public SsoLoginRequestDTO Fetch(AccountCredentialDTO credentials)
{
var loginDto = new SsoLoginRequestDTO
{
Username = credentials.Username,
Password = credentials.Password,
RoleType = _partialAccountLogic.GetPartialAccount(credentials.Username).AccountType
};
return(loginDto);
}
public void ReturnsJwtTokenWithRedirect()
{
// Arrange
var credential = new AccountCredentialDTO
{
Username = "******",
Password = "******"
};
var controller = SetupControllerWithEmptyRepoMocks();
// Act
// Assert
}
public IHttpActionResult SubmitNewPassword(AccountCredentialDTO credentials)
{
Validate(credentials);
if (credentials.Username == null || credentials.Password == null)
{
return(BadRequest("Bad Request"));
}
var response = _controllerLogic.PasswordSubmission(credentials);
IHttpActionResult actionResultResponse = ResponseMessage(response);
return(actionResultResponse);
}
/// <summary>
/// Logic takes new password credentials from controller and updates existing
/// password and its salt stored in the user's account
/// </summary>
/// <param name="credentials"></param>
/// <returns></returns>
public HttpResponseMessage PasswordSubmission(AccountCredentialDTO credentials)
{
// Create new password salt and hash new password
var pSalt = HashService.Instance.CreateSaltKey();
var hashedPassword = HashService.Instance.HashPasswordWithSalt(pSalt, credentials.Password, true);
// Update new salt and password properties
var saltModel = _saltLogic.GetSalt(credentials.Username);
saltModel.PasswordSalt = pSalt;
var accountModel = _accountLogic.GetSingle(credentials.Username);
accountModel.Password = hashedPassword;
try
{
// Save context
_accountLogic.Update(accountModel);
_saltLogic.Update(saltModel);
// Return if successful
return(new HttpResponseMessage
{
StatusCode = HttpStatusCode.OK
});
} catch (Exception ex)
{
// Catch if exception with EF/DB occurs
return(new HttpResponseMessage
{
ReasonPhrase = ex.Message,
StatusCode = HttpStatusCode.InternalServerError
});
}
}
public IHttpActionResult Submit(AccountCredentialDTO credentials)
{
// Credentials is already read and deserialized into a DTO. Validate it.
Validate(credentials);
// Checks for valid model state
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check to make they are not a new SSO user
if (_partialAccountRepository.Exists(d => d.UserName == credentials.Username))
{
var transformer = new SsoLoginTransformer();
var ssoLoginDto = transformer.Fetch(credentials);
var response = _ssoControllerLogic.Login(ssoLoginDto);
return(ResponseMessage(response));
}
// Proccess any other information.
if (!_accountRepository.Exists(d => d.UserName == credentials.Username))
{
return(Unauthorized());
}
if (!_saltRepository.Exists(d => d.UserName == credentials.Username, d => d.Account))
{
return(Unauthorized());
}
Salt salt;
try
{
salt = _saltRepository.GetSingle(d => d.UserName == credentials.Username, d => d.Account);
}
catch (Exception)
{
return(Unauthorized());
}
// Check app DB for user.
Account account;
try
{
account = _accountRepository.GetSingle(d => d.UserName == credentials.Username);
}
catch (Exception)
{
return(Unauthorized());
}
if (!account.AccountStatus)
{
return(BadRequest("SUSPENDED"));
}
// Issue login information
if (account.Password == HashService.Instance.HashPasswordWithSalt(salt.PasswordSalt, credentials.Password, true))
{
var response = new HttpResponseMessage();
JAccessToken token;
var claims = (List <AccountType>)account.AccountTypes;
// JWT token already exists
if (_jwtRepository.Exists(d => d.UserName == account.UserName, d => d.Account))
{
token = _jwtRepository.GetSingle(d => d.UserName == account.UserName, d => d.Account);
token.Value = JwtManager.Instance.GenerateToken(claims);
token.DateTimeIssued = DateTime.UtcNow;
_jwtRepository.Update(token);
}
// JWT does not exist for this user
else
{
token = new JAccessToken
{
Value = JwtManager.Instance.GenerateToken(claims),
UserName = account.UserName,
DateTimeIssued = DateTime.UtcNow
};
_jwtRepository.Insert(token);
}
return(Json(new { AuthToken = token.Value }));
}
// Given password does no match the stored hashed password after being hashed
else
{
return(Unauthorized());
}
}
