< Summary

Information
Class: MRA.WebApi.Controllers.AuthController
Assembly: MRA.WebApi
File(s): D:\a\MiguelRomerART\MiguelRomerART\MRA.WebApi\Controllers\AuthController.cs
Line coverage
0%
Covered lines: 0
Uncovered lines: 42
Coverable lines: 42
Total lines: 84
Line coverage: 0%
Branch coverage
0%
Covered branches: 0
Total branches: 4
Branch coverage: 0%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
.ctor(...)100%210%
Login(...)0%2040%
ValidateToken(...)100%210%

File(s)

D:\a\MiguelRomerART\MiguelRomerART\MRA.WebApi\Controllers\AuthController.cs

#LineLine coverage
 1using Microsoft.AspNetCore.Mvc;
 2using Microsoft.IdentityModel.Tokens;
 3using MRA.Infrastructure.Settings;
 4using MRA.WebApi.Models.Auth;
 5using MRA.WebApi.Models.Requests.Account;
 6using System.IdentityModel.Tokens.Jwt;
 7using System.Security.Claims;
 8using System.Text;
 9
 10namespace MRA.WebApi.Controllers;
 11
 12[Route("api/[controller]")]
 13[ApiController]
 14public class AuthController : ControllerBase
 15{
 16    private readonly AppSettings _appConfig;
 17
 018    public AuthController(AppSettings appConfig)
 19    {
 020        _appConfig = appConfig;
 021    }
 22
 23    [HttpPost("login")]
 24    public IActionResult Login([FromBody] UserLoginDto loginDto)
 25    {
 026        if (loginDto.Username != _appConfig.Administrator.User || loginDto.Password != _appConfig.Administrator.Password
 27        {
 028            return Unauthorized();
 29        }
 30
 031        var claims = new[]
 032        {
 033            new Claim(JwtRegisteredClaimNames.Sub, loginDto.Username),
 034            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
 035            new Claim(ClaimTypes.Role, "admin")
 036        };
 37
 038        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appConfig.Jwt.Key));
 039        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
 40
 041        var token = new JwtSecurityToken(
 042            issuer: _appConfig.Jwt.Issuer,
 043            audience: _appConfig.Jwt.Audience,
 044            claims: claims,
 045            expires: DateTime.Now.AddMinutes(1440),
 046            signingCredentials: creds);
 47
 048        return Ok(new UserDto()
 049        {
 050            Username = loginDto.Username,
 051            Role = "admin",
 052            Token = new JwtSecurityTokenHandler().WriteToken(token)
 053        }
 054        );
 55
 56    }
 57
 58    [HttpPost("validate-token")]
 59    public IActionResult ValidateToken([FromBody] TokenDto tokenDto)
 60    {
 061        var tokenHandler = new JwtSecurityTokenHandler();
 062        var key = Encoding.ASCII.GetBytes(_appConfig.Jwt.Key);
 63
 64        try
 65        {
 066            tokenHandler.ValidateToken(tokenDto.Token, new TokenValidationParameters
 067            {
 068                ValidateIssuerSigningKey = true,
 069                IssuerSigningKey = new SymmetricSecurityKey(key),
 070                ValidateIssuer = true,
 071                ValidIssuer = _appConfig.Jwt.Issuer,
 072                ValidateAudience = true,
 073                ValidAudience = _appConfig.Jwt.Audience,
 074                ValidateLifetime = true,
 075            }, out SecurityToken validatedToken);
 76
 077            return Ok(true);
 78        }
 079        catch
 80        {
 081            return Unauthorized();
 82        }
 083    }
 84}