rob/website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use new Auth API

Browse source
This commit is contained in:
Robert Marshall 2020-04-12 14:25:16 +01:00
parent 38e76d3539
commit 79c17f75cd
16 changed files with 94 additions and 150 deletions
Download patch file Download diff file Expand all files Collapse all files

55
Website.Tests/Data/AuthenticationProviderTests.cs Normal file
View file

@ -0,0 +1,55 @@
using System.Net;
using System.Net.Http;
using System.Threading.Tasks;
using FluentAssertions;
using Website.Data;
using Website.Models;
using Xunit;
namespace Website.Tests.Data {
public class AuthenticationProviderTests {
[Fact]
public async Task Authenticate_WithSuccessfulLoginRequest_ReturnsUser() {
const string json = @"{""username"":""username"",""password"":""password""}";
var httpClient = new HttpClientBuilder()
.WithMethod(HttpMethod.Post)
.WithUrl("/authenticate")
.WithPostBody(@"{""Username"":""username"",""Password"":""password"",""ReturnUrl"":null}")
.WithResponse(json)
.Build();
var request = new LoginRequest {
Username = "username",
Password = "password"
};
var expectedUser = new User {
Username = "username",
Password = "password"
};
var provider = new AuthenticationProvider(httpClient);
(await provider.Authenticate(request)).Should().BeEquivalentTo(expectedUser);
}
[Fact]
public async Task Authenticate_WithFailedLoginRequest_ReturnsNull() {
const string json = @"{""username"":""username"",""password"":""password""}";
var httpClient = new HttpClientBuilder()
.WithMethod(HttpMethod.Post)
.WithUrl("/authenticate")
.WithPostBody(@"{""Username"":""username"",""Password"":""password"",""ReturnUrl"":null}")
.WithErrorStatus(HttpStatusCode.Unauthorized)
.WithResponse(json)
.Build();
var request = new LoginRequest {
Username = "username",
Password = "wrong"
};
var provider = new AuthenticationProvider(httpClient);
(await provider.Authenticate(request)).Should().BeNull();
}
}
}

32
Website.Tests/Data/MySQLDatabaseProviderTests.cs
View file

@ -1,32 +0,0 @@
using Website.Data;
using Xunit;
using FluentAssertions;
using MySql.Data.MySqlClient;
using NSubstitute;
using Microsoft.Extensions.Configuration;
namespace Website.Tests.Data
{
public class MySQLDatabaseProviderTests
{
const string ConnectionString = "Server=host;User ID=username;Password=password;Database=database";
[Fact]
public void NewConnection_WithStringConstructor_ReturnsMySQLConnection() {
var provider = new MySQLDatabaseProvider(ConnectionString);
var connection = provider.NewConnection();
connection.Should().BeOfType<MySqlConnection>();
(connection as MySqlConnection).ConnectionString.Should().Be(ConnectionString);
}
[Fact]
public void NewConnection_WithConfigConstructor_ReturnsMySQLConnection() {
var config = Substitute.For<IConfiguration>();
config.GetConnectionString("database").Returns(ConnectionString);
var provider = new MySQLDatabaseProvider(ConnectionString);
var connection = provider.NewConnection();
connection.Should().BeOfType<MySqlConnection>();
(connection as MySqlConnection).ConnectionString.Should().Be(ConnectionString);
}
}
}

17
Website.Tests/Models/UserTests.cs
View file

@ -1,17 +0,0 @@
using FluentAssertions;
using Website.Models;
using Xunit;
namespace Website.Tests.Models {
public class UserTests {
[Fact]
public void ValidatePassword_WithValidSHA256Input_ReturnsTrue() {
var user = new User {
Password= "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
};
user.ValidatePassword("password").Should().BeTrue();
}
}
}

