public HttpResponseMessage LoginUser(UserModel model)
{
var responseMessage = this.PerformOperationAndHandleExceptions(() =>
{
this.ValidateUsername(model.Username);
this.ValidateAuthCode(model.AuthCode);
string modelUsernameToLower = model.Username.ToLower();
User user = this.userRepository.GetAll().Where(
usr => usr.Username.ToLower() == modelUsernameToLower &&
usr.AuthCode == model.AuthCode).FirstOrDefault();
if (user == null)
{
throw new InvalidOperationException("Invalid username or password.");
}
if (user.SessionKey == null)
{
user.SessionKey = this.GenerateSessionKey(user.Id);
this.userRepository.Update(user.Id, user);
}
var userLoggedModel = new UserLoggedModel
{
Nickname = user.Nickname,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.OK, userLoggedModel);
return response;
});
return responseMessage;
}
public HttpResponseMessage LogoutUser(UserLoggedModel model)
{
var responseMessage = this.PerformOperationAndHandleExceptions(() =>
{
var user = this.userRepository.GetAll().Where(
usr => usr.SessionKey == model.SessionKey).FirstOrDefault();
if (user == null)
{
throw new InvalidOperationException("The user is not logged in.");
}
user.SessionKey = null;
this.userRepository.Update(user.Id, user);
var response = this.Request.CreateResponse(HttpStatusCode.OK, (object)null);
return response;
});
return responseMessage;
}
public void Post_LogoutUser_ValidLogout()
{
FakeRepository<User> userFakeRepository = new FakeRepository<User>();
UsersController usersController = new UsersController(userFakeRepository);
SetupController(usersController);
User user = new User()
{
AuthCode = "0123456789012345678901234567890123456789",
Username = "******",
Nickname = "TestNickname",
SessionKey = "0SuGqVGqRwitYtijDvHlVfHGotklitbwHdYFkgwIRcIQjRASPQ"
};
userFakeRepository.entities.Add(user);
UserLoggedModel loggedModel = new UserLoggedModel()
{
Nickname = "TestNickname",
SessionKey = "0SuGqVGqRwitYtijDvHlVfHGotklitbwHdYFkgwIRcIQjRASPQ"
};
var response = usersController.LogoutUser(loggedModel);
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
Assert.IsNull(user.SessionKey);
}
public HttpResponseMessage RegisterUser(UserModel model)
{
var responseMessage = this.PerformOperationAndHandleExceptions(() =>
{
ValidateUsername(model.Username);
ValidateNickname(model.Nickname);
ValidateAuthCode(model.AuthCode);
string modelUsernameToLower = model.Username.ToLower();
string modelNicknameToLower = model.Nickname.ToLower();
User user = this.userRepository.GetAll().Where(
usr => usr.Username.ToLower() == modelUsernameToLower &&
usr.AuthCode == model.AuthCode).FirstOrDefault();
if (user != null)
{
throw new InvalidOperationException("The username already exists.");
}
user = new User
{
Username = model.Username,
Nickname = model.Nickname,
AuthCode = model.AuthCode
};
this.userRepository.Add(user);
user.SessionKey = this.GenerateSessionKey(user.Id);
this.userRepository.Update(user.Id, user);
var userLoggedModel = new UserLoggedModel()
{
Nickname = user.Nickname,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, userLoggedModel);
return response;
});
return responseMessage;
}
public void Post_LogoutUser_InvalidLogout_NoUserWithSuchSessionKey()
{
FakeRepository<User> userFakeRepository = new FakeRepository<User>();
UsersController usersController = new UsersController(userFakeRepository);
SetupController(usersController);
User user = new User()
{
AuthCode = "0123456789012345678901234567890123456789",
Username = "******",
Nickname = "TestNickname",
SessionKey = "0RasasdasdGagsdSAjDvHlVfHGotklitbwHdYFkgwIRcIQjBAs"
};
userFakeRepository.entities.Add(user);
UserLoggedModel loggedModel = new UserLoggedModel()
{
Nickname = "TestNickname",
SessionKey = "1NoUserWithThatSessionKeyInvalidSessionKeyBlaQjRAS"
};
var response = usersController.LogoutUser(loggedModel);
}
