Merge pull request #34 from crupest/token-time

Set token expired time and write unit tests.

1 files changed, 35 insertions, 9 deletions

diff --git a/Timeline/Controllers/TokenController.cs b/Timeline/Controllers/TokenController.cs
index 023bd53f..21f87ded 100644
--- a/Timeline/Controllers/TokenController.cs
+++ b/Timeline/Controllers/TokenController.cs
@@ -1,6 +1,7 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
+using System;
 using System.Threading.Tasks;
 using Timeline.Entities.Http;
 using Timeline.Services;
@@ -19,40 +20,56 @@ namespace Timeline.Controllers
             public const int VerifyFailed = 2001;
         }
 
-        private static class ErrorCodes
+        public static class ErrorCodes
         {
             public const int Create_UserNotExist = -1001;
             public const int Create_BadPassword = -1002;
+            public const int Create_BadExpireOffset = -1003;
 
             public const int Verify_BadToken = -2001;
             public const int Verify_UserNotExist = -2002;
             public const int Verify_BadVersion = -2003;
+            public const int Verify_Expired = -2004;
         }
 
         private readonly IUserService _userService;
         private readonly ILogger<TokenController> _logger;
+        private readonly IClock _clock;
 
-        public TokenController(IUserService userService, ILogger<TokenController> logger)
+        public TokenController(IUserService userService, ILogger<TokenController> logger, IClock clock)
         {
             _userService = userService;
             _logger = logger;
+            _clock = clock;
         }
 
         [HttpPost("create")]
         [AllowAnonymous]
         public async Task<IActionResult> Create([FromBody] CreateTokenRequest request)
         {
+            TimeSpan? expireOffset = null;
+            if (request.ExpireOffset != null)
+            {
+                if (request.ExpireOffset.Value <= 0.0)
+                {
+                    var code = ErrorCodes.Create_BadExpireOffset;
+                    _logger.LogInformation(LoggingEventIds.LogInFailed, "Attemp to login failed because expire time offset is bad. Code: {} Username: {} Password: {} Bad Expire Offset: {}.", code, request.Username, request.Password, request.ExpireOffset);
+                    return BadRequest(new CommonResponse(code, "Expire time is not bigger than 0."));
+                }
+                expireOffset = TimeSpan.FromDays(request.ExpireOffset.Value);
+            }
+
             try
             {
-                var result = await _userService.CreateToken(request.Username, request.Password);
-                _logger.LogInformation(LoggingEventIds.LogInSucceeded, "Login succeeded. Username: {} .", request.Username);
+                var result = await _userService.CreateToken(request.Username, request.Password, expireOffset == null ? null : (DateTime?)(_clock.GetCurrentTime() + expireOffset.Value));
+                _logger.LogInformation(LoggingEventIds.LogInSucceeded, "Login succeeded. Username: {} Expire Time Offset: {} days.", request.Username, request.ExpireOffset);
                 return Ok(new CreateTokenResponse
                 {
                     Token = result.Token,
                     User = result.User
                 });
             }
-            catch(UserNotExistException e)
+            catch (UserNotExistException e)
             {
                 var code = ErrorCodes.Create_UserNotExist;
                 _logger.LogInformation(LoggingEventIds.LogInFailed, e, "Attemp to login failed because user does not exist. Code: {} Username: {} Password: {} .", code, request.Username, request.Password);
@@ -81,9 +98,18 @@ namespace Timeline.Controllers
             }
             catch (JwtTokenVerifyException e)
             {
-                var code = ErrorCodes.Verify_BadToken;
-                _logger.LogInformation(LoggingEventIds.VerifyFailed, e, "Attemp to verify a bad token because of bad format. Code: {} Token: {}.", code, request.Token);
-                return BadRequest(new CommonResponse(code, "A token of bad format."));
+                if (e.ErrorCode == JwtTokenVerifyException.ErrorCodes.Expired)
+                {
+                    var code = ErrorCodes.Verify_Expired;
+                    _logger.LogInformation(LoggingEventIds.VerifyFailed, e, "Attemp to verify a expired token. Code: {} Token: {}.", code, request.Token);
+                    return BadRequest(new CommonResponse(code, "A expired token."));
+                }
+                else
+                {
+                    var code = ErrorCodes.Verify_BadToken;
+                    _logger.LogInformation(LoggingEventIds.VerifyFailed, e, "Attemp to verify a bad token because of bad format. Code: {} Token: {}.", code, request.Token);
+                    return BadRequest(new CommonResponse(code, "A token of bad format."));
+                }
             }
             catch (UserNotExistException e)
             {
@@ -93,7 +119,7 @@ namespace Timeline.Controllers
             }
             catch (BadTokenVersionException e)
             {
-                var code = ErrorCodes.Verify_BadToken;
+                var code = ErrorCodes.Verify_BadVersion;
                 _logger.LogInformation(LoggingEventIds.VerifyFailed, e, "Attemp to verify a bad token because version is old. Code: {} Token: {}.", code, request.Token);
                 return BadRequest(new CommonResponse(code, "The token is expired. Try recreate a token."));
             }