public async Task <AuthenticateUserMediatorCommandResponse> Handle(AuthenticateUserMediatorCommand request, CancellationToken cancellationToken) { var readUser = await _readUserRepository.LoadUserByUserNameAsync(request.UserName, cancellationToken); if (readUser == null) { throw new KeyNotFoundException($"User with username {request.UserName} was not found."); } var user = await _userRepository.LoadUserAsync(readUser.AggregateRootId, cancellationToken); //Check if the password entered by the user is the same as what is stored in our database var scope = _mediatorFactory.CreateScope(); var passwordResult = await scope.SendAsync(ValidateHashedPasswordMediatorQuery.CreateQuery( request.Password, user.Password.HashedPassword, user.Password.Salt), cancellationToken); if (!passwordResult.IsValid) { throw new InvalidCredentialException($"User with username {request.UserName} entered an invalid password"); } var jwtToken = await _securityService.GenerateJsonWebTokenAsync(user, cancellationToken); return(AuthenticateUserMediatorCommandResponse.CreateResponse(readUser.AggregateRootId, jwtToken)); }
public async Task Given_A_Hashed_Password_Validation__Fail() { // Arrange var hashedPassword = "******"; var salt = "salt"; var password = "******"; A.CallTo(() => _securityService.GenerateHashedPassword(password, salt)).Returns(Task.FromResult("anotherhash")); // Act var result = await _sut.Handle(ValidateHashedPasswordMediatorQuery.CreateQuery(password, hashedPassword, salt), default); // Assert Assert.AreEqual(false, result.IsValid); }