public ActionResult <AccountAccess> Post([FromBody] AccountSignin accountSignin)
{
var result = _authService.Authenticate(accountSignin);
if (result.Status == BrashActionStatus.ERROR || result.Status == BrashActionStatus.UNKNOWN)
{
return(StatusCode(500));
}
if (result.Status == BrashActionStatus.NOT_FOUND)
{
return(StatusCode(404));
}
if (result.Model == null)
{
return(StatusCode(404));
}
return(result.Model);
}
public void CreateUserAccounts()
{
// file system
var path = "/shop/randomsilo/modern-web/backends/LoyalGuard";
var project = "LoyalGuard";
var outputPath = $"{path}/{project}.Infrastructure.Test/TestOutput/";
var databaseFile = GetDatabase(outputPath, MethodBase.GetCurrentMethod());
// logger
ILogger logger = GetLogger($"{outputPath}/{MethodBase.GetCurrentMethod()}.log");
// database setup
// - context
IDatabaseContext databaseContext = new DatabaseContext(
$"Data Source={databaseFile}"
, "TestDb"
, "TestSchema"
, $"{path}/sql/sqlite/ALL.sql"
);
Assert.NotNull(databaseContext);
// - manager
IManageDatabase databaseManager = new DatabaseManager(databaseContext);
Assert.NotNull(databaseManager);
// - create tables
databaseManager.CreateDatabase();
// - repositories
var lGAccountRepository = new LGAccountRepository(databaseManager, new LGAccountRepositorySql(), logger);
var lGPrivilegeRepository = new LGPrivilegeRepository(databaseManager, new LGPrivilegeRepositorySql(), logger);
var lGFeatureRepository = new LGFeatureRepository(databaseManager, new LGFeatureRepositorySql(), logger);
var lGAbilityRepository = new LGAbilityRepository(databaseManager, new LGAbilityRepositorySql(), logger);
var lGRoleRepository = new LGRoleRepository(databaseManager, new LGRoleRepositorySql(), logger);
var lGTokenRepository = new LGTokenRepository(databaseManager, new LGTokenRepositorySql(), logger);
Assert.NotNull(lGAccountRepository);
Assert.NotNull(lGPrivilegeRepository);
Assert.NotNull(lGFeatureRepository);
Assert.NotNull(lGAbilityRepository);
Assert.NotNull(lGRoleRepository);
Assert.NotNull(lGTokenRepository);
// - services
var lGAccountService = new LGAccountService(lGAccountRepository, logger);
var lGPrivilegeService = new LGPrivilegeService(lGPrivilegeRepository, logger);
var lGFeatureService = new LGFeatureService(lGFeatureRepository, logger);
var lGAbilityService = new LGAbilityService(lGAbilityRepository, logger);
var lGRoleService = new LGRoleService(lGRoleRepository, logger);
var lGTokenService = new LGTokenService(lGTokenRepository, logger);
Assert.NotNull(lGAccountService);
Assert.NotNull(lGPrivilegeService);
Assert.NotNull(lGFeatureService);
Assert.NotNull(lGAbilityService);
Assert.NotNull(lGRoleService);
Assert.NotNull(lGTokenService);
// - authService
var authService = new AuthService(
lGAccountService
, lGTokenService
, lGPrivilegeService
, lGFeatureService
, lGAbilityService
, lGRoleService
, logger
);
// - get all features
var featureModels = lGFeatureService.FindWhere("").Models;
// - get all abilities
var abilityModels = lGAbilityService.FindWhere("").Models;
// - get specific roles
var roleModels = lGRoleService.FindWhere("").Models;
var adminRole = roleModels.FirstOrDefault(role => role.ChoiceName == "Administrator");
var userRole = roleModels.FirstOrDefault(role => role.ChoiceName == "User");
var auditorRole = roleModels.FirstOrDefault(role => role.ChoiceName == "Auditor");
// create admin
LGAccount adminAccount = new LGAccount()
{
LastName = "Administator"
, FirstName = "System"
, MiddleName = "X"
, UserName = "******"
, Email = "*****@*****.**"
, Password = "******"
, RoleIdRef = adminRole.LGRoleId
};
var serviceResult = lGAccountService.Create(adminAccount);
Assert.True(serviceResult.Status == BrashActionStatus.SUCCESS, serviceResult.Message);
Assert.True(serviceResult.Model.LGAccountId > 0);
adminAccount = serviceResult.Model;
foreach (var feature in featureModels)
{
foreach (var ability in abilityModels)
{
var priviledge = new LGPrivilege()
{
AbilityIdRef = ability.LGAbilityId
, FeatureIdRef = feature.LGFeatureId
, LGAccountId = adminAccount.LGAccountId
, Starts = DateTime.Now
, Ends = DateTime.Now.AddYears(2)
};
var priviledgeCreateResult = lGPrivilegeService.Create(priviledge);
Assert.True(priviledgeCreateResult.Status == BrashActionStatus.SUCCESS, priviledgeCreateResult.Message);
