public void Register_User_Same_Username() { bool outcome; try { var controller = new UserManagementController(_dbCtx); var newUser = new ApplicationUserAccount() { AppUserName = "******", UserPassword = "******" }; controller.RegisterUser(newUser); outcome = _dbCtx.UserAccounts.Where(x => x.AppUserName.Equals("Nathan")).ToList().Count == 1; // Cleanup added objects if (!outcome) { _dbCtx.UserAccounts.Remove(newUser); _dbCtx.SaveChanges(); } } catch (ArgumentException) { outcome = false; } Assert.True(outcome); }
/// <summary> /// Issues a new JWT user token for this application /// </summary> /// <param name="user">The user to issue the token to</param> /// <returns>string: The issued token in its encoded format</returns> public string IssueToken(ApplicationUserAccount user) { var secKey = _config.tokenSecKey; var symSecKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secKey)); var signingCredentials = new SigningCredentials(symSecKey, SecurityAlgorithms.HmacSha512Signature); var claims = new List <Claim>(); var jwtId = Guid.NewGuid().ToString(); var utcDate = EpochTime.GetIntDate(DateTime.Now); claims.Add(new Claim("iat", $"{utcDate}", ClaimValueTypes.Integer64)); claims.Add(new Claim("jti", jwtId, ClaimValueTypes.String)); claims.Add(new Claim("user_id", $"{user.Id}", ClaimValueTypes.Integer32)); claims.Add(new Claim("user_name", $"{user.AppUserName}", ClaimValueTypes.String)); claims.Add(new Claim("user_type", $"{user.UserType}", ClaimValueTypes.String)); var token = new JwtSecurityToken( issuer: _config.tokenIssuer, audience: _config.tokenAudience, expires: EpochTime.DateTime(EpochTime.GetIntDate(DateTime.Now.AddDays(7))), signingCredentials: signingCredentials, claims: claims ); var tokenHandler = new JwtSecurityTokenHandler(); var encodedToken = tokenHandler.WriteToken(token); // Delete expired tokens for the user (exccess tokens for each user waste space) DeleteInavlidTokens(user.Id); // If the token can't be saved in the database if (!SaveToken(encodedToken, user.Id, token.ValidTo)) { return(""); } return(encodedToken); }
public void Register_User_Invalid_Pass() { var controller = new UserManagementController(_dbCtx); var newUser = new ApplicationUserAccount() { AppUserName = "******", UserPassword = "******" }; controller.RegisterUser(newUser); var user = _dbCtx.UserAccounts.Where(x => x.AppUserName.Equals("Ashur")).FirstOrDefault(); var outcome = user == null; // Cleanup added objects if (!outcome) { _dbCtx.UserAccounts.Remove(newUser); _dbCtx.SaveChanges(); } Assert.True(outcome); }
public void Register_User_Invalid_Username_By_Non_Alpha_Numeric_Chars() { var controller = new UserManagementController(_dbCtx); var newUser = new ApplicationUserAccount() { AppUserName = "******", UserPassword = "******" }; controller.RegisterUser(newUser); var user = _dbCtx.UserAccounts.Where(x => x.AppUserName.Equals("Sablique V0# Lu$")).FirstOrDefault(); var outcome = user == null; // Cleanup added objects if (!outcome) { _dbCtx.UserAccounts.Remove(newUser); _dbCtx.SaveChanges(); } Assert.True(outcome); }
public void Register_User_Valid_Creds() { var controller = new UserManagementController(_dbCtx); var newUser = new ApplicationUserAccount() { AppUserName = "******", UserPassword = "******" }; controller.RegisterUser(newUser); var user = _dbCtx.UserAccounts.Where(x => x.AppUserName.Equals("George")).FirstOrDefault(); var outcome = user != null; // Cleanup added objects if (outcome) { _dbCtx.UserAccounts.Remove(user); _dbCtx.SaveChanges(); } Assert.True(outcome); }
public IActionResult RegisterUser([FromBody] ApplicationUserAccount userAccount) { // App user name must be at least 3 characters long and must be alphanumeric if (!string.IsNullOrWhiteSpace(userAccount.AppUserName)) { if (userAccount.AppUserName.Length < 3 || !Regex.IsMatch(userAccount.AppUserName, "^[a-zA-Z0-9]+$")) { return(new BadRequestObjectResult("Username cannot be empty and must contain two alphanumeric characters")); } } else { return(new BadRequestObjectResult("Username cannot be empty and must contain two alphanumeric characters")); } // Password must be at least 8 characters long if (!string.IsNullOrWhiteSpace(userAccount.UserPassword)) { if (userAccount.UserPassword.Length < 8) { return(new BadRequestObjectResult("Password must be 8 characters long")); } } else { return(new BadRequestObjectResult("Password must be 8 characters long")); } // Usernames must be also unique and they are also alternate keys in the database var existingUser = _dbCtx.UserAccounts.Where(x => x.AppUserName.Equals(userAccount.AppUserName)).FirstOrDefault(); if (existingUser != null) { return(new BadRequestObjectResult($"Username {userAccount.AppUserName} is already taken")); } var newUser = new ApplicationUserAccount() { AppUserName = userAccount.AppUserName, UserPassword = _scryptHasher.Encode(userAccount.UserPassword), UserType = UserType.Instructor }; _dbCtx.UserAccounts.Add(newUser); try { _dbCtx.SaveChanges(); } catch (Exception) { // Rollback the addition of a new user _dbCtx.UserAccounts.Remove(newUser); return(new NotFoundObjectResult("Failed to Create New User")); } var token = _tokenManager.IssueToken(newUser); if (token.Equals("")) { return(new NotFoundObjectResult("Failed to Generate Token")); } return(new OkObjectResult($"Successfully Registered new User: {userAccount.AppUserName}")); }