public async Task AuthenticateUsingUserName() { // create a user : var user = RandomObjects.RandomUser(new string[] { }).Generate(); var username = user.UserName; var password = "******"; var httpClient = factory.CreateSecureClient(); var account = await _CreateUser(httpClient, user, password); var bindings = new AuthenticateBindings { UserName = username, Password = password }; var response = await httpClient.PostAsync($"{TestStartup.PATH}/account/authenticate", new JsonContent(bindings)); var content = await response.Content.ReadAsStringAsync(); Assert.True(response.IsSuccessStatusCode, response.ReasonPhrase ?? ""); var result = JsonConvert.DeserializeObject <ApiModel <AccountDto> >(content); Assert.True(result.Result.Success, result.Result.Errors?.FirstOrDefault().Value?.FirstOrDefault() ?? ""); Assert.Empty(result.Result.Errors); var resultUser = result.Value; Assert.NotNull(resultUser); Assert.True(resultUser.IsAuthenticated); Assert.NotNull(resultUser.Token); Assert.NotEqual("", resultUser.Token); }
private async Task <string> _authenticateAsync(HttpClient client, string username, string password) { var bindings = new AuthenticateBindings { UserName = username, Password = password }; var response = await client.PostAsync($"{TestStartup.PATH}/account/authenticate", new JsonContent(bindings)); var content = await response.Content.ReadAsStringAsync(); Assert.True(response.IsSuccessStatusCode, response.ReasonPhrase ?? ""); var result = JsonConvert.DeserializeObject <ApiModel <AccountDto> >(content); return(result.Value.Token); }
// [ValidateAntiForgeryToken] public async Task <IActionResult> AuthenticateAsync([FromBody] AuthenticateBindings userDto, string returnUrl = null) { var username = _userManager.NormalizeKey(userDto.UserName); var result = await _signInManager.PasswordSignInAsync(username, userDto.Password, userDto.RememberMe, lockoutOnFailure : false); if (result.Succeeded) { var user = await _userManager.FindByNameAsync(username); if (user == null) { throw new AppException($"impossible to find the user {userDto.UserName} after successfull login using this username"); } _logger.LogInformation("User logged in."); var resultDto = _mapper.Map <AccountDto>(user); resultDto.Token = await _GenerateTokenAsync(user); resultDto.IsAuthenticated = true; return(Ok(ApiModel.AsSuccess(resultDto))); } if (result.RequiresTwoFactor) { return(RedirectToAction(nameof(LoginWith2fa), new { returnUrl, userDto.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(Ok(ApiModel.AsError(userDto, "User account locked out."))); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(Ok(ApiModel.AsError(userDto, "Invalid login attempt."))); } }
public async Task ResetsPassword() { // create a user : var user = RandomObjects.RandomUser(new string[] { }).Generate(); var username = user.UserName; var oldpassword = $"username-Pa$$w0rd-old"; var httpClient = factory.CreateSecureClient(); var token = await this._CreateUserAndGetToken(httpClient, user, oldpassword); // forgot his email var bindings = new ForgotPasswordBindings { UserName = username }; var forgotrequest = await httpClient.PostAsync($"{TestStartup.PATH}/account/forgot", new JsonContent(bindings)); var forgotcontent = await forgotrequest.Content.ReadAsStringAsync(); var forgotresult = JsonConvert.DeserializeObject <ApiModel <AccountDto> >(forgotcontent); // emails : var recievedEmails = this.factory.EmailSender.Flush(); var message = recievedEmails.First().message; // find the link in the email = var regex = new Regex("href=[\"'].*action=(.+)(&[^\"'])?[\"']", RegexOptions.IgnoreCase); var encodedlink = regex.Match(message).Groups[1].Value; var actionLink = WebUtility.UrlDecode(encodedlink); // // finds the action = // var uri = new Uri(actionLink); // var action = HttpUtility.ParseQueryString(uri.Query).Get("action"); var newpassword = $"username-Pa$$w0rd-reset"; var encodedPassword = WebUtility.UrlEncode(newpassword); // request rest var resetrequest = await httpClient.GetAsync($"{actionLink}&password={encodedPassword}"); var resetcontent = await resetrequest.Content.ReadAsStringAsync(); var resetresult = JsonConvert.DeserializeObject <ApiModel <AccountDto> >(resetcontent); Assert.True(resetrequest.IsSuccessStatusCode, resetrequest.ReasonPhrase ?? ""); Assert.True(resetresult.Result.Success, resetresult.Result.Errors?.FirstOrDefault().Value?.FirstOrDefault() ?? ""); Assert.Empty(resetresult.Result.Errors); var verifyNewbindings = new AuthenticateBindings { UserName = user.UserName, Password = newpassword }; var verifyNewresponse = await httpClient.PostAsync($"{TestStartup.PATH}/account/authenticate", new JsonContent(verifyNewbindings)); var verifyNewcontent = await verifyNewresponse.Content.ReadAsStringAsync(); Assert.True(verifyNewresponse.IsSuccessStatusCode, verifyNewresponse.ReasonPhrase ?? ""); var verifyNewResult = JsonConvert.DeserializeObject <ApiModel <AccountDto> >(verifyNewcontent); Assert.True(verifyNewResult.Result.Success, verifyNewResult.Result.Errors?.FirstOrDefault().Value?.FirstOrDefault() ?? ""); Assert.Empty(verifyNewResult.Result.Errors); var resultUser = verifyNewResult.Value; Assert.NotNull(resultUser); Assert.True(resultUser.IsAuthenticated); Assert.NotNull(resultUser.Token); Assert.Equal(user.UserName, resultUser.UserName); Assert.NotEqual("", resultUser.Token); var verifyOldbindings = new AuthenticateBindings { UserName = user.UserName, Password = oldpassword }; var verifyOldresponse = await httpClient.PostAsync($"{TestStartup.PATH}/account/authenticate", new JsonContent(verifyOldbindings)); var verifyOldcontent = await verifyOldresponse.Content.ReadAsStringAsync(); Assert.True(verifyOldresponse.IsSuccessStatusCode, verifyOldresponse.ReasonPhrase ?? ""); var verifyOldResult = JsonConvert.DeserializeObject <ApiModel <AccountDto> >(verifyOldcontent); Assert.False(verifyOldResult.Result.Success); Assert.NotEmpty(verifyOldResult.Result.Errors); // var resultOldUser = verifyOldResult.Value; // Assert.Null(resultOldUser); // Assert.False(resultOldUser.IsAuthenticated); // Assert.Null(resultOldUser.Token); }