public IHttpActionResult Post()
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, "userid"),
new Claim("issuer", "issuer")
};
var jwt = TokenManager.CreateJwtToken(DateTime.Now.AddMinutes(30), claims);
return(Ok(jwt));
}
public HttpResponseMessage Login(LoginBindingModel login)
{
if (login.Username == "admin" && login.Password == "password") //Do real auth
{
string role = "Librarian";
var jwtToken = TokenManager.CreateJwtToken(login.Username, role);
return(new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new ObjectContent <object>(new
{
UserName = login.Username,
Roles = role,
AccessToken = jwtToken
}, Configuration.Formatters.JsonFormatter)
});
}
return(new HttpResponseMessage(HttpStatusCode.BadRequest));
}
public HttpResponseMessage Authenticate(LoginRequest login)
{
if (login == null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
bool isCredentialValid = false;
new LoginDataAccess().ValidateUser(login.Username, login.Password, out isCredentialValid); //true; //Valida a la base de datos;
if (isCredentialValid)
{
var token = TokenManager.CreateJwtToken(login.Username);//TokenGenerator.GenerateTokenJwt(login.Username);
return(Request.CreateResponse <string>(HttpStatusCode.OK, token));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized));
}
}
public async void Should_ReturnOk_OnLogin_WhenAllConditionsMet()
{
var login = new AuthController.LoginRequest()
{
User = Mocks.UserRepository.UserId, Password = Mocks.UserRepository.TestPw,
};
IActionResult result = await controller.Login(login);
Assert.IsType <OkObjectResult>(result);
OkObjectResult res = result as OkObjectResult;
Assert.IsType <AuthController.LoginResponse>(res.Value);
AuthController.LoginResponse user = res.Value as AuthController.LoginResponse;
Assert.Equal(Mocks.UserRepository.TestName, user.Name);
TokenManager mngr = new TokenManager(settings);
var token = mngr.CreateJwtToken(Mocks.UserRepository.TestName, Mocks.UserRepository.UserId);
Assert.Equal(token, user.AccessToken);
}
