public void Login()
{
this.RemoveJWTAuth();
var model = new UserCreateOrUpdateModel();
console.Write("Enter user name: ");
model.Name = console.ReadLine();
console.Write("Enter password: "******"api/auth/login", model).Result;
console.WriteLine(response.StatusCode);
var result = response.Content.ReadAsAsync <AuthGetModel>().Result;
if (!ReferenceEquals(result, null))
{
JWT = result.Token;
AuthorizedUserId = result.AuthorizedUserId;
}
console.WriteLine(response.Content.ReadAsStringAsync().Result);
CheckAuth(response);
}
public IActionResult Login(
[FromBody]
[SwaggerParameter("User name and Password", Required = true)]
UserCreateOrUpdateModel model)
{
if (model.IsNull())
{
_logger.LogError(string.Format(Resource.LogErrorInvalidModel, nameof(model), string.Empty));
return(BadRequest(Resource.Status400BadRequestInvalidModel));
}
var user = new UserCreateOrUpdateModel(_repository.User.GetUserByName(model.Name));
if (user.IsNull())
{
_logger.LogError(string.Format(Resource.LogErrorGetByIsNull, nameof(user), nameof(model.Name), model.Name));
return(NotFound());
}
if (model.Name == user.Name && model.Password == _dataProtector.Unprotect(user.Password))
{
return(Ok(new AuthGetModel(GetToken(user), user.Id)));
}
return(Unauthorized());
}
public UserDetailsViewModel(IUserAppService userAppService,
IPermissionService permissionService)
{
Input = new UserCreateOrUpdateModel();
this.userAppService = userAppService;
this.permissionService = permissionService;
}
public void CreateUser_WithValidModel_ShouldCreatedWithProtectedPassword()
{
// arrange
var expectedProtectedPassword = _fixture.Fixture.Create <string>();
var expectedId = _fixture.Fixture.Create <int>();
var user = _fixture.Fixture.Create <User>();
var utf8Encoding = new UTF8Encoding(false, true).GetBytes(user.Password);
var protectedData = WebEncoders.Base64UrlDecode(expectedProtectedPassword);
_fixture.UserRepository.Setup(r => r.CreateUser(user)).Callback(() => user.Id = expectedId).Verifiable();
_fixture.DataProtector.Setup(d => d.Protect(utf8Encoding)).Returns(protectedData).Verifiable();
var model = new UserCreateOrUpdateModel(user);
// act
var act = (CreatedAtRouteResult)_fixture.Controller.CreateUser(model);
// assert
Assert.NotNull(act);
Assert.Equal((int)HttpStatusCode.Created, act.StatusCode);
Assert.Equal(expectedId, ((EntityGetModel <IEntity>)act.Value).Id);
Assert.Equal(expectedProtectedPassword, ((User)((EntityGetModel <IEntity>)act.Value).GetEntity()).Password);
_fixture.UserRepository.VerifyAll();
_fixture.DataProtector.VerifyAll();
}
public void UpdateUser_WithValidModelAndAuthorizedUser_ShouldUpdatedWithProtectedPassword()
{
// arrange
var expectedProtectedPassword = _fixture.Fixture.Create <string>();
var user = _fixture.Fixture.Create <User>();
var dbUser = _fixture.Fixture.Create <User>();
var utf8Encoding = new UTF8Encoding(false, true).GetBytes(user.Password);
var protectedData = WebEncoders.Base64UrlDecode(expectedProtectedPassword);
_fixture.SetAuthorizedUserId(user.Id);
_fixture.UserRepository.Setup(r => r.GetUserById(user.Id)).Returns(dbUser).Verifiable();
_fixture.UserRepository.Setup(r => r.UpdateUser(dbUser, user)).Callback(() => dbUser.Password = user.Password).Verifiable();
_fixture.DataProtector.Setup(d => d.Protect(utf8Encoding)).Returns(protectedData).Verifiable();
var model = new UserCreateOrUpdateModel(user);
// act
var act = (NoContentResult)_fixture.Controller.UpdateUser(model);
// assert
Assert.NotNull(act);
