public AuthToken CreateAuthToken(User user, bool rememberLogIn)
{
var token = Guid.NewGuid().ToString();
var authToken = new AuthToken
{
Token = token,
UserId = user.Id,
UserName = user.UserName,
Expiration = rememberLogIn ? DateTime.UtcNow.AddYears(1) : DateTime.UtcNow.AddHours(4)
};
_userManager.CreateAuthToken(authToken);
return authToken;
}
public void CreateAuthToken(AuthToken authToken)
{
if (authToken == null)
{
throw new ArgumentNullException("authToken");
}
using (var conn = GetConnection())
{
var cmd = conn.CreateCommand();
cmd.CommandText = UDPATE_AUTH_TOKEN;
cmd.Parameters.AddWithValue("@userId", authToken.UserId);
cmd.Parameters.AddWithValue("@authToken", authToken.Token);
cmd.Parameters.AddWithValue("@authTokenExpiration", authToken.Expiration);
cmd.Connection.Open();
cmd.ExecuteNonQuery();
}
}
public void LogIn_CreatesNewAuthTokenIfExistingIsExpired()
{
var email = "*****@*****.**";
var authToken = new AuthToken
{
Expiration = DateTime.UtcNow.AddDays(-1),
Token = AUTH_TOKEN,
UserId = 1,
UserName = "******"
};
var user = new User
{
AuthToken = authToken,
Email = email,
Id = 1,
Status = UserStatus.Active,
UserName = "******",
};
_userManager
.Setup(manager => manager.GetByEmail(email))
.Returns(user);
_userManager
.Setup(manager => manager.VerifyPassword(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<string>()))
.Returns(true);
_userManager
.Setup(manager => manager.CreateAuthToken(It.IsAny<AuthToken>()))
.Verifiable();
var result = _manager.LogIn(email, "password", true);
_userManager.Verify(manager => manager.CreateAuthToken(It.IsAny<AuthToken>()), Times.Once);
Assert.NotEqual(result.Token, AUTH_TOKEN);
}
public void ReturnsTrueWithCorrectAuthToken()
{
var authToken = new AuthToken
{
Expiration = DateTime.UtcNow.AddDays(1),
UserId = 1,
Token = AUTH_TOKEN
};
_userManager
.Setup(manager => manager.GetAuthToken(USER_ID, USER_NAME))
.Returns(authToken);
var result = _manager.ValidateAuthToken(USER_ID, USER_NAME, AUTH_TOKEN);
Assert.NotNull(result);
}
public void ReturnsFalseWhenAuthTokenHasNoExpiration()
{
var authToken = new AuthToken
{
UserId = 1,
Token = AUTH_TOKEN
};
_userManager
.Setup(manager => manager.GetAuthToken(USER_ID, USER_NAME))
.Returns(authToken);
var result = _manager.ValidateAuthToken(USER_ID, USER_NAME, AUTH_TOKEN);
Assert.Null(result);
}
public void ReturnsFalseWhenAuthTokenDoesntMatch()
{
var authToken = new AuthToken
{
Expiration = DateTime.UtcNow.AddDays(1),
Token = "badToken",
UserId = 1
};
_userManager
.Setup(manager => manager.GetAuthToken(USER_ID, USER_NAME))
.Returns(authToken);
var result = _manager.ValidateAuthToken(USER_ID, USER_NAME, AUTH_TOKEN);
Assert.Null(result);
}
public AuthToken GetAuthToken(long userId, string userName)
{
using (var conn = GetConnection())
{
var cmd = conn.CreateCommand();
cmd.CommandText = GET_AUTH_TOKEN;
cmd.Parameters.AddWithValue("@userId", userId);
cmd.Parameters.AddWithValue("@userName", userName);
cmd.Connection.Open();
using (var dr = cmd.ExecuteReader(CommandBehavior.SingleRow))
{
if(dr.Read())
{
var authToken = new AuthToken
{
Expiration = dr.GetDateTime("authTokenExpiration"),
Token = dr.GetString("authToken"),
UserId = dr.GetInt64("id"),
UserName = dr.GetString("userName")
};
return authToken;
}
}
}
return null;
}
public void CreateAuthToken(AuthToken authToken)
{
_repository.CreateAuthToken(authToken);
}