public async Task LoginValidAsync() { _authOptions.EnableActiveDirectoryAuth = false; const string email = "*****@*****.**"; const string password = "******"; const string salt = "1234567890123456"; string passwordHash = password.ToSaltedHash(salt); var user = new User { EmailAddress = email, Password = passwordHash, Salt = salt, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user, o => o.ImmediateConsistency()); var result = await SendRequestAsAsync <TokenResult>(r => r .Post() .AppendPath("auth/login") .Content(new LoginModel { Email = email, Password = password }) .StatusCodeShouldBeOk() ); Assert.NotNull(result); Assert.False(String.IsNullOrEmpty(result.Token)); }
public async Task LoginValidExistingActiveDirectoryAsync() { _authOptions.EnableActiveDirectoryAuth = true; var provider = new TestDomainLoginProvider(); string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername); var user = new User { EmailAddress = email, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user, o => o.ImmediateConsistency()); var result = await SendRequestAsAsync <TokenResult>(r => r .Post() .AppendPath("auth/login") .Content(new LoginModel { Email = email, Password = TestDomainLoginProvider.ValidPassword }) .StatusCodeShouldBeOk() ); Assert.NotNull(result); Assert.False(String.IsNullOrEmpty(result.Token)); }
public async Task LoginNoSuchUserAsync() { _authOptions.EnableActiveDirectoryAuth = false; const string email = "*****@*****.**"; const string password = "******"; const string salt = "1234567890123456"; string passwordHash = password.ToSaltedHash(salt); var user = new User { EmailAddress = email, Password = passwordHash, Salt = salt, IsEmailAddressVerified = true, FullName = "User 8" }; await _userRepository.AddAsync(user, o => o.ImmediateConsistency()); await SendRequestAsync(r => r .Post() .AppendPath("auth/login") .Content(new LoginModel { Email = "*****@*****.**", Password = "******" }) .StatusCodeShouldBeUnauthorized() ); }
public bool CanDownGrade(Organization organization, BillingPlan plan, User user, out string message) { if (organization == null || String.IsNullOrWhiteSpace(organization.Id)) { message = "Invalid Organization"; return false; } long currentNumberOfUsers = _userRepository.GetByOrganizationId(organization.Id).Total + organization.Invites.Count; int maxUsers = plan.MaxUsers != -1 ? plan.MaxUsers : int.MaxValue; if (currentNumberOfUsers > maxUsers) { message = String.Format("Please remove {0} user{1} and try again.", currentNumberOfUsers - maxUsers, (currentNumberOfUsers - maxUsers) > 0 ? "s" : String.Empty); return false; } int maxProjects = plan.MaxProjects != -1 ? plan.MaxProjects : int.MaxValue; long projectCount = _projectRepository.GetCountByOrganizationId(organization.Id); if (projectCount > maxProjects) { message = String.Format("Please remove {0} project{1} and try again.", projectCount - maxProjects, (projectCount - maxProjects) > 0 ? "s" : String.Empty); return false; } // Ensure the user can't be apart of more than one free plan. if (String.Equals(plan.Id, FreePlan.Id) && user != null && _organizationRepository.GetByIds(user.OrganizationIds).Documents.Any(o => String.Equals(o.PlanId, FreePlan.Id))) { message = "You already have one free account. You are not allowed to create more than one free account."; return false; } message = String.Empty; return true; }
public async Task<bool> CanAddOrganizationAsync(User user) { if (user == null) return false; var organizations = (await _organizationRepository.GetByIdsAsync(user.OrganizationIds).AnyContext()).Documents.Where(o => o.PlanId == FreePlan.Id); return !organizations.Any(); }
public bool CanAddOrganization(User user) { if (user == null) return false; var organizations = _organizationRepository.GetByIds(user.OrganizationIds).Documents.Where(o => o.PlanId == FreePlan.Id); return !organizations.Any(); }
public async Task LoginInvalidExistingActiveDirectoryAsync() { _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false); Settings.Current.EnableActiveDirectoryAuth = true; // add user var provider = new TestDomainLoginProvider(); string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername); var user = new User { EmailAddress = email, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user); await _configuration.Client.RefreshAsync(Indices.All); // create model var loginModel = new LoginModel { Email = TestDomainLoginProvider.ValidUsername, Password = "******" }; var actionResult = await _authController.LoginAsync(loginModel); var result = await actionResult.ExecuteAsync(new CancellationToken()); Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode); }
