public async Task <IActionResult> Login(LoginRequest request, CancellationToken cancellationToken)
{
var validator = new LoginRequestValidator();
await validator.ValidateAndThrowAsync(request, null, cancellationToken);
var _privateKey = _configuration.GetSection("AppSettings:PrivateKey").Value;
if (String.IsNullOrEmpty(_privateKey))
{
throw new ControllerException(ErrorCodes.PrivateKeyNotFound, "Controller couldn't retrieve private key");
}
var user = await _userManager.FindByEmailAsync(request.Email);
if (user != null)
{
var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
if (result.Succeeded)
{
var key = TokenHelper.BuildRsaSigningKey(_privateKey);
var userRoles = await _userManager.GetRolesAsync(user);
var token = TokenHelper.GenerateToken(user.Id, userRoles, key, _dateTimeProvider);
var loggedUser = _mapper.Map <LoginResponse>(user);
loggedUser.Token = token;
return(Ok(loggedUser));
}
}
return(Unauthorized());
}
public AuthController(
IAuthService authService,
LoginRequestValidator loginRequestValidator,
SignUpRequestValidator signUpRequestValidator)
{
_authService = authService;
_loginRequestValidator = loginRequestValidator;
_signUpRequestValidator = signUpRequestValidator;
}
public AuthController(
IMediator bus,
LoginRequestValidator loginValidator,
RegisterRequestValidator registerValidator)
{
_bus = bus;
_loginValidator = loginValidator;
_registerValidator = registerValidator;
}
public async Task login_validate_failed(string login, string password)
{
var request = new LoginRequest {
Login = login, Password = password
};
var validator = new LoginRequestValidator();
var validationResult = await validator.ValidateAsync(request, CancellationToken.None);
Assert.False(validationResult.IsValid);
}
public void ShouldThrowUnauthorizedAccessExceptionWhenWrongDataPassed()
{
ILogger logger = new ConsoleLogger();
LoginRequestValidator validator = new LoginRequestValidator();
PasswordHasher passwordHasher = new PasswordHasher();
LoginDto loginDto = new LoginDto()
{
CandidateId = "misxyz000", Password = "******"
};
Assert.ThrowsAsync <UnauthorizedAccessException>(async() => await new LoginUserQuery(logger, validator, DbContext.Object, passwordHasher).Execute(loginDto));
}
public void Should_Fail_On_Password_Too_Short()
{
var validator = new LoginRequestValidator();
var mockRequest = new LoginRequest()
{
Email = "*****@*****.**",
Password = "******"
};
var result = validator.Validate(mockRequest);
result.IsValid.Should().Be(false);
result.Errors.FirstOrDefault(e => e.ErrorMessage == errorMessage).Should().NotBeNull();
}
public void Should_Fail_Email_Too_Long()
{
var validator = new LoginRequestValidator();
var mockRequest = new LoginRequest()
{
Email = new string('&', 300),
Password = "******"
};
var result = validator.Validate(mockRequest);
result.IsValid.Should().Be(false);
result.Errors.FirstOrDefault(e => e.ErrorMessage == errorMessage).Should().NotBeNull();
}
public void Should_Pass_On_Correct_Request()
{
var validator = new LoginRequestValidator();
var mockRequest = new LoginRequest()
{
Email = "*****@*****.**",
Password = "******"
};
var result = validator.Validate(mockRequest);
result.IsValid.Should().Be(true);
result.Errors.Count.Should().Be(0);
}
public async Task ShouldReturnExistingUserOnValidCandidateIdAndPassword()
{
ILogger logger = new ConsoleLogger();
LoginRequestValidator validator = new LoginRequestValidator();
PasswordHasher passwordHasher = new PasswordHasher();
LoginDto loginDto = new LoginDto()
{
CandidateId = "aaabbb000", Password = "******"
};
var query = new LoginUserQuery(logger, validator, DbContext.Object, passwordHasher);
var result = await query.Execute(loginDto);
Assert.AreEqual(result, GetUserCollection()[0]);
}
public async Task <IActionResult> GenerateToken([FromBody] LoginRequest request)
{
try
{
LoginResponse response = new LoginResponse();
var results = LoginRequestValidator.ValidateModel(request);
if (results.IsValid)
{
response = await _accountAppService.Login(request);
}
else
{
response.SetFail(results.Errors.Select(p => p.ToString()));
}
return(Json(response));
}
catch (Exception e)
{
_logger.LogError(e, Common.Common.GetMethodName(), request);
throw;
}
}
public LoginResponse Login(LoginRequest loginRequest)
{
LoginResponse loginResponse = new LoginResponse();
LoginRequestValidator validator = new LoginRequestValidator();
ValidationResult result = validator.Validate(loginRequest);
if (result.IsValid == false)
{
loginResponse.setValidator(result);
return(loginResponse);
}
try
{
User _user = _userRepository.Get(t => ((t.Email != null && t.Email == loginRequest.Email) || (t.Phone != null && t.Phone == loginRequest.Phone))).FirstOrDefault();
if (_user == null)
{
loginResponse.SetStatus(Constants.ResponseCode.INVALID_USERNAME_OR_PASSWORD);
return(loginResponse);
}
loginResponse.Username = _user.Username;
if (_user.IsLocked && _user.LockedTime > DateTime.Now)
{
loginResponse.SetStatus(Constants.ResponseCode.BANNED);
return(loginResponse);
}
if (_user.IsLocked)
{
_user.IsLocked = false; _user.WrongCount = 0;
}
if (_user.Password != Cryptor.sha512encrypt(loginRequest.Password))
{
_user.WrongCount++;
if (_user.WrongCount > 5)
{
_user.UserLocked(1);
}
if (_unitOfWork.SaveChanges() > 0)
{
if (_user.IsLocked)
{
loginResponse.SetStatus(Constants.ResponseCode.BANNED);
return(loginResponse);
}
else
{
loginResponse.SetStatus(Constants.ResponseCode.INVALID_USERNAME_OR_PASSWORD);
return(loginResponse);
}
}
else
{
loginResponse.SetStatus(Constants.ResponseCode.SYSTEM_ERROR);
return(loginResponse);
}
}
Token token = CreateToken();
_user.WrongCount = 0;
_user.Tokens.Add(token);
if (_unitOfWork.SaveChanges() > 0)
{
_cacheManager.AddUserToCache(token.TokenText, _user);
loginResponse.IsVerify = _user.IsVerified;
loginResponse.Username = _user.FullName();
loginResponse.Token = token.TokenText;
loginResponse.ExpireDate = token.EndDate;
loginResponse.Email = _user.Email;
loginResponse.UserRole = _user.UserRoles.Select(t => t.Role.RoleName).ToList();
loginResponse.SetStatus(Constants.ResponseCode.SUCCESS);
return(loginResponse);
}
}
catch (Exception ex)
{
loginResponse.SetStatus(Constants.ResponseCode.SYSTEM_ERROR);
return(loginResponse);
}
return(loginResponse);
}
public void SetUp()
{
_loginRequestValidator = new LoginRequestValidator();
}
public void SetUp()
{
_sut = new LoginRequestValidator();
}