault(x => x.Email.ToLower() == model.Email.ToLower());
if (validatedUser == null)
{
// Our response is vague to avoid leaking information
return(ResponseShell.Error("Invalid"));
}
var passCheck = validatedUser.VerifyPassowrd(model.Password);
if (passCheck != PasswordVerificationResult.Success)
{
// Our response is vague to avoid leaking information
return(ResponseShell.Error("Invalid"));
}
// Get our token
var token = await _tokenService.GetToken(validatedUser);
return(ResponseShell.Ok(token));
// return Redirect($"{_config.Urls.Frontend}/{_config.Pages.AdminPage}?user={token.UserId}&token={token.Token}");
}
public async Task CheckIfAdminCanLogin()
{
var loginEvent = new AdminLoginEvent()
{
Email = Constants.Testing.TestAdmins.First().Email,
Password = Constants.Testing.DefaultAdminPass
};
var resRefreshToken = await _fixture.Post <TokenInfo>($"{Constants.V1Prefix}/{Constants.AdminConfigurationEndpoint}/login", loginEvent);
Assert.Equal(200, resRefreshToken.Meta.Code);
Assert.NotNull(resRefreshToken.Result);
}
public async Task <TokenInfo> AdminLogin()
{
var loginEvent = new AdminLoginEvent()
{
Email = Constants.Testing.TestAdmins.First().Email,
Password = Constants.Testing.DefaultAdminPass
};
var resRefreshToken = await Post <TokenInfo>($"{Constants.V1Prefix}/{Constants.AdminConfigurationEndpoint}/login", loginEvent);
if (resRefreshToken.Result == null)
{
throw new Exception(resRefreshToken.Meta.Message);
}
return(resRefreshToken.Result);
}