Assert.True(priviledgeCreateResult.Model.LGPrivilegeId > 0);
}
}
// authenticate
var adminSignIn = new AccountSignin()
{
UserName = "******"
, Password = "******"
};
var adminAuthResult = authService.Authenticate(adminSignIn);
Assert.True(adminAuthResult.Status == BrashActionStatus.SUCCESS);
Assert.NotNull(adminAuthResult.Model);
Assert.NotNull(adminAuthResult.Model.Account);
Assert.NotNull(adminAuthResult.Model.Token);
Assert.Equal("Administrator", adminAuthResult.Model.Role);
}
public BrashActionResult <AccountAccess> Authenticate(AccountSignin model)
{
BrashActionResult <AccountAccess> authResult = new BrashActionResult <AccountAccess>();
authResult.Status = BrashActionStatus.UNKNOWN;
authResult.Message = "";
authResult.Model = new AccountAccess();
var userName = model.UserName.RemoveSpecialCharacters();
Logger.Information($"Authenticate -> USER: {model.UserName}, USER_STRIPPED: {userName}, PASS: {model.Password}");
var findAccountQuery = _lGAccountService.FindWhere($"WHERE UserName = '******'");
if (findAccountQuery.Status == BrashQueryStatus.SUCCESS && findAccountQuery.Models.Count == 1)
{
var foundAccount = findAccountQuery.Models[0];
// confirm password
if (Hashing.ValidatePassword(model.Password, foundAccount.Password))
{
Logger.Information($"Authenticate -> USER: {model.UserName} SUCCESS!");
// set account
foundAccount.Password = null;
authResult.Status = BrashActionStatus.SUCCESS;
authResult.Message = "Authentication successful.";
authResult.Model.Account = foundAccount;
// set role name
var fetchRoleResult = _lGRoleService.Fetch(new LGRole()
{
LGRoleId = foundAccount.RoleIdRef
});
if (fetchRoleResult.Status == BrashActionStatus.SUCCESS)
{
authResult.Model.Role = fetchRoleResult.Model.ChoiceName;
}
else
{
Logger.Error(fetchRoleResult.CaughtException, $"Failed getting the role. Why? Check this: {fetchRoleResult.Message}");
authResult.Model.Role = "Unknown";
}
// transform priviledges into dictionary (string/list of strings)
authResult.Model.Privileges = new Dictionary <string, List <string> >();
var getPrivledgesResult = _lGPrivilegeService.FindWhere($"WHERE LGAccountId = {foundAccount.LGAccountId}");
if (getPrivledgesResult.Status == BrashQueryStatus.SUCCESS)
{
var allFeatures = _lGFeatureService.FindWhere("WHERE 1 = 1").Models;
var allAbilities = _lGAbilityService.FindWhere("WHERE 1 = 1").Models;
foreach (var priviledge in getPrivledgesResult.Models)
{
// get feature
var feature = allFeatures.Where(f => f.LGFeatureId == priviledge.FeatureIdRef).FirstOrDefault();
List <string> featureAbilityList = new List <string>();
if (authResult.Model.Privileges.Keys.Contains(feature.ChoiceName))
{
featureAbilityList = authResult.Model.Privileges[feature.ChoiceName];
}
else
{
authResult.Model.Privileges.Add(feature.ChoiceName, featureAbilityList);
}
// get action
var ability = allAbilities.Where(a => a.LGAbilityId == priviledge.AbilityIdRef).FirstOrDefault();
// set values in response
featureAbilityList.Add(ability.ChoiceName);
}
}
else
{
Logger.Error(getPrivledgesResult.CaughtException, $"Failed getting user privledges. Why? Check this: {getPrivledgesResult.Message}");
authResult.Model.Privileges.Add("ERROR", new List <string>()
{
"GETTING_PRIVLEDGES"
});
}
// create token
LGToken token = new LGToken()
{
LGAccountId = authResult.Model.Account.LGAccountId,
Token = $"{Guid.NewGuid().ToString()}-{Guid.NewGuid().ToString()}-{Guid.NewGuid().ToString()}",
Created = DateTime.Now,
Expires = DateTime.Now.AddHours(1),
LastUsed = DateTime.Now
};
var createTokenResult = _lGTokenService.Create(token);
if (createTokenResult.Status != BrashActionStatus.SUCCESS)
{
authResult.Status = BrashActionStatus.ERROR;
authResult.Message = "Authentication service error (101). Contact technical support.";
}
// set token
authResult.Model.Token = token;
}
else
{
authResult.Status = BrashActionStatus.NOT_FOUND;
authResult.Message = "Inccorect password.";
}
}
else if (findAccountQuery.Status == BrashQueryStatus.NO_RECORDS)
{
authResult.Status = BrashActionStatus.NOT_FOUND;
authResult.Message = "Account not found.";
}
else
{
authResult.Status = BrashActionStatus.ERROR;
authResult.Message = "Authentication service error (100). Contact technical support.";
}
return(authResult);
}
