Example #1
0
        public ActionResult Login([FromBody] SignupUserDto dto)
        {
            if (!isValidUserCredential(dto))
            {
                return(BadRequest());
            }

            var user = _service.GetAppUser(dto.Username);

            if (user == null)
            {
                return(BadRequest());
            }

            if (IsInvalidPassword(dto, user))
            {
                return(BadRequest());
            }

            var userToken = GenerateToken(user);

            AuthenticatedUser result = new AuthenticatedUser();

            result.Username = user.Username;
            result.Token    = userToken;
            return(Ok(result));
        }
Example #2
0
        private bool isValidUserCredential(SignupUserDto dto)
        {
            if (string.IsNullOrEmpty(dto.Username) || string.IsNullOrEmpty(dto.Password))
            {
                return(false);
            }

            if (dto.Username.Length < 2 || dto.Password.Length < 6)
            {
                return(false);
            }

            string regExUsernameInvalidValue = @"[^a-zA-Z\d]";
            string regExPasswordInvalidValue = @"[^a-zA-Z\d]";
            var    regExMatchInvalidUser     = Regex.Match(dto.Username, regExUsernameInvalidValue, RegexOptions.IgnoreCase);
            var    regExMatchInvalidPassword = Regex.Match(dto.Password, regExPasswordInvalidValue, RegexOptions.IgnoreCase);

            if (regExMatchInvalidUser.Success || regExMatchInvalidPassword.Success)
            {
                Console.WriteLine("Am entering successfully :D ");

                return(false);
            }

            return(true);
        }
Example #3
0
        public ActionResult CreateUser([FromBody] SignupUserDto dto)
        {
            if (!isValidUserCredential(dto))
            {
                return(BadRequest());
            }

            if (_service.GetAppUser(dto.Username) != null)
            {
                return(BadRequest());
            }

            int.TryParse(
                _configuration.GetSection("Auth:PwdSize").Value,
                out var size);

            if (size == 0)
            {
                throw new ArgumentException();
            }

            var salt = PasswordService.GenerateSalt(size);

            var pwd = PasswordService.HashPassword(dto.Password, salt, size);

            _service.CreateUser(dto.Username, pwd, salt);

            return(CreatedAtRoute(null, dto.Username));
        }
Example #4
0
        public void User_Signup_Bad_Request_AlreadySignedUp()
        {
            var signupUser = new SignupUserDto
            {
                Username = UserName,
                Password = UserPassword
            };

            var(_, statusCode) = PostData(AuthenticateUserUrl + "/users", signupUser, string.Empty);
            Assert.Equal(HttpStatusCode.BadRequest, statusCode);
        }
Example #5
0
        private bool IsInvalidPassword(SignupUserDto dto, AppUser user)
        {
            int.TryParse(
                _configuration.GetSection("Auth:PwdSize").Value,
                out var size);
            var pwd = PasswordService.HashPassword(dto.Password, user.Salt, size);

            if (user.Password != pwd)
            {
                return(true);
            }
            return(false);
        }