public async Task LoginTest()
{
//Arrange
var vmUser = new VmUser
{
UserName = "******",
Email = "*****@*****.**",
Phone = "123",
FirstName = "FirstName",
MiddleName = "MiddleName",
LastName = "LastName"
};
var user = _vmConverter.ToModel(vmUser);
await _userManager.CreateAsync(user, "Password!");
var authInput = new VmAuthInput
{
UserName = vmUser.Email,
Password = "******"
};
//Act
var authOutput = await _authenticationService.Login(authInput);
//Assert
Assert.IsNotNull(authOutput?.Token);
Assert.IsFalse(string.IsNullOrWhiteSpace(authOutput.User.Id));
Assert.AreEqual(vmUser.FirstName, authOutput.User.FirstName);
Assert.AreEqual(vmUser.MiddleName, authOutput.User.MiddleName);
Assert.AreEqual(vmUser.LastName, authOutput.User.LastName);
Assert.AreEqual(vmUser.Email, authOutput.User.Email);
Assert.AreEqual(vmUser.Phone, authOutput.User.Phone);
}
public void LoginWithUserNotFoundTest()
{
//Arrange
var userInput = new VmAuthInput {
UserName = "******", Password = "******"
};
//Assert
Assert.ThrowsAsync <HttpResponseException>(async() => await _authenticationService.Login(userInput));
}
public void LoginWithEmptyCredentialsTest(string userName, string password)
{
//Arrange
var userInput = new VmAuthInput {
UserName = userName, Password = password
};
//Assert
Assert.ThrowsAsync <HttpResponseException>(async() => await _authenticationService.Login(userInput));
}
/// <inheritdoc />
public async Task <VmAuthOutput> Login(VmAuthInput authInput)
{
if (authInput == null)
{
throw new HttpResponseException(BadRequest,
$"Parameter '{nameof(authInput)}' cannot be null");
}
if (string.IsNullOrWhiteSpace(authInput.UserName) || string.IsNullOrWhiteSpace(authInput.Password))
{
throw new HttpResponseException(BadRequest, "Username and password cannot be empty");
}
var user = await _userManager.FindByNameAsync(authInput.UserName) ??
await _userManager.FindByEmailAsync(authInput.UserName);
if (user == null || !await _userManager.CheckPasswordAsync(user, authInput.Password))
{
throw new HttpResponseException(Unauthorized);
}
var roleNames = await _userManager.GetRolesAsync(user);
var signinKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_configuration["Jwt:SigningKey"]));
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id),
new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(ClaimsIdentity.DefaultNameClaimType, user.UserName)
};
claims.AddRange(roleNames.Select(r => new Claim(ClaimTypes.Role, r)));
var claimsIdentity = new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
int expiryInHours = Convert.ToInt32(_configuration["Jwt:ExpiryInHours"]);
var token = new JwtSecurityToken(
_configuration["Jwt:Issuer"],
_configuration["Jwt:Audience"],
claimsIdentity.Claims,
expires: authInput.RememberMe ? DateTime.UtcNow.AddMonths(12) : DateTime.UtcNow.AddHours(expiryInHours),
signingCredentials: new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256)
);
var vmUser = _vmConverter.ToViewModel(user);
vmUser.Roles = await _userManager.GetRolesAsync(user);
var tokenString = new JwtSecurityTokenHandler().WriteToken(token);
return(new VmAuthOutput(vmUser, tokenString));
}
public async Task <ActionResult <VmAuthOutput> > Login(VmAuthInput input)
{
var output = await _service.Login(input);
return(Ok(output));
}