public async Task LoginNoSuchUserAsync() { _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false); Settings.Current.EnableActiveDirectoryAuth = false; // add user const string email = "*****@*****.**"; const string password = "******"; const string salt = "1234567890123456"; string passwordHash = password.ToSaltedHash(salt); var user = new User { EmailAddress = email, Password = passwordHash, Salt = salt, IsEmailAddressVerified = true, FullName = "User 8" }; await _userRepository.AddAsync(user); await _configuration.Client.RefreshAsync(Indices.All); // create model var loginModel = new LoginModel { Email = "*****@*****.**", Password = "******" }; var actionResult = await _authController.LoginAsync(loginModel); var result = await actionResult.ExecuteAsync(new CancellationToken()); Assert.Equal(System.Net.HttpStatusCode.Unauthorized, result.StatusCode); }
public async Task CanChangePasswordAsync() { const string email = "*****@*****.**"; const string password = "******"; const string salt = "1234567890123456"; string passwordHash = password.ToSaltedHash(salt); var user = new User { EmailAddress = email, Password = passwordHash, Salt = salt, IsEmailAddressVerified = true, FullName = "User 6", Roles = AuthorizationRoles.AllScopes }; await _userRepository.AddAsync(user, o => o.Cache().ImmediateConsistency()); var result = await SendRequestAsAsync <TokenResult>(r => r .Post() .AppendPath("auth/login") .Content(new LoginModel { Email = email, Password = password, }) .StatusCodeShouldBeOk() ); Assert.NotNull(result); Assert.NotEmpty(result.Token); var token = await _tokenRepository.GetByIdAsync(result.Token); Assert.NotNull(token); var actualUser = await _userRepository.GetByIdAsync(token.UserId); Assert.NotNull(actualUser); Assert.Equal(email, actualUser.EmailAddress); const string newPassword = "******"; var changePasswordResult = await SendRequestAsAsync <TokenResult>(r => r .Post() .BasicAuthorization(email, password) .AppendPath("auth/change-password") .Content(new ChangePasswordModel { CurrentPassword = password, Password = newPassword }) .StatusCodeShouldBeOk() ); Assert.NotNull(changePasswordResult); Assert.NotEmpty(changePasswordResult.Token); Assert.Null(await _tokenRepository.GetByIdAsync(result.Token)); Assert.NotNull(await _tokenRepository.GetByIdAsync(changePasswordResult.Token)); }
public Task SendVerifyEmailAsync(User user) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new UserModel { User = user, BaseUrl = Settings.Current.BaseURL }, "VerifyEmail"); msg.To.Add(user.EmailAddress); return QueueMessageAsync(msg, "verifyemail"); }
public void SendVerifyEmail(User user) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new UserModel { User = user, BaseUrl = Settings.Current.BaseURL }, "VerifyEmail"); msg.To.Add(user.EmailAddress); QueueMessage(msg); }
public Task SendPaymentFailedAsync(User owner, Organization organization) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new PaymentModel { Owner = owner, Organization = organization, BaseUrl = Settings.Current.BaseURL }, "PaymentFailed"); msg.To.Add(owner.EmailAddress); return QueueMessageAsync(msg, "paymentfailed"); }
public void SendPaymentFailed(User owner, Organization organization) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new PaymentModel { Owner = owner, Organization = organization, BaseUrl = Settings.Current.BaseURL }, "PaymentFailed"); msg.To.Add(owner.EmailAddress); QueueMessage(msg); }
public Task SendAddedToOrganizationAsync(User sender, Organization organization, User user) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new AddedToOrganizationModel { Sender = sender, Organization = organization, User = user, BaseUrl = Settings.Current.BaseURL }, "AddedToOrganization"); msg.To.Add(user.EmailAddress); return QueueMessageAsync(msg, "addedtoorganization"); }
