public async Task <IActionResult> ChangeCustomerPasswordAsync(ChangeCustomerPasswordModel model)
        {
            var user = await _userManager.FindByIdAsync(User.GetSubjectId());

            if (user.UserName == "*****@*****.**")
            {
                return(Ok());
            }

            var result = await _userManager.ChangePasswordAsync(user, model.CurrentPassword, model.NewPassword);

            if (result.Succeeded)
            {
                _dbContext.ActivityLogs.Add(new ActivityLog(ActivityLogType.PasswordChanged, user.Id, User.Identity.Name));
                await _dbContext.SaveChangesAsync();

                return(Ok());
            }

            return(BadRequest(result.Errors));
        }
示例#2
0
        public async Task When_ValidPasswordProvided_Then_PasswordShouldBeUpdated(CreateCustomerUserModel model)
        {
            var client = _webbApplicationFactory.CreateClient();
            await Utils.CreateCustomer(client, model);

            await Utils.ActivateUserAsync(client, model.Email);

            //Login
            var extra = new Dictionary <string, string>
            {
                { "deviceId", "test-device1" },
            };
            var tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, model.Password, extra);

            tokenResponse.IsError.Should().BeFalse();

            // Change Password
            var changePasswordRequest = new ChangeCustomerPasswordModel()
            {
                CurrentPassword = model.Password,
                NewPassword     = "******",
            };

            client.SetBearerToken(tokenResponse.AccessToken);
            var response = await client.PostAsync(
                "/api/v1/users/change-password",
                changePasswordRequest.ToJsonContent());

            response.EnsureSuccessStatusCode();

            //Login Again
            tokenResponse = await Utils.RequestPasswordTokenAsync(client, model.Email, changePasswordRequest.NewPassword, extra);

            tokenResponse.IsError.Should().BeFalse();
            tokenResponse.AccessToken.Should().NotBeNullOrEmpty();
        }
        public async Task AllUserActivitiesShouldBeLogged(
            CreateCustomerUserModel createCustomerUserModel,
            string newPassword,
            UpdateUserModel model)
        {
            createCustomerUserModel.MaxAllowedDeviceCount = 1;
            var client = _webbApplicationFactory.Server.CreateClient();

            //Create User
            await Utils.CreateCustomer(client, createCustomerUserModel);

            //Activate User
            await Utils.ActivateUserAsync(client, createCustomerUserModel.Email);

            //InvalidUserNamePassword
            var extra = new Dictionary <string, string>
            {
                { "deviceId", "test-device" },
            };
            await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, "wrongpass", extra);

            //SuccessfulLogin
            await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, createCustomerUserModel.Password, extra);

            //InvalidLoginDevice
            extra["deviceId"] = "new-device";
            await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, createCustomerUserModel.Password, extra);

            //Change Password
            extra["deviceId"] = "test-device";
            var tokenResponse = await Utils.RequestPasswordTokenAsync(client, createCustomerUserModel.Email, createCustomerUserModel.Password, extra);

            tokenResponse.IsError.Should().BeFalse();

            var changePasswordRequest = new ChangeCustomerPasswordModel()
            {
                CurrentPassword = createCustomerUserModel.Password,
                NewPassword     = newPassword,
            };

            client.SetBearerToken(tokenResponse.AccessToken);
            var response = await client.PostAsync(
                "/api/v1/users/change-password",
                changePasswordRequest.ToJsonContent());

            response.EnsureSuccessStatusCode();

            model.UserId = createCustomerUserModel.Id;
            await Utils.SetPrivateClientBearerTokenAsync(client);

            response = await client.PostAsync("/api/v1/users/update", model.ToJsonContent());

            response.EnsureSuccessStatusCode();

            //Deactivate User
            await Utils.DeactivateUserAsync(client, model.Email);

            var dbContextFactory = _webbApplicationFactory.Services.GetService(typeof(ApplicationDbContextFactory))
                                   as ApplicationDbContextFactory;

            //Assert
            await using var dbContext = dbContextFactory.Create();
            var logs = await dbContext.ActivityLogs
                       .Where(a => a.UserId == createCustomerUserModel.Id.ToString())
                       .ToListAsync();

            logs.Should().Contain(l => l.Type == ActivityLogType.UserCreated);
            logs.Should().Contain(l => l.Type == ActivityLogType.UserActivated);
            logs.Should().Contain(l => l.Type == ActivityLogType.InvalidUsernameOrPassword);
            logs.Should().Contain(l => l.Type == ActivityLogType.SuccessfulLogin);
            logs.Should().Contain(l => l.Type == ActivityLogType.InvalidLoginDeviceId);
            logs.Should().Contain(l => l.Type == ActivityLogType.PasswordChanged);
            logs.Should().Contain(l => l.Type == ActivityLogType.UserUpdated);
            logs.Should().Contain(l => l.Type == ActivityLogType.UserDeActivated);
        }