public IActionResult Login([FromBody] LoginRequest request)
{
var result = _interactor.Execute(new Domain.Security.LoginRequest
{
EmailAddress = request.Username, Password = request.Password
});
if (result.ResponseMessage == "User Logged In")
{
var claims = new[]
{
new Claim(ClaimTypes.Name, request.Username)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWTKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_configuration["Domain"],
_configuration["Domain"],
claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token)
}));
}
return(BadRequest("Could not verify username and password"));
}
public void Execute_EmailAddressNotFound_UserNotLoggedIn()
{
var emailQuery = new Mock <FindUserQueryByEmail>();
emailQuery.Setup(x => x.Execute(_emailAddress)).Returns((User)null);
var interactor = new LoginUserInteractor(emailQuery.Object);
var result = interactor.Execute(new LoginRequest {
EmailAddress = _emailAddress, Password = "******"
});
Assert.Equal("User Not Logged In", result.ResponseMessage);
}
public void Execute_PasswordNotVerified_UserNotLoggedIn()
{
BCryptPasswordHash pwh = new BCryptPasswordHash();
var hashedPassword = pwh.HashPassword("AReallyStringPassword");
var emailQuery = new Mock <FindUserQueryByEmail>();
emailQuery.Setup(x => x.Execute(_emailAddress)).Returns(new User
{
EmailAddress = _emailAddress, PasswordHash = hashedPassword
});
var interactor = new LoginUserInteractor(emailQuery.Object);
var result = interactor.Execute(new LoginRequest {
EmailAddress = _emailAddress, Password = "******"
});
Assert.Equal("User Not Logged In", result.ResponseMessage);
}