< Summary

Information

Class:	Backend.Controllers.AuthController
Assembly:	Backend
File(s):	D:\a\smart-meal-planner\smart-meal-planner\backend\Backend\Controllers\AuthController.cs

Line coverage

92%

Covered lines:	163
Uncovered lines:	14
Coverable lines:	177
Total lines:	380
Line coverage:	92%

Branch coverage

86%

Covered branches:	69
Total branches:	80
Branch coverage:	86.2%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Cyclomatic complexity	Line coverage
.ctor(...)	100%	1	100%
Register()	87.5%	16	100%
Login()	87.5%	16	100%
Refresh()	87.5%	16	90%
Logout()	66.66%	6	61.53%
ChangePassword()	100%	10	100%
ForgotPassword()	100%	4	100%
ResetPassword()	100%	4	100%
GenerateTokens()	62.5%	8	77.77%

File(s)

D:\a\smart-meal-planner\smart-meal-planner\backend\Backend\Controllers\AuthController.cs

#	Line	Line coverage
	`1`	`using Microsoft.AspNetCore.Identity.Data;`
	`2`	`using Microsoft.AspNetCore.Mvc;`
	`3`	`using Backend.Model;`
	`4`	`using Backend.Services;`
	`5`	`using Serilog;`
	`6`	`using Microsoft.AspNetCore.Authorization;`
	`7`	`using System.Security.Claims;`
	`8`
	`9`	`namespace Backend.Controllers`
	`10`	`{`
	`11`	`[ApiController]`
	`12`	`[Route("api/[controller]")]`
	`13`	`public class AuthController : ControllerBase`
	`14`	`{`
	`15`	`private readonly ITokenService _tokenService;`
	`16`	`private readonly IUserService _userService;`
	`17`	`private readonly IEmailService _emailService;`
	`18`	`private readonly ILogger<AuthController> _logger;`
	`19`
40	`20`	`public AuthController(ITokenService tokenService, IUserService userService, IEmailService emailService, ILogger<`
	`21`	`{`
40	`22`	`_tokenService = tokenService;`
40	`23`	`_userService = userService;`
40	`24`	`_emailService = emailService;`
40	`25`	`_logger = logger;`
40	`26`	`}`
	`27`
	`28`	`// POST: api/auth/register`
	`29`	`[HttpPost("register")]`
	`30`	`public async Task<IActionResult> Register(RegisterRequest request)`
	`31`	`{`
7	`32`	`_logger.LogDebug("Request: {Request}", request);`
7	`33`	`if (request.Email == null \|\| request.Password == null)`
	`34`	`{`
2	`35`	`_logger.LogWarning("Registration failed: Email or password is null.");`
2	`36`	`return BadRequest("Email and password are required.");`
	`37`	`}`
	`38`
5	`39`	`if (!ModelState.IsValid)`
	`40`	`{`
1	`41`	`_logger.LogWarning("Registration failed: Model state is invalid.");`
1	`42`	`_logger.LogDebug("ModelState errors: {Errors}", ModelState.Values.SelectMany(v => v.Errors).Select(e =>`
1	`43`	`return BadRequest(ModelState);`
	`44`	`}`
	`45`
	`46`	`// Check if user already exists`
4	`47`	`if (await _userService.GetByEmailAsync(request.Email) != null)`
	`48`	`{`
1	`49`	`_logger.LogWarning("Registration failed: User with email {Email} already exists.", request.Email);`
1	`50`	`return BadRequest("User already exists.");`
	`51`	`}`
	`52`
3	`53`	`var user = await _userService.CreateUserAsync(request.Email, request.Password);`
3	`54`	`if (user == null)`
	`55`	`{`
1	`56`	`_logger.LogError("Registration failed: User creation returned null.");`
1	`57`	`_logger.LogDebug("Failed to create user with email {Email}.", request.Email);`
1	`58`	`return StatusCode(500, "Failed to create user.");`
	`59`	`}`
	`60`
2	`61`	`var result = await GenerateTokens(user);`
