public void JoinEvent_Pass_ValidEverything() { // assign var testUId = 100; var newTestUser = "******"; var jwtString = jwtService.CreateToken(newTestUser, testUId); var eventid = 0; // act var result = attendeeManager.JoinEvent(eventid, jwtString); Console.WriteLine(result); Assert.IsNotNull(result); }
public ActionResult Login(LoginRequest request) { // Steps for Implementation // 1. Check if user exists // 1. Create JWT Token // 2. Create Session // 3. Add Session to DB // 4. Return JWT Token on success var user = _userAccountService.ReadUserFromDBUsingEmail(request.EmailAddress.ToLower()); if (user == null) { return(new BadRequestObjectResult("User not found.")); } if (!_passwordService.ValidatePassword(request.Password, user.PasswordSalt, user.PasswordHash)) { // Limit attempts // Invalidate all sessions return(new BadRequestObjectResult("Incorrect password.")); } string jwtToken = JWTService.CreateToken(); Session session = new Session(user.Email, jwtToken); if (!_sessionService.AddSession(session)) { return(new StatusCodeResult(StatusCodes.Status500InternalServerError)); } var jsonString = JsonSerializer.Serialize(session); var jObject = JObject.Parse(jsonString); jObject.Add("firstName", user.FirstName); return(new OkObjectResult(jObject.ToString())); }
public IActionResult GetJWT([FromQuery] RequestJWTModel model) { var token = new JWTModel { Token = jwtService.CreateToken(model.Id, model.Username) }; return(Ok(token)); }
public void AssignJwt_Pass() { //Assign var testUId = 99; var newTestUser = "******"; //Act var jwtString = jwtService.CreateToken(newTestUser, testUId); Console.WriteLine(jwtString); //Assert Assert.IsNotNull(jwtString); }
public void GetEmail_Pass() { // Arrange var JwtToken = _jwtService.CreateToken("*****@*****.**", 1); var expected = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("*****@*****.**") }; // Act var actual = userMan.GetEmail(JwtToken); // Assert Assert.AreEqual(expected.StatusCode, actual.StatusCode); }
public async Task <IActionResult> Login(LoginModel model) { // TODO when use already login // throw new Exception("test"); var ok = await userServices.ValidateUserAsync(model.Username.ToLower(), model.Password); if (!ok) { return(Unauthorized(new ErrorModel { Error = "Wrong password or username" })); } var user = await dbContext.Users.FirstOrDefaultAsync(user => user.Username == model.Username); var token = jwtService.CreateToken(user.Id, user.Username); var userInfo = new UserInfoModel { Token = token, Username = user.Username, Id = user.Id }; return(Ok(userInfo)); }
public IHttpActionResult Authenticate([FromBody] JObject credentials) { if (credentials == null) { return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.UnsupportedMediaType, $"Sorry, but your credentials came in unsupported format."))); } Dictionary <string, object> credentialsData = _jsonToDictionaryConverter.ProvideAPIDataFromJSON(credentials); string username = string.Empty; string password = string.Empty; foreach (var s in credentialsData) { if (s.Key.Contains("username")) { username = s.Value.ToString(); } if (s.Key.Contains("password")) { password = s.Value.ToString(); } } var loginResponse = new LoginResponseVM(); bool isUsernamePasswordValid = _userValidator.ValidateUser(username, password, out Utility_class_User validatedUserModel); //if credentials are invalid if (!isUsernamePasswordValid) { FailedAttemptsFacade failedFacade = FlyingCenterSystem.GetInstance().getFacede <FailedAttemptsFacade>(); FailedLoginAttempt attemptByPassword = failedFacade.GetByPassword(password); FailedLoginAttempt attempByUsername = failedFacade.GetByUserName(username); bool attemptsComparsion = Statics.BulletprofComparsion(attemptByPassword, attempByUsername); if (!attemptsComparsion) { return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Your username or password is incorrect, also there is no consistency between them! Acsess denied."))); } long failedAttemptNum = 0; long failedAttemptNumToDisplay = 1; bool isTheAttemptIsFirts = attemptByPassword.Equals(new FailedLoginAttempt()); if (isTheAttemptIsFirts) { failedFacade.AddBlackUser(new FailedLoginAttempt(username, password, 2, DateTime.Now)); } else { //long.TryParse(ConfigurationManager.AppSettings["Permitted_Login_Attempts_Num"], out long permittedLOginAttempts); if (attemptByPassword.FAILED_ATTEMPTS_NUM <= 3) { failedAttemptNum = attemptByPassword.FAILED_ATTEMPTS_NUM; failedAttemptNumToDisplay = failedAttemptNum; failedAttemptNum++; attemptByPassword.FAILED_ATTEMPTS_NUM = failedAttemptNum; bool isUpdated = failedFacade.UpdateBlackUser(attemptByPassword); } else { if (DateTime.Now.AddDays(-1) < attemptByPassword.FAILURE_TIME) { TimeSpan timeRemainder = new TimeSpan(24, 0, 0) - DateTime.Now.Subtract(attemptByPassword.FAILURE_TIME); return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, $"Sorry, but the system didn't regocnyzed you as registered user. Your accsess is denied. You're had tried to aouthorize more tham 3 times. Wait {timeRemainder.Hours} hours and {timeRemainder.Minutes} minutes until new attempt!"))); } else { failedAttemptNum = 1; attemptByPassword.FAILED_ATTEMPTS_NUM = failedAttemptNum; attemptByPassword.FAILURE_TIME = DateTime.Now; bool updated = failedFacade.UpdateBlackUser(attemptByPassword); } } } return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, $"Sorry, but the system didn't regocnyzed you as registered user. Your accsess is denied. You're had tried to aouthorize {failedAttemptNumToDisplay} times."))); } //if credentials are valid if (isUsernamePasswordValid) { var token = _jwtService.CreateToken(validatedUserModel); return(Ok(token)); } //if credentials are nt valid send unathorized status code in response loginResponse.responseMsg.StatusCode = HttpStatusCode.Unauthorized; IHttpActionResult response = ResponseMessage(loginResponse.responseMsg); return(response); }