public static async Task <IEnumerable <Claim> > RegisterUser(this ServerFixture given, string password = null)
{
string username = $"{Guid.NewGuid()}@domain.com";
var response = await given
.Server
.CreateRequest(AccountEndpoint.Register)
.WithJsonBody(new RegisterModel()
{
Username = username,
Password = password ?? Guid.NewGuid().ToString(),
})
.PostAsync();
await response.ShouldBe(StatusCodes.Status200OK);
var user = await response.ReadJsonResponse <UserViewModel>();
user.Username.Should().Be(username);
return(Identities.CreateUser(user.Id, user.Username));
}
public async Task Fail_to_change_other_users_password()
{
string password = Guid.NewGuid().ToString();
var user = await Given.RegisterUser(password);
string newPassword = Guid.NewGuid().ToString();
var response = await Given
.Server
.CreateRequest(AccountEndpoint.ChangePassword)
.WithIdentity(Identities.CreateUser(Guid.NewGuid(), "*****@*****.**"))
.WithJsonBody(new ChangePasswordModel()
{
Email = user.Username(),
CurrentPassword = password,
NewPassword = newPassword
})
.PutAsync();
await response.ShouldBe(StatusCodes.Status401Unauthorized);
await Given.SuccessToLogin(user.Username(), password);
}