public void AuthenticateUser_Returns_OkObjectResult()
{
// Arrange
var userRepositoryMock = new Mock <IUserRepository>();
var userIMapperMock = new MapperConfiguration(config =>
{
config.AddProfile(new MovieMapper());
});
var userMapper = userIMapperMock.CreateMapper();
UsersController userApiController = new UsersController(userRepositoryMock.Object, mapper: userMapper);
var userDto = new UserAuthDTO()
{
Password = "******",
UserName = "******"
};
var userModel = new UserModel()
{
FirstName = "Gabriel",
LastName = "Isaac",
Email = "*****@*****.**",
Password = "******",
UserName = "******"
};
userRepositoryMock.Setup(repo => repo.Authenticate(userDto.UserName, userDto.Password)).Returns(userModel);
// Act
var userResult = userApiController.Authenticate(userDto);
var okResult = userResult as OkObjectResult;
// Assert
Assert.True(okResult.StatusCode is StatusCodes.Status200OK);
}
public void GetAllUsers_Returns_OkObjectResult()
{
// Arrange
var userRepositoryMock = new Mock <IUserRepository>();
var userIMapperMock = new MapperConfiguration(config =>
{
config.AddProfile(new MovieMapper());
});
var userMapper = userIMapperMock.CreateMapper();
UsersController movieApiController = new UsersController(userRepositoryMock.Object, mapper: userMapper);
var userDto = new UserAuthDTO()
{
Password = "******",
UserName = "******"
};
int userId = 1;
var userModel = new UserModel()
{
FirstName = "Gabriel",
LastName = "Isaac",
Email = "*****@*****.**",
Password = "******",
UserName = "******",
UserId = userId
};
userRepositoryMock.Setup(repo => repo.GetAll()).Returns(It.IsAny <IEnumerable <UserModel> >());
// Act
var userResult = movieApiController.GetAll();
var okResult = userResult as OkObjectResult;
// Assert
Assert.True(okResult.StatusCode is StatusCodes.Status200OK);
}
public static string Login(UserAuthDTO value)
{
using (var dbContext = new FiszkiContext())
{
var user = dbContext.Users.FirstOrDefault(x => x.Login == value.Login);
if (user == null)
{
return(null);
}
if (user.Password != value.Password)
{
dbContext.UsersLogs.Add(new Repositories.UserLogs
{
UserId = user.Id,
LoginDate = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"),
LoginStatus = "Nieprawidłowe hasło"
});
dbContext.SaveChanges();
return(null);
}
dbContext.UsersLogs.Add(new Repositories.UserLogs
{
UserId = user.Id,
LoginDate = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"),
LoginStatus = "Zalogowano"
});
dbContext.SaveChanges();
return(JWTService.GenerateToken(user.Id));
}
}
public IActionResult Authenticate([FromBody] UserAuthDTO userAuthModel)
{
var user = userService.Authenticate(userAuthModel.Username, userAuthModel.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect!" }));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.ID.ToString()) }),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
return(Ok(new
{
ID = user.ID,
Username = user.Username,
Firstname = user.Firstname,
Lastname = user.Lastname,
Token = tokenString
}));
}
public async Task RegisterUserAsync(UserAuthDTO userAuthDto)
{
if (string.IsNullOrEmpty(userAuthDto.Password) || userAuthDto.Password.Length < 8 ||
string.IsNullOrWhiteSpace(userAuthDto.Email) ||
string.IsNullOrWhiteSpace(userAuthDto.NickName))
{
throw new Exception("Password is invalid");
}
if (await GetUserAsync(userAuthDto.NickName) != null)
{
throw new Exception("Username is already taken");
}
if (!(await IsEmailUnique(userAuthDto.Email)))
{
throw new Exception("Email is already taken");
}
Authorization.CreatePasswordHash(userAuthDto.Password, out var passwordHash, out var passwordSalt);
var user = mapper.Map <UserAuthDTO, User>(userAuthDto);
user.PasswordHash = passwordHash;
user.Salt = passwordSalt;
await repository.RegisterUserAsync(user);
this._emailClient.SendActivationLink(user.Email, user.NickName);
}
public static UserDTO CurrentUser(this HttpContext httpContext)
{
var _userService = httpContext.RequestServices.GetRequiredService <IUserService>();
var _mapper = httpContext.RequestServices.GetRequiredService <IMapper>();
UserAuthDTO userAuthDTO = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(httpContext.Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
userAuthDTO = _userService.Authenticate(username, password);
}
catch
{
throw new UnauthorizedAccessException("Unauthorized");
