public void ShouldSetUserAndFriendlyName()
{
User user = new User();
UserActivity activity = new UserCreated(user,"~/login");
Assert.AreEqual(activity.User,user);
Assert.IsTrue(activity.FriendlyName.Length>0);
}
public void ShouldSetUsernameProperty(string username)
{
User user = new User {Username = username};
MembershipEvent actual = new MembershipEvent(MembershipEventCode.UserCreated, user);
Assert.IsInstanceOf<WebRequestEvent>(actual);
Assert.AreEqual(actual.Username,user.Username);
}
public virtual void SignIn(User user, bool isPersistant = false)
{
Tracing.Information($"[ClaimsBasedAuthenticationService.Signin] called: {user.Username}");
if (String.IsNullOrWhiteSpace(user.Username)) throw new ArgumentException("username");
// gather claims
var claims = new List<Claim>();
foreach (UserClaim uc in user.Claims)
claims.Add(new Claim(uc.Type, uc.Value));
if (!String.IsNullOrWhiteSpace(user.Email))
{
claims.Insert(0, new Claim(ClaimTypes.Email, user.Email));
}
claims.Insert(0, new Claim(ClaimTypes.AuthenticationMethod, AuthenticationMethods.Password));
claims.Insert(0, new Claim(ClaimTypes.AuthenticationInstant, DateTime.UtcNow.ToString("s")));
claims.Insert(0, new Claim(ClaimTypes.Name, user.Username));
claims.Insert(0, new Claim(ClaimTypes.NameIdentifier, user.Username));
// create principal/identity
var id = new ClaimsIdentity(claims, "Forms");
var cp = new ClaimsPrincipal(id);
// claims transform
cp = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager.Authenticate(String.Empty, cp);
// issue cookie
var sam = FederatedAuthentication.SessionAuthenticationModule;
if (sam == null)
throw new Exception("SessionAuthenticationModule is not configured and it needs to be.");
var token = new SessionSecurityToken(cp, isPersistant ? FormsAuthentication.Timeout : TimeSpan.FromMinutes(SessionHelpers.GetSessionTimeoutInMinutes))
{
IsPersistent = isPersistant
};
sam.WriteSessionTokenToCookie(token);
Tracing.Verbose(
$"[ClaimsBasedAuthenticationService.Signin] cookie issued: {claims.GetValue(ClaimTypes.NameIdentifier)}");
}
public void Seed(DataContext context)
{
var user = new User()
{
Id = 1,
Email = "*****@*****.**",
Username = "******",
FirstName = "Rod",
LastName = "Johnson",
LastLogin = DateTime.UtcNow,
Gender = Gender.Male,
Address = "Admin address",
PhoneNumber = "555-555-5555",
IsLoginAllowed = true,
IsAccountClosed = false,
IsAccountVerified = true,
Created = DateTime.UtcNow,
Tenant = "default",
// password is "admin"
HashedPassword = "******",
PasswordChanged = DateTime.UtcNow,
FailedLoginCount = 0,
Updated = DateTime.UtcNow
};
user.Claims.Add(new UserClaim()
{
Type = ClaimTypes.Role,
Value = "Admin"
});
user.Claims.Add(new UserClaim()
{
Type = ClaimTypes.Role,
Value = "Super Admin"
});
context.Users.AddOrUpdate(user);
context.SaveChanges();
}
public void ShouldSetTenantProperty(string tenant)
{
User user = new User { Tenant = tenant };
MembershipEvent actual = new MembershipEvent(MembershipEventCode.UserCreated, user);
Assert.AreEqual(actual.Tenant, user.Tenant);
}
public MembershipEvent(MembershipEventCode code, User user)
: base(code.GetDescription(), user, WebEventCodes.WebExtendedBase, (int)code)
{
_user = user;
_culture = CultureInfo.CurrentCulture.Name;
}
protected UserActivity(User user, string friendlyName)
{
FriendlyName = friendlyName;
User = user;
}
public UserLoggedIn(User user) : base(user, "User Logged In")
{
}
public UserCreated(User user, string loginUrl) : base(user, "User Created")
{
LoginUrl = loginUrl;
}
public IValidationContainer<User> SaveOrUpdate(User user)
{
var container = user.GetValidationContainer();
if (!container.IsValid)
return container;
_userRepository.SaveOrUpdate(user);
_unitOfWork.Commit();
return container;
}
protected internal virtual IValidationContainer<User> Authenticate(User account, string password, int failedLoginCount, TimeSpan lockoutDuration)