3
Website.Tests/Website.Tests.csproj
View file

@ -1,4 +1,4 @@
<Project Sdk="Microsoft.NET.Sdk"> <Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup> <PropertyGroup>
<TargetFramework>netcoreapp3.1</TargetFramework> <TargetFramework>netcoreapp3.1</TargetFramework>
@ -14,7 +14,6 @@
<PackageReference Include="fluentassertions" Version="5.10.0" /> <PackageReference Include="fluentassertions" Version="5.10.0" />
<PackageReference Include="Microsoft.Extensions.Configuration" Version="3.1.0" /> <PackageReference Include="Microsoft.Extensions.Configuration" Version="3.1.0" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.4.0" /> <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.4.0" />
<PackageReference Include="mysqlconnector" Version="0.61.0" />
<PackageReference Include="nsubstitute" Version="4.2.1" /> <PackageReference Include="nsubstitute" Version="4.2.1" />
<PackageReference Include="RichardSzalay.MockHttp" Version="6.0.0" /> <PackageReference Include="RichardSzalay.MockHttp" Version="6.0.0" />
<PackageReference Include="xunit" Version="2.4.1" /> <PackageReference Include="xunit" Version="2.4.1" />

8
Website/Controllers/AccountController.cs
View file

@ -10,9 +10,9 @@ using Website.ViewModels;
namespace Website.Controllers { namespace Website.Controllers {
public class AccountController:Controller { public class AccountController:Controller {
private readonly UserRepository _repo; private readonly IAuthenticationProvider _authenticationProvider;
public AccountController(UserRepository repo) => _repo = repo; public AccountController(IAuthenticationProvider authenticationProvider) => _authenticationProvider = authenticationProvider;
[Authorize] [Authorize]
public IActionResult Index() => View(); public IActionResult Index() => View();
@ -29,8 +29,8 @@ namespace Website.Controllers {
[HttpPost] [HttpPost]
public async Task<IActionResult> Login(LoginRequest request) { public async Task<IActionResult> Login(LoginRequest request) {
try { try {
var user = await _repo.GetUserByEmail(request.Username); var user = await _authenticationProvider.Authenticate(request);
return user.ValidatePassword(request.Password) return user != null
? await SetIdentityAndRedirect(request.ReturnUrl, user) ? await SetIdentityAndRedirect(request.ReturnUrl, user)
: Login(request.ReturnUrl, true); : Login(request.ReturnUrl, true);
} }

19
Website/Data/AuthenticationProvider.cs Normal file
View file

@ -0,0 +1,19 @@
using System.Net.Http;
using System.Threading.Tasks;
using Website.Models;
namespace Website.Data {
public class AuthenticationProvider:ApiClient, IAuthenticationProvider {
public AuthenticationProvider(HttpClient client) : base(client) {
}
public async Task<User> Authenticate(LoginRequest request) {
try {
return await Post<User>("authenticate", request);
}
catch (ApiCallException) {
return null;
}
}
}
}

8
Website/Data/IAuthenticationProvider.cs Normal file
View file

@ -0,0 +1,8 @@
using System.Threading.Tasks;
using Website.Models;
namespace Website.Data {
public interface IAuthenticationProvider {
Task<User> Authenticate(LoginRequest request);
}
}

9
Website/Data/IDatabaseProvider.cs
View file

@ -1,9 +0,0 @@
using System.Data;
namespace Website.Data
{
public interface IDatabaseProvider
{
IDbConnection NewConnection();
}
}

17
Website/Data/MySQLDatabaseProvider.cs
View file

@ -1,17 +0,0 @@
using System.Data;
using Microsoft.Extensions.Configuration;
using MySql.Data.MySqlClient;
namespace Website.Data
{
public class MySQLDatabaseProvider:IDatabaseProvider
{
private readonly string _connectionString;
public MySQLDatabaseProvider(IConfiguration config) => _connectionString = config.GetConnectionString("database");
public MySQLDatabaseProvider(string connectionString) => _connectionString = connectionString;
public IDbConnection NewConnection() => new MySqlConnection(_connectionString);
}
}

10
Website/Data/States/UserState.cs
View file

@ -1,10 +0,0 @@
namespace Website.Data.States {
public class UserState {
public string User_Id { get; set; }
public string User_Email { get; set; }
public string User_Password { get; set; }
public string User_Created { get; set; }
public string User_Deleted { get; set; }
public string Group_Id { get; set; }
}
}

25
Website/Data/UserRepository.cs
View file

@ -1,25 +0,0 @@
using System.Linq;
using System.Threading.Tasks;
using Dapper;
using Website.Data.States;
using Website.Models;
namespace Website.Data {
public class UserRepository {
private readonly IDatabaseProvider _dbProvider;
public UserRepository(IDatabaseProvider dbProvider) {
_dbProvider = dbProvider;
}
public async Task<User> GetUserByEmail(string email) {
const string query = "SELECT * FROM users WHERE user_email=@email";
using (var connection = _dbProvider.NewConnection()) {
connection.Open();
var result = await connection.QueryAsync<UserState>(query, new {email});
return new User(result.Single());
}
}
}
}

