public ActionResult <AccountAccess> Post([FromBody] AccountSignin accountSignin) { var result = _authService.Authenticate(accountSignin); if (result.Status == BrashActionStatus.ERROR || result.Status == BrashActionStatus.UNKNOWN) { return(StatusCode(500)); } if (result.Status == BrashActionStatus.NOT_FOUND) { return(StatusCode(404)); } if (result.Model == null) { return(StatusCode(404)); } return(result.Model); }
public void CreateUserAccounts() { // file system var path = "/shop/randomsilo/modern-web/backends/LoyalGuard"; var project = "LoyalGuard"; var outputPath = $"{path}/{project}.Infrastructure.Test/TestOutput/"; var databaseFile = GetDatabase(outputPath, MethodBase.GetCurrentMethod()); // logger ILogger logger = GetLogger($"{outputPath}/{MethodBase.GetCurrentMethod()}.log"); // database setup // - context IDatabaseContext databaseContext = new DatabaseContext( $"Data Source={databaseFile}" , "TestDb" , "TestSchema" , $"{path}/sql/sqlite/ALL.sql" ); Assert.NotNull(databaseContext); // - manager IManageDatabase databaseManager = new DatabaseManager(databaseContext); Assert.NotNull(databaseManager); // - create tables databaseManager.CreateDatabase(); // - repositories var lGAccountRepository = new LGAccountRepository(databaseManager, new LGAccountRepositorySql(), logger); var lGPrivilegeRepository = new LGPrivilegeRepository(databaseManager, new LGPrivilegeRepositorySql(), logger); var lGFeatureRepository = new LGFeatureRepository(databaseManager, new LGFeatureRepositorySql(), logger); var lGAbilityRepository = new LGAbilityRepository(databaseManager, new LGAbilityRepositorySql(), logger); var lGRoleRepository = new LGRoleRepository(databaseManager, new LGRoleRepositorySql(), logger); var lGTokenRepository = new LGTokenRepository(databaseManager, new LGTokenRepositorySql(), logger); Assert.NotNull(lGAccountRepository); Assert.NotNull(lGPrivilegeRepository); Assert.NotNull(lGFeatureRepository); Assert.NotNull(lGAbilityRepository); Assert.NotNull(lGRoleRepository); Assert.NotNull(lGTokenRepository); // - services var lGAccountService = new LGAccountService(lGAccountRepository, logger); var lGPrivilegeService = new LGPrivilegeService(lGPrivilegeRepository, logger); var lGFeatureService = new LGFeatureService(lGFeatureRepository, logger); var lGAbilityService = new LGAbilityService(lGAbilityRepository, logger); var lGRoleService = new LGRoleService(lGRoleRepository, logger); var lGTokenService = new LGTokenService(lGTokenRepository, logger); Assert.NotNull(lGAccountService); Assert.NotNull(lGPrivilegeService); Assert.NotNull(lGFeatureService); Assert.NotNull(lGAbilityService); Assert.NotNull(lGRoleService); Assert.NotNull(lGTokenService); // - authService var authService = new AuthService( lGAccountService , lGTokenService , lGPrivilegeService , lGFeatureService , lGAbilityService , lGRoleService , logger ); // - get all features var featureModels = lGFeatureService.FindWhere("").Models; // - get all abilities var abilityModels = lGAbilityService.FindWhere("").Models; // - get specific roles var roleModels = lGRoleService.FindWhere("").Models; var adminRole = roleModels.FirstOrDefault(role => role.ChoiceName == "Administrator"); var userRole = roleModels.FirstOrDefault(role => role.ChoiceName == "User"); var auditorRole = roleModels.FirstOrDefault(role => role.ChoiceName == "Auditor"); // create admin LGAccount adminAccount = new LGAccount() { LastName = "Administator" , FirstName = "System" , MiddleName = "X" , UserName = "******" , Email = "*****@*****.**" , Password = "******" , RoleIdRef = adminRole.LGRoleId }; var serviceResult = lGAccountService.Create(adminAccount); Assert.True(serviceResult.Status == BrashActionStatus.SUCCESS, serviceResult.Message); Assert.True(serviceResult.Model.LGAccountId > 0); adminAccount = serviceResult.Model; foreach (var feature in featureModels) { foreach (var ability in abilityModels) { var priviledge = new LGPrivilege() { AbilityIdRef = ability.LGAbilityId , FeatureIdRef = feature.LGFeatureId , LGAccountId = adminAccount.LGAccountId , Starts = DateTime.Now , Ends = DateTime.Now.AddYears(2) }; var priviledgeCreateResult = lGPrivilegeService.Create(priviledge); Assert.True(priviledgeCreateResult.Status == BrashActionStatus.SUCCESS, priviledgeCreateResult.Message); Assert.True(priviledgeCreateResult.Model.LGPrivilegeId > 0); } } // authenticate var adminSignIn = new AccountSignin() { UserName = "******" , Password = "******" }; var adminAuthResult = authService.Authenticate(adminSignIn); Assert.True(adminAuthResult.Status == BrashActionStatus.SUCCESS); Assert.NotNull(adminAuthResult.Model); Assert.NotNull(adminAuthResult.Model.Account); Assert.NotNull(adminAuthResult.Model.Token); Assert.Equal("Administrator", adminAuthResult.Model.Role); }
