public async Task Authenticate_CredentialsCorrect_UserIsDeleted_ShouldReturn401() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content); // Act: delete user WolkDbContext.Users.Remove(user); await WolkDbContext.SaveChangesAsync(); // Act: do a call to get all notebooks with "deleted" user token url = "/api/notebook"; request = new HttpRequestMessage(HttpMethod.Get, url); request.AddJwtBearer(viewModel.Token); using var notebookResponse = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, notebookResponse.StatusCode); }