public async Task Handle_WithAValidUserAndPassword_ReturnsUser()
{
//arrange
const string password = "******";
const string username = "******";
Context.Users.Add(new User {
Username = username, Password = BCrypt.Net.BCrypt.EnhancedHashPassword(password)
});
_ = await Context
.SaveChangesAsync()
.ConfigureAwait(false);
var validQuery = new AdminLogInQuery
{
Password = password,
Username = username
};
// act
var user = await _handler.Handle(validQuery, default).ConfigureAwait(false);
//assert
Assert.Equal(username, user.Username);
Assert.True(BCrypt.Net.BCrypt.EnhancedVerify(password, user.Password));
}
public async Task Handle_WithDifferentCaseUsernames_ReturnsUser()
{
//arrange
const string password = "******";
const string username = "******";
Context.Users.Add(new User {
Username = username.ToLower(), Password = BCrypt.Net.BCrypt.EnhancedHashPassword(password)
});
_ = await Context
.SaveChangesAsync()
.ConfigureAwait(false);
var validQuery = new AdminLogInQuery
{
Password = password,
Username = username.ToUpper()
};
// act
var user = await _handler.Handle(validQuery, default).ConfigureAwait(false);
//assert
Assert.True(string.Equals(username, user.Username, System.StringComparison.OrdinalIgnoreCase));
Assert.True(BCrypt.Net.BCrypt.EnhancedVerify(password, user.Password));
}
public async Task Handle_WithNoUsers_Throws()
{
//arrange
var invalidQuery = new AdminLogInQuery
{
Password = string.Empty,
Username = string.Empty
};
// act + assert
_ = await Assert
.ThrowsAsync <FailedLoginException>(() => _handler.Handle(invalidQuery, default))
.ConfigureAwait(false);
}
public async Task <IActionResult> LogIn(AdminLogInQuery command, [FromQuery(Name = "ReturnUrl")] string?returnUrl)
{
if (!ModelState.IsValid)
{
return(View(command));
}
User user;
try
{
user = await _mediator
.Send(command)
.ConfigureAwait(false);
}
catch (FailedLoginException)
{
ModelState.AddModelError(string.Empty, "Username or Password was incorrect");
return(View(command));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.Role, "Administrator"),
};
var claimsIdentity = new ClaimsIdentity(
claims,
CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext
.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity))
.ConfigureAwait(false);
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
return(RedirectToAction("Index"));
}
public async Task Handle_WithAnInvalidUsername_Throws()
{
//arrange
Context.Users.Add(new User {
Username = "******", Password = string.Empty
});
_ = await Context
.SaveChangesAsync()
.ConfigureAwait(false);
var invalidQuery = new AdminLogInQuery
{
Password = string.Empty,
Username = "******"
};
// act + assert
_ = await Assert
.ThrowsAsync <FailedLoginException>(() => _handler.Handle(invalidQuery, default))
.ConfigureAwait(false);
}
public async Task Handle_WithAnInvalidPassword_Throws()
{
//arrange
const string username = "******";
Context.Users.Add(new User {
Username = username, Password = BCrypt.Net.BCrypt.EnhancedHashPassword("password")
});
_ = await Context
.SaveChangesAsync()
.ConfigureAwait(false);
var invalidQuery = new AdminLogInQuery
{
Password = "******",
Username = username
};
// act + assert
_ = await Assert
.ThrowsAsync <FailedLoginException>(() => _handler.Handle(invalidQuery, default))
.ConfigureAwait(false);
}
