public void LoadsDescriptionsOfCredentialsInToViewModel()
{
// Arrange
var fakes = Get <Fakes>();
var user = fakes.CreateUser(
"test",
CredentialBuilder.CreatePbkdf2Password("hunter2"),
CredentialBuilder.CreateV1ApiKey(Guid.NewGuid(), Fakes.ExpirationForApiKeyV1),
CredentialBuilder.CreateExternalCredential("MicrosoftAccount", "blarg", "Bloog"));
var controller = GetController <UsersController>();
controller.SetCurrentUser(user);
// Act
var result = controller.Account();
// Assert
var model = ResultAssert.IsView <AccountViewModel>(result, viewName: "Account");
var descs = model.Credentials.ToDictionary(c => c.Kind); // Should only be one of each kind
Assert.Equal(3, descs.Count);
Assert.Equal(Strings.CredentialType_Password, descs[CredentialKind.Password].TypeCaption);
Assert.Equal(Strings.CredentialType_ApiKey, descs[CredentialKind.Token].TypeCaption);
Assert.Equal(Strings.MicrosoftAccount_Caption, descs[CredentialKind.External].TypeCaption);
}
public virtual async Task <ActionResult> GenerateApiKey(int?expirationInDays)
{
// Get the user
var user = GetCurrentUser();
// Generate an API Key
var apiKey = Guid.NewGuid();
// Set expiration
var expiration = TimeSpan.Zero;
if (Config.ExpirationInDaysForApiKeyV1 > 0)
{
expiration = TimeSpan.FromDays(Config.ExpirationInDaysForApiKeyV1);
if (expirationInDays.HasValue && expirationInDays.Value > 0)
{
expiration = TimeSpan.FromDays(Math.Min(expirationInDays.Value, Config.ExpirationInDaysForApiKeyV1));
}
}
// Add/Replace the API Key credential, and save to the database
TempData["Message"] = Strings.ApiKeyReset;
await AuthService.ReplaceCredential(user,
CredentialBuilder.CreateV1ApiKey(apiKey, expiration));
return(RedirectToAction("Account"));
}
public void WillUseApiKeyInCredentialIfPresent()
{
var apiKey = Guid.NewGuid();
var controller = GetController <UsersController>();
controller.SetUser("user");
GetMock <IUserService>()
.Setup(s => s.FindByUsername("user"))
.Returns(new User
{
Key = 42,
ApiKey = Guid.NewGuid(),
Credentials = new List <Credential>()
{
CredentialBuilder.CreateV1ApiKey(apiKey)
}
});
GetMock <ICuratedFeedService>()
.Setup(stub => stub.GetFeedsForManager(42))
.Returns(new[] { new CuratedFeed {
Name = "theCuratedFeed"
} });
// act
var result = controller.Account();
// verify
var model = ResultAssert.IsView <AccountViewModel>(result);
Assert.Equal(apiKey.ToString().ToLowerInvariant(), model.ApiKey);
}
public virtual User Create(
string username,
string password,
string emailAddress)
{
// TODO: validate input
// TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt
var existingUser = FindByUsername(username);
if (existingUser != null)
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
var existingUsers = FindAllByEmailAddress(emailAddress);
if (existingUsers.AnySafe())
{
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
var hashedPassword = Crypto.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId);
var apiKey = Guid.NewGuid();
var newUser = new User(username)
{
ApiKey = apiKey,
EmailAllowed = true,
UnconfirmedEmailAddress = emailAddress,
EmailConfirmationToken = Crypto.GenerateToken(),
HashedPassword = hashedPassword,
PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId,
CreatedUtc = DateTime.UtcNow,
Roles = new List <Role> {
RoleRepository.GetEntity(2)
}
};
// Add a credential for the password and the API Key
newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey));
newUser.Credentials.Add(new Credential(CredentialTypes.Password.Pbkdf2, newUser.HashedPassword));
if (!Config.ConfirmEmailAddresses)
{
newUser.ConfirmEmailAddress();
}
newUser.Roles.Add(RoleRepository.GetEntity(2));
UserRepository.InsertOnCommit(newUser);
UserRepository.CommitChanges();
return(newUser);
}
public virtual async Task <ActionResult> GenerateApiKey()
{
// Get the user
var user = GetCurrentUser();
// Generate an API Key
var apiKey = Guid.NewGuid();
// Add/Replace the API Key credential, and save to the database
TempData["Message"] = Strings.ApiKeyReset;
await AuthService.ReplaceCredential(user, CredentialBuilder.CreateV1ApiKey(apiKey));
return(RedirectToAction("Account"));
}
public virtual ActionResult GenerateApiKey()
{
// Get the user
var user = UserService.FindByUsername(User.Identity.Name);
// Generate an API Key
var apiKey = Guid.NewGuid();
// Set the existing API Key field
user.ApiKey = apiKey;
// Add/Replace the API Key credential, and save to the database
UserService.ReplaceCredential(user, CredentialBuilder.CreateV1ApiKey(apiKey));
return(RedirectToAction(MVC.Users.Account()));
}