public BrashActionResult <AccountAccess> Authenticate(AccountSignin model) { BrashActionResult <AccountAccess> authResult = new BrashActionResult <AccountAccess>(); authResult.Status = BrashActionStatus.UNKNOWN; authResult.Message = ""; authResult.Model = new AccountAccess(); var userName = model.UserName.RemoveSpecialCharacters(); Logger.Information($"Authenticate -> USER: {model.UserName}, USER_STRIPPED: {userName}, PASS: {model.Password}"); var findAccountQuery = _lGAccountService.FindWhere($"WHERE UserName = '******'"); if (findAccountQuery.Status == BrashQueryStatus.SUCCESS && findAccountQuery.Models.Count == 1) { var foundAccount = findAccountQuery.Models[0]; // confirm password if (Hashing.ValidatePassword(model.Password, foundAccount.Password)) { Logger.Information($"Authenticate -> USER: {model.UserName} SUCCESS!"); // set account foundAccount.Password = null; authResult.Status = BrashActionStatus.SUCCESS; authResult.Message = "Authentication successful."; authResult.Model.Account = foundAccount; // set role name var fetchRoleResult = _lGRoleService.Fetch(new LGRole() { LGRoleId = foundAccount.RoleIdRef }); if (fetchRoleResult.Status == BrashActionStatus.SUCCESS) { authResult.Model.Role = fetchRoleResult.Model.ChoiceName; } else { Logger.Error(fetchRoleResult.CaughtException, $"Failed getting the role. Why? Check this: {fetchRoleResult.Message}"); authResult.Model.Role = "Unknown"; } // transform priviledges into dictionary (string/list of strings) authResult.Model.Privileges = new Dictionary <string, List <string> >(); var getPrivledgesResult = _lGPrivilegeService.FindWhere($"WHERE LGAccountId = {foundAccount.LGAccountId}"); if (getPrivledgesResult.Status == BrashQueryStatus.SUCCESS) { var allFeatures = _lGFeatureService.FindWhere("WHERE 1 = 1").Models; var allAbilities = _lGAbilityService.FindWhere("WHERE 1 = 1").Models; foreach (var priviledge in getPrivledgesResult.Models) { // get feature var feature = allFeatures.Where(f => f.LGFeatureId == priviledge.FeatureIdRef).FirstOrDefault(); List <string> featureAbilityList = new List <string>(); if (authResult.Model.Privileges.Keys.Contains(feature.ChoiceName)) { featureAbilityList = authResult.Model.Privileges[feature.ChoiceName]; } else { authResult.Model.Privileges.Add(feature.ChoiceName, featureAbilityList); } // get action var ability = allAbilities.Where(a => a.LGAbilityId == priviledge.AbilityIdRef).FirstOrDefault(); // set values in response featureAbilityList.Add(ability.ChoiceName); } } else { Logger.Error(getPrivledgesResult.CaughtException, $"Failed getting user privledges. Why? Check this: {getPrivledgesResult.Message}"); authResult.Model.Privileges.Add("ERROR", new List <string>() { "GETTING_PRIVLEDGES" }); } // create token LGToken token = new LGToken() { LGAccountId = authResult.Model.Account.LGAccountId, Token = $"{Guid.NewGuid().ToString()}-{Guid.NewGuid().ToString()}-{Guid.NewGuid().ToString()}", Created = DateTime.Now, Expires = DateTime.Now.AddHours(1), LastUsed = DateTime.Now }; var createTokenResult = _lGTokenService.Create(token); if (createTokenResult.Status != BrashActionStatus.SUCCESS) { authResult.Status = BrashActionStatus.ERROR; authResult.Message = "Authentication service error (101). Contact technical support."; } // set token authResult.Model.Token = token; } else { authResult.Status = BrashActionStatus.NOT_FOUND; authResult.Message = "Inccorect password."; } } else if (findAccountQuery.Status == BrashQueryStatus.NO_RECORDS) { authResult.Status = BrashActionStatus.NOT_FOUND; authResult.Message = "Account not found."; } else { authResult.Status = BrashActionStatus.ERROR; authResult.Message = "Authentication service error (100). Contact technical support."; } return(authResult); }