2	`62`	`if (result.Error != null)`
	`63`	`{`
1	`64`	`_logger.LogError("Registration failed: {Error}", result.Error);`
1	`65`	`_logger.LogDebug("Failed to generate tokens for user with email {Email}.", request.Email);`
1	`66`	`return result.Error ?? StatusCode(500, "Failed to generate tokens.");`
	`67`	`}`
	`68`
1	`69`	`_logger.LogInformation("User registered successfully with email {Email}.", request.Email);`
1	`70`	`_logger.LogDebug("Generated tokens for user with email {Email}.", request.Email);`
	`71`
	`72`	`// Return the tokens`
1	`73`	`return Ok(new TokenResponse`
1	`74`	`{`
1	`75`	`AccessToken = result.AccessToken,`
1	`76`	`RefreshToken = result.RefreshToken?.Token!,`
1	`77`	`});`
7	`78`	`}`
	`79`
	`80`	`// POST: api/auth/login`
	`81`	`[HttpPost("login")]`
	`82`	`public async Task<IActionResult> Login(LoginRequest request)`
	`83`	`{`
7	`84`	`_logger.LogDebug("Login request: {Request}", request);`
7	`85`	`if (request.Email == null \|\| request.Password == null)`
	`86`	`{`
2	`87`	`_logger.LogWarning("Login failed: Email or password is null.");`
2	`88`	`return BadRequest("Email and password are required.");`
	`89`	`}`
	`90`
5	`91`	`if (!ModelState.IsValid)`
	`92`	`{`
1	`93`	`_logger.LogWarning("Login failed: Model state is invalid.");`
1	`94`	`_logger.LogDebug("ModelState errors: {Errors}", ModelState.Values.SelectMany(v => v.Errors).Select(e =>`
1	`95`	`return BadRequest(ModelState);`
	`96`	`}`
	`97`
4	`98`	`var user = await _userService.GetByEmailAsync(request.Email);`
4	`99`	`if (user == null)`
	`100`	`{`
1	`101`	`_logger.LogWarning("Login failed: User with email {Email} not found.", request.Email);`
1	`102`	`return Unauthorized("Invalid email or password.");`
	`103`	`}`
	`104`
3	`105`	`if (!_userService.VerifyPasswordHash(request.Password, user))`
	`106`	`{`
1	`107`	`_logger.LogWarning("Login failed: Invalid password for user with email {Email}.", request.Email);`
1	`108`	`return Unauthorized("Invalid email or password.");`
	`109`	`}`
	`110`
2	`111`	`var result = await GenerateTokens(user);`
2	`112`	`if (result.Error != null)`
	`113`	`{`
1	`114`	`_logger.LogError("Login failed: {Error}", result.Error);`
1	`115`	`_logger.LogDebug("Failed to generate tokens for user with email {Email}.", request.Email);`
1	`116`	`return result.Error ?? StatusCode(500, "Failed to generate tokens.");`
	`117`	`}`
	`118`
1	`119`	`_logger.LogInformation("User logged in successfully with email {Email}.", request.Email);`
	`120`
1	`121`	`return Ok(new TokenResponse`
1	`122`	`{`
1	`123`	`AccessToken = result.AccessToken,`
1	`124`	`RefreshToken = result.RefreshToken?.Token!,`
1	`125`	`});`
7	`126`	`}`
	`127`
	`128`	`// POST: api/auth/refresh`
	`129`	`[Authorize]`
	`130`	`[HttpPost("refresh")]`
	`131`	`public async Task<IActionResult> Refresh([FromBody] string refreshToken)`
	`132`	`{`
11	`133`	`if (string.IsNullOrEmpty(refreshToken))`
	`134`	`{`
2	`135`	`_logger.LogWarning("Null refresh token provided.");`
2	`136`	`return BadRequest("Refresh token is required.");`
	`137`	`}`
	`138`
9	`139`	`if (!ModelState.IsValid)`
	`140`	`{`
0	`141`	`_logger.LogWarning("Model state is invalid for refresh token request.");`