public void SendInvite(User sender, Organization organization, Invite invite) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new InviteModel { Sender = sender, Organization = organization, Invite = invite, BaseUrl = Settings.Current.BaseURL }, "Invite"); msg.To.Add(invite.EmailAddress); QueueMessage(msg); }
public void SendAddedToOrganization(User sender, Organization organization, User user) { System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new AddedToOrganizationModel { Sender = sender, Organization = organization, User = user, BaseUrl = Settings.Current.BaseURL }, "AddedToOrganization"); msg.To.Add(user.EmailAddress); QueueMessage(msg); }
public Task SendPasswordResetAsync(User user) { if (String.IsNullOrEmpty(user?.PasswordResetToken)) return TaskHelper.Completed(); System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new UserModel { User = user, BaseUrl = Settings.Current.BaseURL }, "PasswordReset"); msg.To.Add(user.EmailAddress); return QueueMessageAsync(msg); }
public void SendPasswordReset(User user) { if (user == null || String.IsNullOrEmpty(user.PasswordResetToken)) return; System.Net.Mail.MailMessage msg = _emailGenerator.GenerateMessage(new UserModel { User = user, BaseUrl = Settings.Current.BaseURL }, "PasswordReset"); msg.To.Add(user.EmailAddress); QueueMessage(msg); }
public ViewCurrentUser(User user) { Id = user.Id; OrganizationIds = user.OrganizationIds; FullName = user.FullName; EmailAddress = user.EmailAddress; EmailNotificationsEnabled = user.EmailNotificationsEnabled; IsEmailAddressVerified = user.IsEmailAddressVerified; IsActive = user.IsActive; Roles = user.Roles; Hash = HMACSHA256HashString(user.Id); HasLocalAccount = !String.IsNullOrWhiteSpace(user.Password); OAuthAccounts = user.OAuthAccounts; }
public static User GenerateUser(bool generateId = false, string id = null, string organizationId = null, string emailAddress = null, IEnumerable<string> roles = null) { var user = new User { Id = id.IsNullOrEmpty() ? generateId ? ObjectId.GenerateNewId().ToString() : TestConstants.UserId : id, EmailAddress = emailAddress.IsNullOrEmpty() ? String.Concat(RandomData.GetWord(false), "@", RandomData.GetWord(false), ".com") : emailAddress, Password = TestConstants.UserPassword, FullName = "Eric Smith", PasswordResetToken = Guid.NewGuid().ToString() }; user.OrganizationIds.Add(organizationId.IsNullOrEmpty() ? TestConstants.OrganizationId : organizationId); if (roles != null) user.Roles.AddRange(roles); return user; }
public static void ApplyBillingPlan(Organization organization, BillingPlan plan, User user = null, bool updateBillingPrice = true) { organization.PlanId = plan.Id; organization.PlanName = plan.Name; organization.PlanDescription = plan.Description; organization.BillingChangeDate = DateTime.Now; if (updateBillingPrice) organization.BillingPrice = plan.Price; organization.BillingChangedByUserId = user?.Id; organization.MaxUsers = plan.MaxUsers; organization.MaxProjects = plan.MaxProjects; organization.RetentionDays = plan.RetentionDays; organization.MaxEventsPerMonth = plan.MaxEventsPerMonth; organization.HasPremiumFeatures = plan.HasPremiumFeatures; }
public Token GetOrCreate(User user) { var existingToken = _tokenRepository.GetByUserId(user.Id).Documents.FirstOrDefault(t => t.ExpiresUtc > DateTime.UtcNow && t.Type == TokenType.Access); if (existingToken != null) return existingToken; var token = new Token { Id = StringExtensions.GetNewToken(), UserId = user.Id, CreatedUtc = DateTime.UtcNow, ModifiedUtc = DateTime.UtcNow, CreatedBy = user.Id, Type = TokenType.Access }; _tokenRepository.Add(token); return token; }
public async Task CreateDataAsync() { if (await _userRepository.GetByEmailAddressAsync(TEST_USER_EMAIL).AnyContext() != null) return; var user = new User { FullName = "Test User", EmailAddress = TEST_USER_EMAIL, IsEmailAddressVerified = true }; user.Roles.Add(AuthorizationRoles.Client); user.Roles.Add(AuthorizationRoles.User); user.Roles.Add(AuthorizationRoles.GlobalAdmin); user.Salt = StringExtensions.GetRandomString(16); user.Password = TEST_USER_PASSWORD.ToSaltedHash(user.Salt); user = await _userRepository.AddAsync(user, true).AnyContext(); await CreateOrganizationAndProjectAsync(user.Id).AnyContext(); await CreateInternalOrganizationAndProjectAsync(user.Id).AnyContext(); }