28
Website/Models/User.cs
View file

@ -1,31 +1,5 @@
using System.Security.Cryptography; namespace Website.Models {
using System.Text;
using Website.Data.States;
namespace Website.Models {
public class User { public class User {
public User() {
}
public User(UserState state) {
Username = state.User_Email;
Password = state.User_Password;
}
public bool ValidatePassword(string password) {
using (var sha256 = SHA256.Create()) {
var hash = sha256.ComputeHash(Encoding.UTF8.GetBytes(password));
var builder = new StringBuilder();
foreach (var b in hash)
builder.Append(b.ToString("x2"));
var hashString = builder.ToString();
return hashString == Password;
}
}
public string Username { get; set; } public string Username { get; set; }
public string Password { get; set; } public string Password { get; set; }
} }

6
Website/Startup.cs
View file

@ -1,5 +1,4 @@
using System; using System;
using System.Net;
using System.Net.Http; using System.Net.Http;
using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
@ -32,8 +31,6 @@ namespace Website
}); });
services.AddSingleton(Configuration); services.AddSingleton(Configuration);
services.AddSingleton<IDatabaseProvider, MySQLDatabaseProvider>()
.AddSingleton<UserRepository, UserRepository>();
services.AddHttpClient<IGitApi, GitApi>(client => client.BaseAddress = new Uri(Configuration["gitApiEndpoint"])) services.AddHttpClient<IGitApi, GitApi>(client => client.BaseAddress = new Uri(Configuration["gitApiEndpoint"]))
.ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true}); .ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true});
@ -41,6 +38,9 @@ namespace Website
services.AddHttpClient<IBlogApi, BlogApi>(client => client.BaseAddress = new Uri(Configuration["blogApiEndpoint"])) services.AddHttpClient<IBlogApi, BlogApi>(client => client.BaseAddress = new Uri(Configuration["blogApiEndpoint"]))
.ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true}); .ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true});
services.AddHttpClient<IAuthenticationProvider, AuthenticationProvider>(client => client.BaseAddress = new Uri(Configuration["authApiEndpoint"]))
.ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true});
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(); services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
services.AddMvc(options => options.EnableEndpointRouting = false) services.AddMvc(options => options.EnableEndpointRouting = false)

3
Website/Website.csproj
View file

@ -8,11 +8,8 @@
<ItemGroup> <ItemGroup>
<PackageReference Include="BuildBundlerMinifier" Version="3.2.435" /> <PackageReference Include="BuildBundlerMinifier" Version="3.2.435" />
<PackageReference Include="dapper" Version="2.0.30" />
<PackageReference Include="dapper.contrib" Version="2.0.30" />
<PackageReference Include="markdig" Version="0.18.3" /> <PackageReference Include="markdig" Version="0.18.3" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="3.1.0" /> <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="3.1.0" />
<PackageReference Include="mysqlconnector" Version="0.61.0" />
<PackageReference Include="Newtonsoft.Json" Version="12.0.3" /> <PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
<PackageReference Include="Pek.Markdig.HighlightJs" Version="0.5.1" /> <PackageReference Include="Pek.Markdig.HighlightJs" Version="0.5.1" />
</ItemGroup> </ItemGroup>

3
Website/appsettings.Development.json
View file

@ -10,5 +10,6 @@
"database": "Server=localhost;User ID=user;Password=pass;Database=db" "database": "Server=localhost;User ID=user;Password=pass;Database=db"
}, },
"blogApiEndpoint": "", "blogApiEndpoint": "",
"gitApiEndpoint": "" "gitApiEndpoint": "",
"authApiEndpoint": ""
} }

1
Website/appsettings.json
View file

@ -9,6 +9,7 @@
}, },
"blogApiEndpoint": "<BlogEndpoint>", "blogApiEndpoint": "<BlogEndpoint>",
"gitApiEndpoint": "<GitEndpoint>", "gitApiEndpoint": "<GitEndpoint>",
"authApiEndpoint": "<AuthEndpoint>",
"AllowedHosts": "*", "AllowedHosts": "*",
"Kestrel": { "Kestrel": {
"EndPoints": { "EndPoints": {