0	`142`	`_logger.LogDebug("ModelState errors: {Errors}", ModelState.Values.SelectMany(v => v.Errors).Select(e =>`
0	`143`	`_logger.LogDebug("Refresh token: {RefreshToken}", refreshToken);`
0	`144`	`return BadRequest(ModelState);`
	`145`	`}`
	`146`
9	`147`	`var oldRefreshToken = await _tokenService.FindRefreshToken(refreshToken);`
	`148`
	`149`	`// if the refresh token is not found or is expired/revoked, return Unauthorized`
	`150`	`// this is a security measure to prevent token reuse`
9	`151`	`if (oldRefreshToken == null \|\| oldRefreshToken.Expires < DateTime.UtcNow`
9	`152`	`\|\| oldRefreshToken.IsRevoked)`
	`153`	`{`
3	`154`	`_logger.LogWarning("Invalid or expired refresh token provided: {RefreshToken}", refreshToken);`
3	`155`	`return Unauthorized("Invalid refresh token.");`
	`156`	`}`
	`157`
6	`158`	`var user = await _userService.GetByIdAsync(oldRefreshToken.UserId);`
6	`159`	`if (user == null)`
	`160`	`{`
1	`161`	`_logger.LogWarning("User not found for refresh token: {RefreshToken}", refreshToken);`
1	`162`	`return Unauthorized("Invalid user.");`
	`163`	`}`
	`164`
	`165`	`// Mark the old refresh token as revoked`
5	`166`	`oldRefreshToken.IsRevoked = true;`
5	`167`	`_logger.LogDebug("Revoking old refresh token: {RefreshToken}", refreshToken);`
	`168`
	`169`	`// Generate new tokens`
5	`170`	`var result = await GenerateTokens(user);`
5	`171`	`if (result.Error != null)`
	`172`	`{`
4	`173`	`_logger.LogError("Failed to generate new tokens: {Error}", result.Error);`
4	`174`	`_logger.LogDebug("Failed to generate new tokens for user with email {Email}.", user.Email);`
4	`175`	`return result.Error ?? StatusCode(500, "Failed to generate tokens.");`
	`176`	`}`
	`177`
1	`178`	`_logger.LogInformation("Tokens refreshed successfully for user with email {Email}.", user.Email);`
	`179`
1	`180`	`return Ok(new TokenResponse`
1	`181`	`{`
1	`182`	`AccessToken = result.AccessToken,`
1	`183`	`RefreshToken = result.RefreshToken.Token!`
1	`184`	`});`
11	`185`	`}`
	`186`
	`187`	`// POST: api/auth/logout`
	`188`	`[Authorize]`
	`189`	`[HttpPost("logout")]`
	`190`	`public async Task<IActionResult> Logout([FromBody] string refreshToken)`
	`191`	`{`
2	`192`	`if (string.IsNullOrEmpty(refreshToken))`
	`193`	`{`
0	`194`	`_logger.LogWarning("Logout failed: Null refresh token provided.");`
0	`195`	`return BadRequest("Refresh token is required.");`
	`196`	`}`
	`197`
2	`198`	`if (!ModelState.IsValid)`
	`199`	`{`
0	`200`	`_logger.LogWarning("Logout failed: Model state is invalid.");`
0	`201`	`_logger.LogDebug("ModelState errors: {Errors}", ModelState.Values.SelectMany(v => v.Errors).Select(e =>`
0	`202`	`_logger.LogDebug("Refresh token: {RefreshToken}", refreshToken);`
0	`203`	`return BadRequest(ModelState);`
	`204`	`}`
	`205`
2	`206`	`var refreshTokenObj = await _tokenService.FindRefreshToken(refreshToken);`
	`207`
	`208`	`// If the refresh token is not found, we can still return OK`
	`209`	`// This is to ensure that the client can safely call logout without worrying about the token's existence`
	`210`	`// This is a common practice to avoid leaking information about token validity`
2	`211`	`if (refreshTokenObj == null)`
1	`212`	`return Ok();`
	`213`
1	`214`	`await _tokenService.RevokeRefreshToken(refreshTokenObj);`