public async Task<ChangePlanResult> CanDownGradeAsync(Organization organization, BillingPlan plan, User user) { if (String.IsNullOrWhiteSpace(organization?.Id)) return ChangePlanResult.FailWithMessage("Invalid Organization"); long currentNumberOfUsers = (await _userRepository.GetByOrganizationIdAsync(organization.Id).AnyContext()).Total + organization.Invites.Count; int maxUsers = plan.MaxUsers != -1 ? plan.MaxUsers : int.MaxValue; if (currentNumberOfUsers > maxUsers) return ChangePlanResult.FailWithMessage($"Please remove {currentNumberOfUsers - maxUsers} user{((currentNumberOfUsers - maxUsers) > 0 ? "s" : String.Empty)} and try again."); int maxProjects = plan.MaxProjects != -1 ? plan.MaxProjects : int.MaxValue; long projectCount = await _projectRepository.GetCountByOrganizationIdAsync(organization.Id).AnyContext(); if (projectCount > maxProjects) return ChangePlanResult.FailWithMessage($"Please remove {projectCount - maxProjects} project{((projectCount - maxProjects) > 0 ? "s" : String.Empty)} and try again."); // Ensure the user can't be apart of more than one free plan. if (String.Equals(plan.Id, FreePlan.Id) && user != null && (await _organizationRepository.GetByIdsAsync(user.OrganizationIds)).Documents.Any(o => String.Equals(o.PlanId, FreePlan.Id))) return ChangePlanResult.FailWithMessage("You already have one free account. You are not allowed to create more than one free account."); return new ChangePlanResult { Success = true }; }
public static void ApplyBillingPlan(Organization organization, BillingPlan plan, User user = null, bool updateBillingPrice = true) { organization.PlanId = plan.Id; organization.PlanName = plan.Name; organization.PlanDescription = plan.Description; organization.BillingChangeDate = DateTime.Now; if (updateBillingPrice) organization.BillingPrice = plan.Price; if (user != null) organization.BillingChangedByUserId = user.Id; organization.MaxUsers = plan.MaxUsers; organization.MaxProjects = plan.MaxProjects; organization.RetentionDays = plan.RetentionDays; organization.MaxEventsPerMonth = plan.MaxEventsPerMonth; organization.HasPremiumFeatures = plan.HasPremiumFeatures; organization.SetMonthlyUsage(organization.GetCurrentMonthlyTotal(), organization.GetCurrentMonthlyBlocked(), organization.GetCurrentMonthlyTooBig()); }
public async Task SignupShouldFailWhenUsingExistingAccountWithNoPasswordOrInvalidPassword() { var userRepo = GetService <IUserRepository>(); const string email = "*****@*****.**"; const string password = "******"; const string salt = "1234567890123456"; string passwordHash = password.ToSaltedHash(salt); var user = new User { EmailAddress = email, Password = passwordHash, Salt = salt, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user, o => o.ImmediateConsistency()); await SendRequestAsync(r => r .Post() .AppendPath("auth/signup") .Content(new SignupModel { Email = email, Name = "Random Name" }) .StatusCodeShouldBeBadRequest() ); await SendRequestAsync(r => r .Post() .AppendPath("auth/signup") .Content(new SignupModel { Email = email, Name = "Random Name", Password = "******", }) .StatusCodeShouldBeUnauthorized() ); }
public async Task LoginValidAsync() { _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false); Settings.Current.EnableActiveDirectoryAuth = false; // add user const string email = "*****@*****.**"; const string password = "******"; const string salt = "1234567890123456"; string passwordHash = password.ToSaltedHash(salt); var user = new User { EmailAddress = email, Password = passwordHash, Salt = salt, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user); await _configuration.Client.RefreshAsync(Indices.All); // create model var loginModel = new LoginModel { Email = email, Password = password }; var actionResult = await _authController.LoginAsync(loginModel); var result = await actionResult.ExecuteAsync(new CancellationToken()); Assert.True(result.IsSuccessStatusCode, "Status Code is failure."); Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode); var tokenResult = GetResult <TokenResult>(result); Assert.NotNull(tokenResult); Assert.False(string.IsNullOrEmpty(tokenResult.Token)); }
