public CartControllerTest()
{
encrypter = new Encrypter();
SeedDatabase();
AuthHelper = new AuthHelper(httpClient, dbContext);
AuthHelper.Authenticate().Wait();
}
public async Task <ObjectResult> Login(LoginViewModel viewModel)
{
var user = AuthHelper.Authenticate(viewModel.Email, viewModel.Password, _context);
if (user == null)
{
throw new ArgumentException();
}
var userClaims = new[]
{
new Claim(ClaimTypes.Name, user.Email),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
};
var jwtToken = _tokenService.GenerateAccessToken(userClaims);
var refreshToken = _tokenService.GenerateRefreshToken();
user.RefreshToken = refreshToken;
await _context.SaveChangesAsync();
return(new ObjectResult(new
{
token = jwtToken,
refreshToken
}));
}
public async Task Logout_LogoutAfterAuthentication_ShouldReturnSuccessStatusCode()
{
await AuthHelper.Authenticate();
var response = await httpClient.PostAsync($"/api/logout", null);
response.EnsureSuccessStatusCode();
}
public string Login(string nationalCode, string password)
{
if (string.IsNullOrEmpty(nationalCode) || string.IsNullOrEmpty(password))
{
return(null);
}
User user = _userBus.GetBynationalCode(nationalCode);
bool result = AuthHelper.Authenticate(user, password);
if (!result)
{
return(null);
}
try
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.UTF8.GetBytes(SettingsHelper.Secret);
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Id.ToString()),
new Claim(ClaimTypes.Role, "mahmood rules")
};
var credentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature);
//add many role the user have (later)
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
SigningCredentials = credentials,
Expires = DateTime.UtcNow.AddDays(7)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
//AccountHelper.CreatJwt(user);
// ClaimJwt claimJwt =
_claimJwtBus.SaveJwt(tokenString, user.Id);
return(tokenString);
}
catch (Exception e)
{
var error = e.Message;
return(null);
}
}
public async Task ChangePassword(int userId, string oldPassword, string newPassword)
{
var user = _context.users.Single(u => u.UserId == userId);
var validatedUser = AuthHelper.Authenticate(user.Email, oldPassword, _context);
if (validatedUser == null)
{
throw new ArgumentException();
}
user.Password = newPassword;
await _context.SaveChangesAsync();
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
var principal = AuthHelper.Authenticate(actionContext);
if (principal != null)
{
var controller = actionContext.ControllerContext.Controller as CollectorController;
if (controller != null)
{
controller.CurrentUser = principal;
}
return;
}
base.HandleUnauthorizedRequest(actionContext);
}
public async Task Refresh_LoginAndImmediatleyTryingRefreshToken_ShouldReturnInternalServerError()
{
var authResponse = await AuthHelper.Authenticate();
var refreshRequest = new RefreshConnectionRequest
{
JwtToken = authResponse.JwtToken,
RefreshToken = authResponse.RefreshToken
};
HttpContent httpContent = new StringContent(
JsonConvert.SerializeObject(refreshRequest),
Encoding.UTF8,
"application/json");
var response = await httpClient.PostAsync($"/api/refresh", httpContent);
Assert.Equal(HttpStatusCode.InternalServerError, response.StatusCode);
}
public IActionResult GetToken([FromBody] JwtAuthRequest authData)
{
IActionResult response = Unauthorized();
var user = AuthHelper.Authenticate(authData, this._usersService.GetUsers());
if (user == null)
{
response = BadRequest(new { error = $"Invalid User: [{authData.Username}]" });
return(response);
}
// Build JWT
var tokenString = AuthHelper.BuildToken(user, _config["Jwt:Key"], _config["Jwt:Issuer"]);
response = Ok(new JwtAuthResponse()
{
Token = tokenString
});
return(response);
}