Assert.Equal((int)HttpStatusCode.NoContent, act.StatusCode);
Assert.Equal(expectedProtectedPassword, dbUser.Password);
_fixture.UserRepository.VerifyAll();
_fixture.DataProtector.VerifyAll();
}
public IActionResult CreateUser([FromBody] UserCreateOrUpdateModel user)
{
var entity = user.GetEntity();
entity.Password = _dataProtector.Protect(entity.Password);
_repository.User.CreateUser(entity);
return(CreatedAtRoute(nameof(GetAllUsers), new { id = user.Id }, new EntityGetModel <IEntity>(entity)));
}
public void Login_WithInvalidUserName_ShouldNotFoundResult()
{
// arrange
var user = _fixture.Fixture.Create <User>();
_fixture.UserRepository.Setup(r => r.GetUserByName(user.Name)).Returns((User)null).Verifiable();
var model = new UserCreateOrUpdateModel(user);
// act
var act = _fixture.Controller.Login(model);
// assert
Assert.IsType <NotFoundResult>(act);
Assert.Equal((int)HttpStatusCode.NotFound, ((NotFoundResult)act).StatusCode);
_fixture.UserRepository.VerifyAll();
}
public void UpdateUser()
{
this.AddJWTAuth();
var model = new UserCreateOrUpdateModel();
console.Write("Enter user name: ");
model.Name = console.ReadLine();
console.Write("Enter password: "******"api/user", model).Result;
console.WriteLine(response.StatusCode);
console.WriteLine(response.Content.ReadAsStringAsync().Result);
CheckAuth(response);
}
public IActionResult UpdateUser([FromBody] UserCreateOrUpdateModel user)
{
var autorizedUserId = AuthorizedUserId;
var dbUser = _repository.User.GetUserById(autorizedUserId);
if (dbUser.IsNull())
{
_logger.LogError(string.Format(Resource.LogErrorGetByIsNull, nameof(user), nameof(autorizedUserId), autorizedUserId));
return(NotFound());
}
var entity = user.GetEntity();
entity.Password = _dataProtector.Protect(entity.Password);
_repository.User.UpdateUser(dbUser, entity);
return(NoContent());
}
public void Login_WithInvalidPassword_ShouldUnauthorizedResult()
{
// arrange
var user = _fixture.Fixture.Create <User>();
var invalidUser = _fixture.Fixture.Create <User>();
var protectedData = WebEncoders.Base64UrlDecode(user.Password);
var utf8Encoding = new UTF8Encoding(false, true).GetBytes(invalidUser.Password);
_fixture.UserRepository.Setup(r => r.GetUserByName(user.Name)).Returns(user).Verifiable();
_fixture.DataProtector.Setup(d => d.Unprotect(protectedData)).Returns(utf8Encoding).Verifiable();
var model = new UserCreateOrUpdateModel(user);
// act
var act = _fixture.Controller.Login(model);
// assert
Assert.IsType <UnauthorizedResult>(act);
Assert.Equal((int)HttpStatusCode.Unauthorized, ((UnauthorizedResult)act).StatusCode);
_fixture.UserRepository.VerifyAll();
_fixture.DataProtector.VerifyAll();
}
public void Login_WithValidCredentials_ShouldOkResult()
{
// arrange
var user = _fixture.Fixture.Create <User>();
var protectedData = WebEncoders.Base64UrlDecode(user.Password);
var utf8Encoding = new UTF8Encoding(false, true).GetBytes(user.Password);
_fixture.UserRepository.Setup(r => r.GetUserByName(user.Name)).Returns(user).Verifiable();
_fixture.DataProtector.Setup(d => d.Unprotect(protectedData)).Returns(utf8Encoding).Verifiable();
var model = new UserCreateOrUpdateModel(user);
// act
var act = _fixture.Controller.Login(model);
// assert
Assert.IsType <OkObjectResult>(act);
Assert.Equal((int)HttpStatusCode.OK, ((OkObjectResult)act).StatusCode);
Assert.NotNull(((AuthGetModel)((OkObjectResult)act).Value).Token);
_fixture.UserRepository.VerifyAll();
_fixture.DataProtector.VerifyAll();
}
