public async Task <IActionResult> Login([FromBody] LoginParametersDto loginParametersDto)
{
IdentityCard card = await _cardManager.FindByIdAsync(loginParametersDto.CardNumber);
// check null card
if (card == null)
{
return(NotFound("please register your card"));
}
// check password
var passwordCorrect = await _cardManager.CheckPasswordAsync(card, loginParametersDto.Pin);
if (!passwordCorrect)
{
return(Unauthorized("pin incorrect"));
}
var refreshToken = _tokenManager.CreateRefreshToken(loginParametersDto.CardNumber);
var cardDto = _mapper.Map <CardDto>(card);
cardDto.Bearer = _tokenManager.CreateJwt(loginParametersDto.CardNumber);
cardDto.RefreshToken = null;
if (await _tokenManager.SaveRefreshToken(refreshToken))
{
cardDto.RefreshToken = refreshToken.Token;
}
return(Ok(cardDto));
}
public async Task ClientSendsLoginInfo_WithRegisteredCardAndIncorrectPin_ReturnsUnauthorised()
{
// Arrange
var subject = GetSubject();
var pin = "1234";
var card = _identityCardBuilder.GenericIdentityCard().Build();
card.Id = "cutbgln213454hbv";
_mockCardManager.Setup(x => x.FindByIdAsync(card.Id)).ReturnsAsync(card);
_mockCardManager.Setup(x => x.CheckPasswordAsync(card, pin)).ReturnsAsync(false);
var loginParameters = new LoginParametersDto()
{
CardNumber = card.Id,
Pin = pin
};
// Act
var result = await subject.Login(loginParameters);
// Assert
Assert.NotNull(result);
Assert.Equal(typeof(UnauthorizedObjectResult), result.GetType());
var resultObject = result as UnauthorizedObjectResult;
Assert.Equal("pin incorrect", resultObject.Value);
}
public async Task Post_login_ok()
{
// Arrange
var client = _factory.CreateClient();
// register
var registerDto = new CardRegistrationDto()
{
CardNumber = "123be4qs6ou9oiuy",
EmployeeId = "127856",
FirstName = "test",
LastName = "rodeo",
PhoneNumber = "07945832712",
Email = "*****@*****.**",
Pin = "5678"
};
var registerJson = JsonConvert.SerializeObject(registerDto);
var registerBuffer = System.Text.Encoding.UTF8.GetBytes(registerJson);
var registerByteContent = new ByteArrayContent(registerBuffer);
registerByteContent.Headers.ContentType = new MediaTypeHeaderValue("application/json");
var registerResult =
client.PostAsync("/authentication/register", registerByteContent).Result;
// login card
var loginDto = new LoginParametersDto()
{
CardNumber = registerDto.CardNumber,
Pin = registerDto.Pin
};
var loginJson = JsonConvert.SerializeObject(loginDto);
var loginBuffer = System.Text.Encoding.UTF8.GetBytes(loginJson);
var loginByteContent = new ByteArrayContent(loginBuffer);
loginByteContent.Headers.ContentType = new MediaTypeHeaderValue("application/json");
if (registerResult.IsSuccessStatusCode)
{
// Act
var response = client.PostAsync("/authentication/login", loginByteContent).Result;
// Assert
Assert.True(response.StatusCode == HttpStatusCode.OK);
}
else
{
Assert.True(registerResult.IsSuccessStatusCode);
}
}
public async Task ClientSendsLoginInfo_WithRegisteredCardAndCorrectPin_LogsUserInAndReturnsCardDto()
{
// Arrange
var subject = GetSubject();
const string pin = "1234";
const string jwt = "mock1jwt";
var refreshTokenValue = "mock1refreshToken";
var card = _identityCardBuilder.GenericIdentityCard().Build();
card.Id = "cutbgln213454hbv";
_mockCardManager.Setup(x => x.FindByIdAsync(card.Id)).ReturnsAsync(card);
_mockCardManager.Setup(x => x.CheckPasswordAsync(card, pin)).ReturnsAsync(true);
var loginParameters = new LoginParametersDto()
{
CardNumber = card.Id,
Pin = pin
};
var cardDto = new CardDto()
{
CardNumber = card.Id,
FullName = card.FullName,
};
var refreshToken = new RefreshToken()
{
Token = refreshTokenValue
};
_mockMapper.Setup(x => x.Map <CardDto>(card)).Returns(cardDto);
_mockTokenManager.Setup(x => x.CreateJwt(card.Id)).Returns(jwt);
_mockTokenManager.Setup(x => x.CreateRefreshToken(card.Id)).Returns(refreshToken);
_mockTokenManager.Setup(x => x.SaveRefreshToken(refreshToken)).ReturnsAsync(true);
// Act
var result = await subject.Login(loginParameters);
// Assert
Assert.NotNull(result);
Assert.Equal(typeof(OkObjectResult), result.GetType());
var okObject = result as OkObjectResult;
Assert.Equal(typeof(CardDto), okObject.Value.GetType());
var resultCardDto = (CardDto)okObject.Value;
Assert.Equal(card.FullName, resultCardDto.FullName);
Assert.Equal(card.Id, resultCardDto.CardNumber);
Assert.Equal(jwt, resultCardDto.Bearer);
Assert.Equal(refreshTokenValue, resultCardDto.RefreshToken);
}
public async Task ClientCallsLogin_WithUnregisteredCard_ReturnsNotfound()
{
// Arrange
var subject = GetSubject();
var cardNumber = "cutbgln213454hbv";
_mockCardManager.Setup(x => x.FindByIdAsync(cardNumber)).ReturnsAsync((IdentityCard)null);
var loginParameters = new LoginParametersDto();
// Act
var result = await subject.Login(loginParameters);
// Assert
Assert.NotNull(result);
Assert.Equal(typeof(NotFoundObjectResult), result.GetType());
Assert.Equal("please register your card", (result as NotFoundObjectResult).Value);
}
public async Task Post_login_notFound()
{
// Arrange
var client = _factory.CreateClient();
var loginDto = new LoginParametersDto()
{
CardNumber = "1234ewqs6789o88y",
Pin = "5678"
};
var loginJson = JsonConvert.SerializeObject(loginDto);
var loginBuffer = System.Text.Encoding.UTF8.GetBytes(loginJson);
var loginByteContent = new ByteArrayContent(loginBuffer);
loginByteContent.Headers.ContentType = new MediaTypeHeaderValue("application/json");
// Act
var response = await client.PostAsync("/authentication/login", loginByteContent);
// Assert
Assert.True(response.StatusCode == HttpStatusCode.NotFound);
}
