public void ResetPasswordTest() { UserAccountRecoveryController usersController = CreateFakeUserAccountRecoveryController(); //Set up recovery token on user TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator(_testApiSecret); TokenCreationParams tokenCreationParams = tokenCreatorValidator.CreateToken(_users[0].Id, 30); _users[0].RecoverySalt = tokenCreationParams.SaltBytes; _usersService.Update(_users[0]); //Call endpoint with wrong token var response = usersController.ResetPassword(new PasswordResetModel( _users[0].Email, "wrong-token", "new-password-u1") ); Assert.IsType <BadRequestObjectResult>(response); Assert.True(PasswordVerifier.VerifyPasswordHash("password-u1", _users[0].PasswordHash, _users[0].PasswordSalt)); //Call endpoint and check Ok and user modifications response = usersController.ResetPassword(new PasswordResetModel( _users[0].Email, tokenCreationParams.TokenStr, "new-password-u1") ); Assert.IsType <OkResult>(response); Assert.True(PasswordVerifier.VerifyPasswordHash("new-password-u1", _users[0].PasswordHash, _users[0].PasswordSalt)); Assert.Null(_users[0].RecoverySalt); }
public void AuthenticateValidCredentialsTest() { UserAccountController userController = CreateFakeUserAccountController(); //Authenticate with valid credentials var response = userController.Authenticate( new ReceiveLoginUserModel(_users[0].Email, "password-u1") ); Assert.IsType <OkObjectResult>(response.Result); //Validate return data from endpoint SendLoginUserModel sendLoginUserModel = (SendLoginUserModel)((OkObjectResult)response.Result).Value; Assert.Equal(_users[0].Id, sendLoginUserModel.Id); Assert.Equal(_users[0].Email, sendLoginUserModel.Email); TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator(_testApiSecret); TokenValidationParams tokenValidationParams = tokenCreatorValidator.ValidateToken(sendLoginUserModel.Token); Assert.Equal(_users[0].Id, tokenValidationParams.UserId); User authenticatedUser = _usersService.GetById(_users[0].Id); Assert.Equal( Encoding.Default.GetString(authenticatedUser.AuthSalt), Encoding.Default.GetString(tokenValidationParams.SaltBytes) ); }
public UserAccountRecoveryController( IUsersService userService, IMapper mapper, IOptions <AppConfiguration> configuration) { _userService = userService; _mapper = mapper; _tokenCreatorValidator = new TokenCreatorValidator(configuration.Value.Secret); }
private void AttachUserToContext(HttpContext context, IUsersService userService, string tokenStr) { TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator(_configuration.Value.Secret); try { TokenValidationParams tokenValidationParams = tokenCreatorValidator.ValidateToken(tokenStr); User tokenUser = userService.GetById(tokenValidationParams.UserId); if (Encoding.Default.GetString(tokenUser.AuthSalt) == Encoding.Default.GetString(tokenValidationParams.SaltBytes)) { context.Items["User"] = tokenUser; } } catch { // do nothing if jwt validation fails // user is not attached to context so request won't have access to secure routes } }
public void CreateAndValidateTokenTest() { TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator( RandomString(1024) ); int userId; for (int i = 0; i < 100; i++) { userId = Random.Next(1, Int32.MaxValue); TokenCreationParams tokenCreationParams = tokenCreatorValidator.CreateToken(userId, 30); TokenValidationParams tokenValidationParams = tokenCreatorValidator.ValidateToken(tokenCreationParams.TokenStr); Assert.Equal(userId, tokenValidationParams.UserId); Assert.Equal( Encoding.Default.GetString(tokenCreationParams.SaltBytes), Encoding.Default.GetString(tokenValidationParams.SaltBytes) ); } }