public void CheckUserAuthorizationTest() { //Arrange var userNotInDb = new UserWithPasswordModel { Email = "*****@*****.**", Password = "******" }; var userInDb = new UserWithPasswordModel { Email = "*****@*****.**", Password = "******", }; //Action Mock<IUserMapper> userMapper = new Mock<IUserMapper>(); UserWithPasswordModel userModel = new UserWithPasswordModel(); //UserService userService = new UserService(userMapper.Object); ////We need to get rid off dependency of DbManager to test correctly ////Remark: ////Now you must write your test, I got rid of dependency!!! azazaza (medyk) ////Assert //Assert.AreEqual(userService.CheckUserAuthorization(userInDb), true); //Assert.AreEqual(userService.CheckUserAuthorization(userNotInDb), true); //Assert.AreEqual(userInDb.Id, 1); //Assert.AreEqual(userInDb.Claim, new[] { "Teacher", "Student" }); }
public void MapToTokenModelTest() { const string email = "*****@*****.**"; const int id = 1; const string hash = "HashToken"; IEnumerable<string> roles = new[] {"Admin", "Student", "Teacher"}; Mock<ITokenValidation> token = new Mock<ITokenValidation>(); UserToTokenMapper mapper = new UserToTokenMapper(token.Object); var initial = new UserWithPasswordModel() { Email = email, Id = id, HashToken = hash, Roles = roles }; var expected = new TokenModel() { EmailAndIdToken = email, RolesToken = roles.ToString(), HashToken = hash }; token.Setup(x => x.EncodeEmailAndIdToken(id.ToString() + ' ' + email.ToLower())) .Returns(email); token.Setup(x => x.EncodeRoleToken(roles)) .Returns(roles.ToString); var action = mapper.MapToTokenModel(initial); Assert.IsNotNull(action); Assert.AreEqual(action.EmailAndIdToken, expected.EmailAndIdToken); Assert.AreEqual(action.HashToken, expected.HashToken); Assert.AreEqual(action.RolesToken, expected.RolesToken); }
public IHttpActionResult Post(UserWithPasswordModel userData) { if (_service.CheckUserAuthorization(userData)) { return Ok(_mapUserToToken.MapToTokenModel(userData)); } return Unauthorized(); }
public bool CheckUserAuthorization(UserWithPasswordModel userLoginApi) { using (var uow = _unitOfWorkFactory.GetUnitOfWork()) { var user = uow.UserRepository.GetAll().FirstOrDefault(u => ((u.Email).ToLower() == (userLoginApi.Email).ToLower())); if ((user != null) && (VerifyPasswords(user.Password, userLoginApi.Password))) { userLoginApi.Id = user.Id; userLoginApi.Roles = user.Roles.Select(x => x.Name); user.HashedToken = _token.Sha256Hash(_token.RandomString(ConstContainer.HashLength)); userLoginApi.HashToken = user.HashedToken; uow.UserRepository.AddOrUpdate(user); uow.Save(); return true; } return false; } }
public void LoginControllerPostMethodTest() { //Arrange var userNotInDb = new UserWithPasswordModel { Email = "*****@*****.**", Password = "******" }; var userInDb = new UserWithPasswordModel { Email = "*****@*****.**", Password = "******", Roles = new[] { "Student", "Teacher" } }; var userWithoutEmail = new UserWithPasswordModel { Email = null, Password = "******" }; //Action Mock<IUserService> userService = new Mock<IUserService>(); Mock<IUserToTokenMapper> tokenMaper = new Mock<IUserToTokenMapper>(); GenericIdentity identity = new GenericIdentity("1"); Thread.CurrentPrincipal = new GenericPrincipal( identity, new[] { "NoRoles" } ); LoginController loginController = new LoginController(userService.Object, tokenMaper.Object); userService .Setup(x => x.CheckUserAuthorization(userWithoutEmail)) .Returns(false); IHttpActionResult unauthorizedResult = loginController.Post(userNotInDb); var actionUnauthorizedResult = unauthorizedResult as UnauthorizedResult; unauthorizedResult = loginController.Post(userWithoutEmail); var actionUnauthorizedRequestEmail = unauthorizedResult as UnauthorizedResult; userService .Setup(x => x.CheckUserAuthorization(userInDb)) .Returns(true); tokenMaper .Setup(x => x.MapToTokenModel(userInDb)) .Returns(new TokenModel() { RolesToken = "Claim token", EmailAndIdToken = "Email and password token" }); IHttpActionResult authorizedResult = loginController.Post(userInDb); var actionAuthorizedResult = authorizedResult as OkNegotiatedContentResult<TokenModel>; IHttpActionResult badRequestResult = loginController.Post(null); var actionBadRequest = badRequestResult as BadRequestResult; //Assert Assert.IsNotNull(actionUnauthorizedRequestEmail); Assert.IsNotNull(actionBadRequest); Assert.IsNotNull(actionUnauthorizedResult); Assert.IsNotNull(actionAuthorizedResult); var authorizedContent = actionAuthorizedResult.Content; Assert.IsNotNull(actionAuthorizedResult.Content); Assert.AreEqual(authorizedContent.RolesToken, "Claim token"); }
[Test] //+ public void CheckUserAuthorization_IsTrue_Test() { //Arrange UserWithPasswordModel userLoginApi = new UserWithPasswordModel(); PasswordHasher passHesher = new PasswordHasher(); User user = new User(); user.Email = entity.Email; user.Id = 4; user.Roles = new List<Role> { new Role() { Name = "admin", Id = user.Id } }; userLoginApi.Password = "******"; userLoginApi.Email = user.Email; string userPassword = passHesher.HashPassword(userLoginApi.Password); user.Password = userPassword; IQueryable<User> Users = new List<User> { user }.AsQueryable<User>(); worldOfWordsUow.Setup(t => t.UserRepository).Returns(userReposit.Object); userReposit.Setup(t => t.GetAll()).Returns(Users); userReposit.Setup(t => t.AddOrUpdate(It.IsAny<User>())).Verifiable("added or updated"); worldOfWordsUow.Setup(t => t.Save()).Verifiable("Saved"); //Act var result = usServ.CheckUserAuthorization(userLoginApi); //Assert uowFactory.Verify(f => f.GetUnitOfWork(), Times.Once); worldOfWordsUow.Verify(t => t.UserRepository, Times.Exactly(2)); userReposit.Verify(t => t.AddOrUpdate(It.IsAny<User>()), Times.Once); worldOfWordsUow.VerifyAll(); Assert.IsTrue(result); }
public bool CheckUserAuthorization(UserWithPasswordModel userLoginApi) { using (var context = new WorldOfWordsDatabaseContext()) { var user = context.Users.FirstOrDefault(u => ((u.Email).ToLower() == (userLoginApi.Email).ToLower())); if ((user != null) && (VerifyPasswords(user.Password, userLoginApi.Password))) { userLoginApi.Id = user.Id; userLoginApi.Roles = user.Roles.Select(x => x.Name); user.HashedToken = _token.Sha256Hash(_token.RandomString(ConstContainer.HashLength)); userLoginApi.HashToken = user.HashedToken; context.Users.AddOrUpdate(user); context.SaveChanges(); return true; } return false; } }