1	`215`	`return Ok();`
2	`216`	`}`
	`217`
	`218`	`// PUT: api/auth/change-password`
	`219`	`[Authorize]`
	`220`	`[HttpPut("change-password")]`
	`221`	`public async Task<IActionResult> ChangePassword(ChangePasswordRequest request)`
	`222`	`{`
6	`223`	`if (!ModelState.IsValid)`
	`224`	`{`
1	`225`	`_logger.LogWarning("Change password failed: Model state is invalid.");`
1	`226`	`_logger.LogDebug("ModelState errors: {Errors}", ModelState.Values.SelectMany(v => v.Errors).Select(e =>`
1	`227`	`return BadRequest(ModelState);`
	`228`	`}`
	`229`
5	`230`	`if (string.IsNullOrEmpty(request.OldPassword) \|\| string.IsNullOrEmpty(request.NewPassword))`
	`231`	`{`
1	`232`	`_logger.LogWarning("Change password failed: Old password or new password is null or empty.");`
1	`233`	`return BadRequest("Old password and new password are required.");`
	`234`	`}`
	`235`
	`236`
4	`237`	`var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;`
4	`238`	`if (string.IsNullOrEmpty(userId))`
	`239`	`{`
1	`240`	`_logger.LogWarning("Change password failed: User ID not found in claims.");`
1	`241`	`return Unauthorized();`
	`242`	`}`
	`243`
	`244`	`try`
	`245`	`{`
3	`246`	`await _userService.ChangePasswordAsync(userId, request.OldPassword, request.NewPassword);`
1	`247`	`}`
1	`248`	`catch (UnauthorizedAccessException ex)`
	`249`	`{`
1	`250`	`_logger.LogWarning(ex, "Change password unauthorized for user ID {UserId}: {Message}", userId, ex.Messag`
1	`251`	`return Unauthorized("Old password is incorrect.");`
	`252`	`}`
1	`253`	`catch (Exception ex)`
	`254`	`{`
1	`255`	`_logger.LogError(ex, "Change password failed for user ID {UserId}: {Message}", userId, ex.Message);`
1	`256`	`return StatusCode(500, "An error occurred while changing the password. " + ex.Message);`
	`257`	`}`
	`258`
1	`259`	`_logger.LogInformation("Password changed successfully for user ID {UserId}.", userId);`
	`260`
1	`261`	`return Ok(new { message = "Password updated successfully" });`
6	`262`	`}`
	`263`
	`264`	`[HttpPost("forgot-password")]`
	`265`	`public async Task<IActionResult> ForgotPassword(ForgotPasswordRequest request)`
	`266`	`{`
4	`267`	`var user = await _userService.GetByEmailAsync(request.Email);`
4	`268`	`if (user == null)`
	`269`	`{`
1	`270`	`_logger.LogInformation("Forgot password request for non-existing email: {Email}", request.Email);`
1	`271`	`return Ok("If that email exists, a reset link has been sent."); // don’t reveal if email exists`
	`272`	`}`
	`273`
3	`274`	`var token = _tokenService.GenerateResetToken(user);`
3	`275`	`if (string.IsNullOrEmpty(token))`
	`276`	`{`
1	`277`	`_logger.LogError("Failed to generate reset token for user with email {Email}.", request.Email);`
1	`278`	`return StatusCode(500, "Failed to generate reset token.");`
	`279`	`}`
	`280`
2	`281`	`_logger.LogInformation("Reset token generated for user with email {Email}: {Token}", request.Email, token);`
	`282`
	`283`	`try`
	`284`	`{`
2	`285`	`await _emailService.SendPasswordResetEmailAsync(user.Email, token);`
1	`286`	`_logger.LogInformation("Reset password email sent to {Email}.", user.Email);`
1	`287`	`}`
1	`288`	`catch (Exception ex)`
	`289`	`{`
1	`290`	`_logger.LogError(ex, "Failed to send reset password email to {Email}: {Message}", user.Email, ex.Message`