}
if (userAuthDTO == null)
{
throw new UnauthorizedAccessException("Invalid Username or Password");
}
return(_userService.GetById(userAuthDTO.Id));
}
public async Task DeleteAccountAsync(UserAuthDTO user)
{
var originalUser = await GetUserIfLogged(user.NickName, user.Password);
originalUser.Status = UserStatus.Deactivated;
await this.repository.UpdateUserAsync(originalUser);
}
public async Task UpdateEmailAsync(UserAuthDTO userDto)
{
var user = await GetUserIfLogged(userDto.NickName, userDto.Password);
user.Email = userDto.Email;
await this.repository.UpdateUserAsync(user);
}
public async System.Threading.Tasks.Task ResetAccessFailedCount(UserAuthDTO userDto)
{
var user = await _userManager.FindByEmailAsync(userDto.Email);
if (user != null)
{
await _userManager.ResetAccessFailedCountAsync(user.Id);
}
}
public async Task <ActionResult> SignUp(UserAuthDTO userAuthDto)
{
var user = _mapper.Map <UserAuthDTO, User>(userAuthDto);
var userSignUpResult = await _userManager.CreateAsync(user, userAuthDto.Password);
return(userSignUpResult.Succeeded
? Created(string.Empty, string.Empty)
: Problem(userSignUpResult.Errors.First().Description, null, 500));
}
public ActionResult Post([FromBody] UserAuthDTO request)
{
var user = _authUserCommand.Execute(request);
var stringObjekat = JsonConvert.SerializeObject(user);
var encrypted = _enc.EncryptString(stringObjekat);
return(Ok(new { token = encrypted }));
}
public User Register(UserAuthDTO user)
{
user.UserName = user.UserName.ToLower();
User newUser = new User {
FirstName = user.FirstName, LastName = user.LastName, UserName = user.UserName, MainCurrencyId = user.MainCurrencyId
};
newUser = _repository.Register(newUser, user.Password);
return(newUser);
}
public UserAuthDTO GetCredentialsByEmail(string email)
{
User user = DBContext.User.FirstOrDefault(u => u.Email == email);
if (user != null)
{
UserAuthDTO userAuthInfo = UserAuthMapper.Map <User, UserAuthDTO>(user);
return(userAuthInfo);
}
return(null);
}
public async Task Will_Throw_Exception_When_User_Already_Exists(string email, string nickname)
{
SetArrangments();
var user = new UserAuthDTO()
{
NickName = nickname, Email = email, Password = "******"
};
await Assert.ThrowsAsync <Exception>(() => this._userService.RegisterUserAsync(user));
_userRepoMock.Verify(x => x.RegisterUserAsync(It.IsAny <User>()), Times.Never);
}
public async Task Will_Throw_Exception_When_Any_Field_Empty(string email, string nickname, string password)
{
SetArrangments();
var userAuth = new UserAuthDTO()
{
Email = email, NickName = nickname, Password = password
};
await Assert.ThrowsAsync <Exception>(() => this._userService.RegisterUserAsync(userAuth));
_userRepoMock.Verify(x => x.RegisterUserAsync(It.IsAny <User>()), Times.Never);
}
public async Task Can_Register_User()
{
SetArrangments();
var userDto = new UserAuthDTO()
{
Email = "uniqueemail", NickName = "uniquenickname", Password = "******"
};
await this._userService.RegisterUserAsync(userDto);
_userRepoMock.Verify(x => x.RegisterUserAsync(It.IsAny <User>()), Times.Once);
}
public async Task <AsyncOutResult <IdentityResult, int> > GetIdentityResult(UserAuthDTO userDto)
{
var user = new User
{
UserName = userDto.UserName,
Email = userDto.Email
};
var result = await _userManager.CreateAsync(user, userDto.Password);
int userId = user.Id;
return(new AsyncOutResult <IdentityResult, int>(result, userId));
}
async public Task <UserCompleteDTO> GetUserCompleteInfo(UserAuthDTO userAuthDTO)
{
User user = await DBContext.User.FindAsync(userAuthDTO.ID);
UserCompleteDTO userCompleteDTO = new UserCompleteDTO();
userCompleteDTO.ID = user.ID;
userCompleteDTO.FirstName = user.FirstName;
userCompleteDTO.LastName = user.LastName;
userCompleteDTO.PhoneNumber = user.PhoneNumber;
userCompleteDTO.Country = user.Country;
userCompleteDTO.Email = user.Email;
userCompleteDTO.Image = user.Image;
return(userCompleteDTO);
}
public async Task <IActionResult> Register([FromBody] UserAuthDTO user)
{
try
{
await _userService.RegisterUserAsync(user);
Log.Info($"New user: {user.NickName}");
return(Ok());
}
catch (Exception ex)
{
Log.Error($"{user.NickName} - {ex.Message}");
return(BadRequest(ex.Message));
}
}
public IActionResult Register(UserAuthDTO userAuthDTO)
{
