Added longlife token to tests and token generation

Author: Oyvind Timian Dokk Husveg

exercise.tests/IntegrationTests/BaseIntegrationTest.cs

@@ -74,7 +74,7 @@ FROM users u
 
         protected async Task<string> LoginAndGetToken(string email, string password, bool success = true, bool longlife = false)
         {
-            var loginBody = new LoginRequestDTO { email = email, password = password };
+            var loginBody = new LoginRequestDTO { email = email, password = password, longlifetoken = longlife };
             var loginRequestBody = new StringContent(
                 JsonSerializer.Serialize(loginBody),
                 Encoding.UTF8,

exercise.tests/IntegrationTests/TokenTests.cs

@@ -3,6 +3,7 @@
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
+using System.Security.Claims;
 using System.Text;
 using System.Threading.Tasks;
 
@@ -17,18 +18,63 @@ public async Task CreateToken_ShouldGenerateValidJwt()
             var handler = new JwtSecurityTokenHandler();
             var jwt = handler.ReadJwtToken(token);
 
-            Console.WriteLine(jwt);
+
+            //var realid = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Sid)?.Value;
+            string? email = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)?.Value;
+            string? role = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
+            var expClaim = jwt.Claims.FirstOrDefault(c => c.Type == "exp")?.Value;
+
+
+            using (Assert.EnterMultipleScope())
+            {
+                Assert.That(email, Is.EqualTo(TeacherEmail));
+                Assert.That(role, Is.EqualTo("1"));
+                Assert.That(jwt.ValidTo, Is.GreaterThan(DateTime.UtcNow));
+            }
         }
 
         [Test]
         public async Task CreateToken_LongLife_ShouldExpireLater() {
             string token = await LoginAndGetToken(TeacherEmail, TeacherPassword, true, true);
+            var handler = new JwtSecurityTokenHandler();
+            var jwt = handler.ReadJwtToken(token);
+
+            //var realid = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Sid)?.Value;
+            string? email = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)?.Value;
+            string? role = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
+            var expClaim = jwt.Claims.FirstOrDefault(c => c.Type == "exp")?.Value;
+
+            //Console.WriteLine(expClaim);
+            Assert.Multiple(() =>
+            {
+                Assert.That(email, Is.EqualTo(TeacherEmail));
+                Assert.That(role, Is.EqualTo("1"));
+                Assert.That(jwt.ValidTo, Is.GreaterThan(DateTime.UtcNow.AddDays(6.5)));
+                Assert.That(jwt.ValidTo, Is.LessThan(DateTime.UtcNow.AddDays(7.5)));
+            });
         }
 
         [Test]
         public async Task CreateToken_NormalLife_ShouldExpireLater()
         {
-            string token = await LoginAndGetToken(TeacherEmail, TeacherPassword, true, true);
+            string token = await LoginAndGetToken(TeacherEmail, TeacherPassword);
+            var handler = new JwtSecurityTokenHandler();
+            var jwt = handler.ReadJwtToken(token);
+
+            //var realid = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Sid)?.Value;
+            string? email = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)?.Value;
+            string? role = jwt.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
+            var expClaim = jwt.Claims.FirstOrDefault(c => c.Type == "exp")?.Value;
+
+            //Console.WriteLine(expClaim);
+
+            using (Assert.EnterMultipleScope())
+            {
+                Assert.That(email, Is.EqualTo(TeacherEmail));
+                Assert.That(role, Is.EqualTo("1"));
+                Assert.That(jwt.ValidTo, Is.GreaterThan(DateTime.UtcNow.AddMinutes(50)));
+                Assert.That(jwt.ValidTo, Is.LessThan(DateTime.UtcNow.AddHours(2)));
+            }
         }
 
     }

exercise.wwwapi/Endpoints/UserEndpoints.cs

@@ -143,10 +143,8 @@ private static IResult Login(IRepository<User> repository, IMapper mapper, Login
             }
 
             string token;
-
-            //token = CreateToken(user, config);
             if (request.longlifetoken.GetValueOrDefault()) token = CreateToken(user, config, 7);
-            else token = CreateToken(user, config, 0.0416666666666666666666666666666666666667);
+            else token = CreateToken(user, config, 1.0 / 24);
 
 
             ResponseDTO <LoginSuccessDTO> response = new ResponseDTO<LoginSuccessDTO>
@@ -286,7 +284,7 @@ private static string CreateToken(User user, IConfigurationSettings config, doub
             var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
             var token = new JwtSecurityToken(
                 claims: claims,
-                expires: DateTime.Now.AddDays(days),
+                expires: DateTime.UtcNow.AddDays(days),
                 signingCredentials: credentials
                 );
             var jwt = new JwtSecurityTokenHandler().WriteToken(token);