public void Ensure_only_registered_customers_can_login()
{
var result = _customerRegistrationService.ValidateCustomer("*****@*****.**", "password");
result.Should().Be(CustomerLoginResults.Successful);
var customer = new Customer
{
Username = "******",
Email = "*****@*****.**",
Active = true
};
_customerService.InsertCustomer(customer);
_customerService.InsertCustomerPassword(new CustomerPassword
{
CustomerId = customer.Id,
PasswordFormat = PasswordFormat.Clear,
Password = "******",
CreatedOnUtc = DateTime.UtcNow
});
result = _customerRegistrationService.ValidateCustomer("*****@*****.**", "password");
result.Should().Be(CustomerLoginResults.NotRegistered);
}
public void Ensure_only_registered_customers_can_login()
{
var result = _customerRegistrationService.ValidateCustomer("*****@*****.**", "password");
result.ShouldEqual(CustomerLoginResults.Successful);
result = _customerRegistrationService.ValidateCustomer("*****@*****.**", "password");
result.ShouldEqual(CustomerLoginResults.NotRegistered);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
CustomerRegistrationService = CustomerRegistrationService ?? AutofacLifetimeScope.Resolve <ICustomerRegistrationService>(context.OwinContext);
CustomerService = CustomerService ?? AutofacLifetimeScope.Resolve <ICustomerService>(context.OwinContext);
Customer customer = CustomerService.GetCustomerByEmail(context.UserName);
var validationResult = CustomerRegistrationService.ValidateCustomer(context.UserName, context.Password);
if (validationResult != CustomerLoginResults.Successful)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
//var unitofWork = AutofacLifetimeScope.Resolve<Data.Infrastructure.IUnitOfWork>(context.OwinContext);
BaseService = BaseService ?? AutofacLifetimeScope.Resolve <IBaseService>(context.OwinContext);
ShoppingCartService = ShoppingCartService ?? AutofacLifetimeScope.Resolve <IShoppingCartService>(context.OwinContext);
CustomerActivityService = CustomerActivityService ?? AutofacLifetimeScope.Resolve <ICustomerActivityService>(context.OwinContext);
//migrate shopping cart
ShoppingCartService.MigrateShoppingCart(BaseService.WorkContext.CurrentCustomer, customer, true);
//activity log
CustomerActivityService.InsertActivity(customer, "PublicStore.Login", "Login");
BaseService.Commit();
//unitofWork.Commit();
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Role, string.Join(",", customer.CustomerRoles.Select(r => r.Name))));
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("sub", context.UserName));
//context.Validated(identity);
//new code
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId
},
{
"userName", context.UserName
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
//context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); // To allow CORS on the token middleware provider
}