var user = _userBL.Register(userAuthDTO);
if (user != null)
{
WalletDTO wallet = new WalletDTO();
_walletBL.InsertWallet(wallet);
return(Ok(user));
}
else
{
return(BadRequest("User already exists"));
}
}
public async Task <IActionResult> Login([FromBody] UserAuthDTO userDto)
{
try
{
var user = await _userService.LoginUserAsync(userDto.NickName, userDto.Password);
Log.Info($"User {userDto.NickName} logged in.");
return(Ok(user));
}
catch (Exception ex)
{
Log.Error($"{userDto.NickName} - {ex.Message}");
return(BadRequest(ex.Message));
}
}
public async Task <IActionResult> UpdateEmail([FromBody] UserAuthDTO user)
{
try
{
await this._userService.UpdateEmailAsync(user);
Log.Info($"User {user.NickName} changed his email");
return(Ok());
}
catch (Exception ex)
{
Log.Error($"{user.NickName} - {ex.Message}");
return(BadRequest(ex.Message));
}
}
public async Task <IActionResult> DeleteAccount([FromBody] UserAuthDTO user)
{
try
{
await this._userService.DeleteAccountAsync(user);
Log.Info($"User {user.NickName} deleted account");
return(Ok());
}
catch (Exception ex)
{
Log.Error($"{user.NickName} - {ex.Message}");
return(BadRequest(ex.Message));
}
}
public async Task <ActionResult> SignIn(UserAuthDTO userAuthDto)
{
var user = _userManager.Users.SingleOrDefault(u => u.UserName == userAuthDto.Username);
if (user is null)
{
return(NotFound("Username or password incorrect"));
}
var userSignInResult = await _userManager.CheckPasswordAsync(user, userAuthDto.Password);
return(userSignInResult
? Ok(new { jwtToken = _jwtService.GenerateJwt(user, await _userManager.GetRolesAsync(user)) })
: NotFound("Username or password incorrect"));
}
public IActionResult Login([FromBody] UserAuthDTO value)
{
try
{
var user = UserRepository.Login(value);
if (user == null)
{
return(BadRequest("Nieprawidłowy login lub hasło"));
}
return(Ok(user));
}
catch (Exception ex)
{
return(BadRequest($"Failed: {ex}"));
}
}
private void GetToken()
{
HttpClient client = InstanceClient(false);
UserAuthDTO auth = new UserAuthDTO();
auth.Email = GetSettingsValue("EmailAuth");
auth.Password = GetSettingsValue("PasswordAuth");
HttpResponseMessage response = client.PostAsJsonAsync("api/UserAuth/login2", auth).Result;
if (response.IsSuccessStatusCode)
{
var product = response.Content.ReadAsStringAsync();
UserTokenDTO tokenDTO = JsonConvert.DeserializeObject <UserTokenDTO>(product.Result);
token = tokenDTO.Token;
}
}
public IActionResult Register([FromBody] UserAuthDTO value)
{
try
{
var registerResult = UserRepository.Register(value);
if (registerResult.status != "ok")
{
return(BadRequest(registerResult.coment));
}
//return Ok(registerResult.coment);
return(Ok(registerResult.token));
}
catch (Exception ex)
{
return(BadRequest($"Failed: {ex}"));
}
}
public async Task <HttpStatusCode> LogInAsync(UserAuthDTO user)
{
var userJson = JsonConvert.SerializeObject(user);
var content = new StringContent(userJson);
content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
var response = await _httpClient.PostAsync("login", content);
if (response.IsSuccessStatusCode)
{
var body = await response.Content.ReadAsStringAsync();
_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", body);
}
return(response.StatusCode);
}
public async Task <IActionResult> Login(UserAuthDTO model)
{
if (ModelState.IsValid)
{
var user = await userServ.GetModel()
.Include(u => u.Role)
.FirstOrDefaultAsync(u => u.Email == model.Email && u.Password == model.Password);
if (user != null)
{
await Authenticate(user); // аутентификация
return(RedirectToAction("Info", "Reports", new { area = "Admin" }));
}
ModelState.AddModelError("", "Некорректные логин и(или) пароль");
}
return(View(model));
}
public async Task <AsyncOutResult <SignInStatus, bool> > GetSignInStatus(UserAuthDTO userDto)
{
var result = SignInStatus.Failure; // start authorization result
var user = await _userManager.FindByEmailAsync(userDto.Email);
bool isEmailConfirmed = false;
if (user != null)
{
isEmailConfirmed = await _userManager.IsEmailConfirmedAsync(user.Id);
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
result = await _signInManager.PasswordSignInAsync(user.UserName, userDto.Password, userDto.RememberMe, shouldLockout : true);
}
return(new AsyncOutResult <SignInStatus, bool>(result, isEmailConfirmed));
}
