public virtual async Task <IActionResult> LoginAsync(UserRequest user) { var result = await _authenticationService.LoginAsync(user.Username, user.Password); if (result != null) { result.Token = _jwtService.GenerateJwtToken(_configuration, result); return(Ok(result)); } return(Unauthorized()); }
public async Task <IActionResult> Login([FromBody] LoginDTO model) { var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, false); if (result.Succeeded) { ApplicationUser user = _userManager.Users.SingleOrDefault(r => r.Email == model.Email); return(Json(_jwtService.GenerateJwtToken(user))); } return(NotFound()); }
public async Task GenerateJwtToken_UserIdTAttached_ContainsExpectedID() { var userId = Guid.NewGuid(); var user = new User() { UserId = userId }; List <Role> roles = new List <Role>(); var token = jwt.GenerateJwtToken(user, roles); var tokenResult = new JwtSecurityTokenHandler().ReadJwtToken(token); Assert.That(tokenResult.Claims.ToList().Find(c => c.Type == "id" && c.Value == userId.ToString()), Is.Not.Null); }
public async Task <IActionResult> Login(LoginModel loginModel) { var user = _userManager.Users.SingleOrDefault(user => user.UserName == loginModel.Email); if (user == null) { return(BadRequest()); } if (ModelState.IsValid) { var correctPassword = await _userManager.CheckPasswordAsync(user, loginModel.Password); if (correctPassword) { var loginResponse = new LoginResponse { UserId = user.Id, JwtToken = JwtService.GenerateJwtToken(user, _jwtSettings) }; //return Ok(JwtService.GenerateJwtToken(user, _jwtSettings)); return(Ok(loginResponse)); } } return(BadRequest()); }
public void CanGenerateATokenUsingConfiguration() { var user = new User { Id = 42 }; var now = new DateTimeOffset(new DateTime(2018, 8, 4, 4, 42, 12, DateTimeKind.Utc)); _timeService.UtcNow .Returns(now); var token = _jwtService.GenerateJwtToken(user.Id); using (new AssertionScope()) { var tokenElements = token.Split('.'); tokenElements.Length.Should().Be(3); var header = JObject.Parse(Encoding.UTF8.GetString(Convert.FromBase64String(tokenElements[0]))); header.Value <string>("alg").Should().Be("HS256"); header.Value <string>("typ").Should().Be("JWT"); var payload = JObject.Parse(Encoding.UTF8.GetString(Convert.FromBase64String(tokenElements[1]))); payload.Value <string>("sub").Should().Be("42"); payload.Value <long>("exp").Should().Be(now.AddMinutes(3).ToUnixTimeSeconds()); } }
public void GenerateJwtToken_WhenCalled_ReturnsATokenWithTheSpecifiedExpirationStoredAsAClaim(int lengthInSeconds) { //Create uut var configuration = Substitute.For <IConfiguration>(); configuration[JwtSecret].Returns(JwtSecretValue); configuration[JwtExpire].Returns(lengthInSeconds.ToString()); var jwtService = new JwtService(configuration); //We are not testing the email, role or id, so lets hard code those var role = "Customer"; var email = "*****@*****.**"; var id = "someId"; //Create a datetime object and remove milliseconds. If milliseconds are not removed, all tests will fails var expectedExpirationDateTime = DateTime.Now.AddMinutes(lengthInSeconds); expectedExpirationDateTime = DateTime.ParseExact(expectedExpirationDateTime.ToString("yyyy-MM-dd HH:mm:ss"), "yyyy-MM-dd HH:mm:ss", null); var serializedToken = jwtService.GenerateJwtToken(id, email, role); var token = new JwtSecurityToken(serializedToken); var expirationDateTimeInToken = token.Payload.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Expiration)?.Value; Assert.That(expectedExpirationDateTime, Is.EqualTo(DateTime.Parse(expirationDateTimeInToken, CultureInfo.InvariantCulture))); }
public void GenerateJwtToken_WhenCalled_ReturnsATokenWithTheSpecifiedExpirationStoredOutsideClaims(int lengthInMinutes) { //Create uut var configuration = Substitute.For <IConfiguration>(); configuration[JwtSecret].Returns(JwtSecretValue); configuration[JwtExpire].Returns(lengthInMinutes.ToString()); var jwtService = new JwtService(configuration); //We are not testing the email, role or id, so lets hard code those var role = "Customer"; var email = "*****@*****.**"; var id = "someId"; var expectedExpirationDateTime = DateTime.Now.AddMinutes(lengthInMinutes); expectedExpirationDateTime = DateTime.ParseExact(expectedExpirationDateTime.ToString("yyyy-MM-dd HH:mm:ss"), "yyyy-MM-dd HH:mm:ss", null); var serializedToken = jwtService.GenerateJwtToken(id, email, role); var token = new JwtSecurityToken(serializedToken); var expirationDateTimeInToken = DateTime.UnixEpoch.AddSeconds(token.Payload.Exp.Value).ToLocalTime(); //To local time to avoid errors because of winter/summer time Assert.That(expectedExpirationDateTime, Is.EqualTo(expirationDateTimeInToken)); }
