public IActionResult TeamLogin(TeamLoginPost postInfo)
{
try
{
return(Ok(_teamLoginManager.TeamLogin(postInfo)));
}
catch
{
return(NotFound());
}
}
public void InvalidNonExistentAccountLoginFail(TeamLoginPost teamLoginPost)
{
// DI of team login
var _context = new ApiGatewayContext();
var teamLoginService = new TeamLoginService(_context);
var jwtService = new JWTService();
var teamLoginManager = new TeamLoginManager(teamLoginService, jwtService);
// Act login for the registered user.
var loginresp = teamLoginManager.TeamLogin(teamLoginPost);
// Assert that login fail
Assert.IsFalse(loginresp.Status);
}
public void ValidTeamLoginPass(TeamRegisterPost teamRegisterPost, TeamLoginPost teamLoginPost)
{
// Arrange DI of objects
var _context = new ApiGatewayContext();
var teamRegistrationService = new TeamRegistrationService(_context);
var urlValidationService = new UrlValidationService(_context);
var teamRegistrationManager = new TeamRegistrationManager(teamRegistrationService, urlValidationService);
var creatTeamStatus = teamRegistrationManager.CreateTeamAccount(teamRegisterPost);
// Assert that team creation is successfull
Assert.IsTrue(creatTeamStatus.TeamCreate);
// DI of team login
var teamLoginService = new TeamLoginService(_context);
var jwtService = new JWTService();
var teamLoginManager = new TeamLoginManager(teamLoginService, jwtService);
// Act login for the registered user.
var loginresp = teamLoginManager.TeamLogin(teamLoginPost);
// Assert that login passed
Assert.IsTrue(loginresp.Status);
// Cleanup the team
var createdTeam = _context.Team.
Where(t => teamRegisterPost.Username == t.Username).
FirstOrDefault();
if (createdTeam == null)
{
// Failed to delete
Assert.IsTrue(false);
}
_context.Team.Remove(createdTeam);
_context.SaveChanges();
}
/// <summary>
/// Check if an authentication request is valid
/// </summary>
/// <param name="postInfo">Json object representing client credentials</param>
/// <returns>Json response object</returns>
public TeamLoginResp TeamLogin(TeamLoginPost postInfo)
{
// Check if the username exists.
var userNameExist = _teamLoginService.CheckUsernameExistence(postInfo.Username);
var passwordValid = false;
// If the userNameExist then we grab the password.
if (userNameExist)
{
passwordValid = _teamLoginService.ValidatePassword(postInfo.Username, postInfo.Password, Constants.HashIteration, KeyDerivationPrf.HMACSHA256);
}
// If authentication passes return the corresponding json response.
if (userNameExist && passwordValid)
{
// Grab ClientId to return to frontend.
var clientId = _teamLoginService.GetClientIdFromUsername(postInfo.Username);
return(new TeamLoginResp()
{
Status = true,
// Access token to authorize protected resources.
AccessToken = _JWTService.GenerateHmacSignedJWTToken(Constants.Issuer, clientId, Constants.Issuer, DateTime.Now.ToUniversalTime(),
DateTime.Now.AddMinutes(Constants.AuthenticationValidMinutes).ToUniversalTime(), Constants.SigningKey),
Username = postInfo.Username,
ClientId = clientId
});
}
else
{
return(new TeamLoginResp()
{
Status = false, AccessToken = null, Username = null, ClientId = null
});
}
}
