public AuthenticationControllerTest()
{
defaultAdminPassword = new Password(DefaultAdminPasswordString);
var dataModule = new CloudCoreDataModule();
IoC.Initialize();
IoC.ScanModule(dataModule);
IoC.AdditionalConfiguration(dataModule);
//var mailMan = MockHelper.CreateSimpleGenericMock<IMailMan>();
//apiController = new AuthenticationController(Repository.Instance, new InMemoryCacheProvider(new CachePolicyFake()), mailMan);
MockAuthContext(apiController);
CloudCoreDB.Context.Cloudcore_UserPasswordUpdate(0, defaultAdminPassword.CreatePasswordHash(0));
FakeIdentity(1, 0);
}
public static bool Login(string username, string password, bool rememberMe, bool requiresInternal, bool requiresExternal)
{
var dbContext = CloudCoreDB.Context;
if (HttpContext.Current.Request.IsAuthenticated)
{
throw new DuplicateLoginException("You are already logged in. Please sign out first before another login attempt is made.");
}
if (!string.IsNullOrWhiteSpace(username) && !string.IsNullOrWhiteSpace(password))
{
Cloudcore_User user = dbContext.Cloudcore_User.Where(r => r.Login == username || r.Email == username).SingleOrDefault();
if (user != null)
{
var encryptedPassword = new Password(password);
if (user.UserId != 0 && !encryptedPassword.Compare(user.UserId, user.PasswordHash))
{
throw new LoginException("The user name or password provided is incorrect.");
}
}
else
{
throw new LoginException("The user name or password provided is incorrect.");
}
if (!user.IntAccess && !user.ExtAccess)
{
throw new LoginException("Could not log you in. Your user account is not active.");
}
if ((requiresInternal && user.IntAccess == false) || (requiresExternal && user.ExtAccess == false))
{
throw new LoginException("You are not authorized to access this part of the system.");
}
CreateIdentity(user);
DateTime? lastlogin = DateTime.Now;
dbContext.Cloudcore_LoginUpdate(user.UserId, CloudCore.Core.Modules.Environment.ApplicationId, ref lastlogin);
return true;
}
else
{
throw new LoginException("The user name or password provided is incorrect.");
}
}
public ApiToken Login([FromBody]UserAuthorization data)
{
var user = (from u in CloudCoreDB.Context.Cloudcore_User
where (u.Login == data.UserName)
select u).SingleOrDefault();
if (user == null)
{
throw new SecurityException("User does not exist or username is invalid.");
}
if (!(user.ExtAccess || user.IntAccess))
{
throw new SecurityException("User is not enabled for access to this system.");
}
string hashedPassword = new Password(data.Password).CreatePasswordHash((int)user.UserId);
if (user.PasswordHash != hashedPassword)
{
throw new SecurityException("Invalid username or password.");
}
return CreateSecretToken(ApiCaller.ApplicationId, (int)user.UserId, "USER_TOKEN_KEY");
}
public static string CreatePasswordHash(int userid, string password)
{
var pword = new Password(password);
return pword.CreatePasswordHash(userid);
}