public async Task <IActionResult> Login([FromBody] LoginViewModel loginRequest) { // check validity of request if (loginRequest.Email == "" || loginRequest.Email == null) { return(BadRequest(new { status = false, message = "Email cannot be empty." })); } if (!Validator.IsEmailValid(loginRequest.Email)) { return(BadRequest(new { status = false, message = "Email is not valid." })); } if (loginRequest.Password == "" || loginRequest.Password == null) { return(BadRequest(new { status = false, message = "Password cannot be empty." })); } // check if user exists in db Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(loginRequest.Email, loginRequest.Password, false, false); if (result.Succeeded) { IdentityUser appUser = _userManager.Users.SingleOrDefault(r => r.Email == loginRequest.Email); return(Ok(new { status = true, token = _jwtService.GenerateJwtToken(loginRequest.Email, appUser) })); } return(BadRequest(new { status = false, message = "Wrong email or password." })); }
public async Task <ActionResult <String> > GetFatToken() { var userId = new Guid(User.FindFirstValue("id")); var user = _permissionContext.Users.Find(userId); if (user == null) { return(BadRequest("User does not exist")); } var userPermissions = await _permissionContext.Roles .Where(user => user.UserId == userId) .ToListAsync(); return(_jwtService.GenerateJwtToken(user, userPermissions)); }
public async Task <Response> LoginUserAsync(LoginUserRequest request) { //Some explicit transaction because user manager is out of ordinary and autosaves otherwise in another scope. var result = await _signInManager.PasswordSignInAsync(request.Email, request.Password, false, false); if (!result.Succeeded) { throw new QueryException( ErrorBuilder.New() .SetMessage("Cannot login, invalid credentials") .SetCode("ID_UNKNOWN") .Build()); } var user = await _userManager.FindByEmailAsync(request.Email); var response = new Response() { User = user, Token = _jwtService.GenerateJwtToken(user.Id, user.Email) }; return(response); }
public void GivenAJwtForAUser() { var hasUtil = new PasswordHashingService(); _testDataUtil.AddUser(u => u.HashedPassword = hasUtil.HashPassword("some-password")); _scenarioContext.SetUsername(_testDataUtil.GetLast <User>().Username); _scenarioContext.SetPassword("some-password"); _scenarioContext.SetUserId(_testDataUtil.GetLast <User>().Id); var jwtService = new JwtService(new AuthenticationConfiguration { JwtSigningKey = NaheulbookApiServer.JwtSigningKey, JwtExpirationDelayInMinutes = 10 }, new TimeService()); var jwt = jwtService.GenerateJwtToken(_testDataUtil.GetLast <User>().Id); _scenarioContext.SetJwt(jwt); }
public async Task <ActionResult> Authenticate([FromBody] AuthenticateModel model) { Response <User> authorizationResult = await _userService.AuthenticateAsync(model); if (authorizationResult.Success == false) { return(BadRequest(authorizationResult)); } string tokenString = _jwtService.GenerateJwtToken(authorizationResult.Data); var result = new Response <string> { Message = authorizationResult.Message, Data = tokenString }; return(Ok(result)); }
public async Task <LoginInfoViewModel> Login(LoginViewModel model) { var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberMe, false); if (!result.Succeeded) { throw new UnauthorizedAccessException("Could not login"); } var appUser = _userManager.Users.Single(r => r.UserName == model.Username); var loginResult = new LoginInfoViewModel { UserId = appUser.Id, Token = JwtService.GenerateJwtToken(_configuration, model.Username, appUser), }; return(loginResult); }
public void GenerateJwtToken_WhenCalled_ReturnsATokenWithASpecifiedRole(string role) { //Create uut var configuration = Substitute.For <IConfiguration>(); configuration[JwtSecret].Returns(JwtSecretValue); configuration[JwtExpire].Returns(JwtExpireValue); var jwtService = new JwtService(configuration); //We are not testing the email and id, so lets hard code those var email = "*****@*****.**"; var id = "someId"; var serializedToken = jwtService.GenerateJwtToken(id, email, role); var token = new JwtSecurityToken(serializedToken); var roleInToken = token.Payload.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Role)?.Value; Assert.That(role, Is.EqualTo(roleInToken)); }
public void GenerateJwtToken_UserIsNull_ThrowArgumentNullException() { Assert.That(() => _service.GenerateJwtToken(null), Throws.Exception.TypeOf <ArgumentNullException>()); }
public string PostName() { return(JwtService.GenerateJwtToken()); }