public async Task LoginInvalidExistingActiveDirectoryAsync() { _authOptions.EnableActiveDirectoryAuth = true; var provider = new TestDomainLoginProvider(); string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername); var user = new User { EmailAddress = email, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user, o => o.ImmediateConsistency()); await SendRequestAsync(r => r .Post() .AppendPath("auth/login") .Content(new LoginModel { Email = TestDomainLoginProvider.ValidUsername, Password = "******" }) .StatusCodeShouldBeUnauthorized() ); }
public string CreateDefaultOrganizationAndProject(User user) { string organizationId = user.OrganizationIds.FirstOrDefault(); if (!String.IsNullOrEmpty(organizationId)) { var defaultProject = _projectRepository.GetByOrganizationId(user.OrganizationIds.First(), useCache: true).Documents.FirstOrDefault(); if (defaultProject != null) return defaultProject.Id; } else { var organization = new Organization { Name = "Default Organization" }; BillingManager.ApplyBillingPlan(organization, Settings.Current.EnableBilling ? BillingManager.FreePlan : BillingManager.UnlimitedPlan, user); _organizationRepository.Add(organization); organizationId = organization.Id; } var project = new Project { Name = "Default Project", OrganizationId = organizationId }; project.NextSummaryEndOfDayTicks = DateTime.UtcNow.Date.AddDays(1).AddHours(1).Ticks; project.AddDefaultOwnerNotificationSettings(user.Id); project = _projectRepository.Add(project); _tokenRepository.Add(new Token { Id = StringExtensions.GetNewToken(), OrganizationId = organizationId, ProjectId = project.Id, CreatedUtc = DateTime.UtcNow, ModifiedUtc = DateTime.UtcNow, Type = TokenType.Access }); if (!user.OrganizationIds.Contains(organizationId)) { user.OrganizationIds.Add(organizationId); _userRepository.Save(user, true); } return project.Id; }
public async Task LoginValidExistingActiveDirectoryAsync() { _authController.Request = CreateRequestMessage(LOGIN_ENDPOINT, null, false, false); Settings.Current.EnableActiveDirectoryAuth = true; // add user var provider = new TestDomainLoginProvider(); string email = provider.GetEmailAddressFromUsername(TestDomainLoginProvider.ValidUsername); var user = new User { EmailAddress = email, IsEmailAddressVerified = true, FullName = "User 6" }; await _userRepository.AddAsync(user); await _configuration.Client.RefreshAsync(Indices.All); // create model var loginModel = new LoginModel { Email = email, Password = TestDomainLoginProvider.ValidPassword }; var actionResult = await _authController.LoginAsync(loginModel); var result = await actionResult.ExecuteAsync(new CancellationToken()); Assert.True(result.IsSuccessStatusCode, "Status Code is failure."); Assert.Equal(System.Net.HttpStatusCode.OK, result.StatusCode); var tokenResult = GetResult <TokenResult>(result); Assert.NotNull(tokenResult); Assert.False(string.IsNullOrEmpty(tokenResult.Token)); }
public Task SendVerifyEmailAsync(User user) { return Task.CompletedTask; }
public Task SendPasswordResetAsync(User user) { return Task.CompletedTask; }
public Task SendInviteAsync(User sender, Organization organization, Invite invite) { return Task.CompletedTask; }
public void CreateTestData() { if (_userRepository.GetByEmailAddress(TEST_USER_EMAIL) != null) return; var user = new User { FullName = "Test User", EmailAddress = TEST_USER_EMAIL, IsEmailAddressVerified = true }; user.Roles.Add(AuthorizationRoles.Client); user.Roles.Add(AuthorizationRoles.User); user.Roles.Add(AuthorizationRoles.GlobalAdmin); user.Salt = StringExtensions.GetRandomString(16); user.Password = TEST_USER_PASSWORD.ToSaltedHash(user.Salt); user = _userRepository.Add(user); CreateTestOrganizationAndProject(user.Id); CreateTestInternalOrganizationAndProject(user.Id); }
public void SendPasswordReset(User user) {}
public void SendVerifyEmail(User user) {}
private void SetupUserRequest(HttpRequestMessage request, User user) { request.GetRequestContext().Principal = new ClaimsPrincipal(user.ToIdentity()); request.SetUser(user); }
public Task SendAddedToOrganizationAsync(User sender, Organization organization, User user) { return Task.CompletedTask; }
public static void SetUser(this HttpRequestMessage message, User user) { message?.GetOwinContext().Set("User", user); }
public Task SendPaymentFailedAsync(User owner, Organization organization) { return Task.CompletedTask; }