{
var container = account.GetValidationContainer();
if (!container.IsValid)
return container;
var result = account.Authenticate(password, failedLoginCount, lockoutDuration);
if (!result)
container.ValidationErrors.Add("", new List<string>() { "Unable to authenticate user" });
this._userRepository.SaveOrUpdate(account);
_unitOfWork.Commit();
Tracing.Verbose(String.Format("[UserAccountService.Authenticate] authentication outcome: {0}, {1}, {2}", account.Tenant, account.Username, result ? "Successful Login" : "Failed Login"));
return container;
}
protected internal virtual void DeleteAccount(User account)
{
if (_settings.AllowAccountDeletion || !account.IsAccountVerified)
{
//Tracing.Verbose(String.Format("[UserAccountService.DeleteAccount] removing account record: {0}, {1}", account.Tenant, account.Username));
this._userRepository.Delete(account);
}
else
{
//Tracing.Verbose(String.Format("[UserAccountService.DeleteAccount] marking account closed: {0}, {1}", account.Tenant, account.Username));
account.CloseAccount();
}
using (var tx = new TransactionScope())
{
this._userRepository.SaveOrUpdate(account);
if (this._notificationService != null)
{
this._notificationService.SendAccountDelete(account);
}
tx.Complete();
}
}
public virtual IValidationContainer<User> CreateAccount(string tenant, string username, string password, string email, string firstName, string lastName, string phone, string address)
{
//Tracing.Information(String.Format("[UserAccountService.CreateAccount] called: {0}, {1}, {2}", tenant, username, email));
if (_settings.EmailIsUsername)
{
username = email;
}
if (!_settings.MultiTenant)
{
tenant = _settings.DefaultTenant;
}
if (String.IsNullOrWhiteSpace(tenant)) throw new ArgumentException("tenant");
if (String.IsNullOrWhiteSpace(username)) throw new ArgumentException("username");
if (String.IsNullOrWhiteSpace(password)) throw new ArgumentException("password");
if (String.IsNullOrWhiteSpace(email)) throw new ArgumentException("email");
if (String.IsNullOrWhiteSpace(firstName)) throw new ArgumentException("firstName");
if (String.IsNullOrWhiteSpace(lastName)) throw new ArgumentException("lastName");
if (String.IsNullOrWhiteSpace(phone)) throw new ArgumentException("phone");
//if (String.IsNullOrWhiteSpace(address)) throw new ArgumentException("address");
ValidatePassword(tenant, username, password);
var validator = new EmailAddressAttribute();
if (!validator.IsValid(email))
{
//Tracing.Verbose(String.Format("[UserAccountService.CreateAccount] Email validation failed: {0}, {1}, {2}", tenant, username, email));
throw new ValidationException("Email is invalid.");
}
if (UsernameExists(tenant, username))
{
//Tracing.Verbose(String.Format("[UserAccountService.CreateAccount] Username already exists: {0}, {1}", tenant, username));
var msg = _settings.EmailIsUsername ? "Email" : "Username";
throw new ValidationException(msg + " already in use.");
}
if (EmailExists(tenant, email))
{
//Tracing.Verbose(String.Format("[UserAccountService.CreateAccount] Email already exists: {0}, {1}, {2}", tenant, username, email));
throw new ValidationException("Email already in use.");
}
var account = new User(tenant, username, password, email)
{
FirstName = firstName,
LastName = lastName,
Address = address,
PhoneNumber = phone
};
var validation = account.GetValidationContainer();
if (!validation.IsValid)
return validation;
this._userRepository.SaveOrUpdate(account);
if (this._notificationService != null)
{
if (_settings.RequireAccountVerification)
{
this._notificationService.SendAccountCreate(account);
}
else
{
this._notificationService.SendAccountVerified(account);
}
}
_unitOfWork.Commit();
return validation;
}
public UserLoggedOut(User user) : base(user, "User Logged Out")
{
}