1	`291`	`return StatusCode(500, "Failed to send reset email.");`
	`292`	`}`
	`293`
1	`294`	`return Ok("If that email exists, a reset link has been sent.");`
4	`295`	`}`
	`296`
	`297`	`[HttpPost("reset-password")]`
	`298`	`public async Task<IActionResult> ResetPassword(ResetPasswordRequest request)`
	`299`	`{`
3	`300`	`var userId = _tokenService.ValidateResetToken(request.ResetCode);`
3	`301`	`if (userId == null)`
	`302`	`{`
1	`303`	`_logger.LogWarning("Reset password failed: Invalid or expired token.");`
1	`304`	`_logger.LogDebug("Reset token: {Token}", request.ResetCode);`
1	`305`	`return BadRequest("Invalid or expired token");`
	`306`	`}`
	`307`
2	`308`	`var success = await _userService.UpdatePasswordAsync(userId.Value, request.NewPassword);`
2	`309`	`if (!success)`
	`310`	`{`
1	`311`	`_logger.LogError("Failed to reset password for user ID {UserId}.", userId);`
1	`312`	`_logger.LogDebug("Reset token: {Token}", request.ResetCode);`
1	`313`	`return StatusCode(500, "Could not reset password");`
	`314`	`}`
	`315`
1	`316`	`_logger.LogInformation("Password reset successfully for user ID {UserId}.", userId);`
1	`317`	`return Ok("Password has been reset successfully.");`
3	`318`	`}`
	`319`
	`320`	`private async Task<TokenGenerateResult> GenerateTokens(User user)`
	`321`	`{`
9	`322`	`var result = new TokenGenerateResult();`
	`323`	`try`
	`324`	`{`
9	`325`	`var ip = HttpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown";`
3	`326`	`result.AccessToken = _tokenService.GenerateAccessToken(user);`
3	`327`	`result.RefreshToken = await _tokenService.GenerateRefreshToken(user, ip);`
3	`328`	`}`
6	`329`	`catch (Exception ex)`
	`330`	`{`
6	`331`	`_logger.LogError(ex, "Error generating token for user with email {Email}: {message}", user.Email, ex.Mes`
6	`332`	`result.Error = StatusCode(500, $"Internal server error: Failed to generate token.");`
6	`333`	`return result;`
	`334`	`}`
	`335`
3	`336`	`if (result.AccessToken == null \|\| result.RefreshToken == null)`
	`337`	`{`
0	`338`	`_logger.LogError("Failed to generate access token or refresh token for user with email {Email}.", user.E`
0	`339`	`_logger.LogDebug("AccessToken: {AccessToken}, RefreshToken: {RefreshToken}", result.AccessToken, result.`
0	`340`	`result.Error = StatusCode(500, "Failed to generate token.");`
0	`341`	`return result;`
	`342`	`}`
	`343`
3	`344`	`_logger.LogDebug("Generated access token and refresh token for user with email {Email}.", user.Email);`
3	`345`	`_logger.LogDebug("AccessToken: {AccessToken}, RefreshToken: {RefreshToken}", result.AccessToken, result.Refr`
3	`346`	`return result;`
9	`347`	`}`
	`348`	`}`
	`349`
	`350`	`public class TokenGenerateResult`
	`351`	`{`
	`352`	`public IActionResult? Error { get; set; }`
	`353`	`public string AccessToken { get; set; } = null!;`
	`354`	`public RefreshToken RefreshToken { get; set; } = null!;`
	`355`	`}`
	`356`
	`357`	`public class LoginRequest`
	`358`	`{`
	`359`	`public required string Email { get; set; }`
	`360`	`public required string Password { get; set; }`
	`361`	`}`
	`362`
	`363`	`public class TokenResponse`
	`364`	`{`
	`365`	`public required string AccessToken { get; set; }`
	`366`	`public required string RefreshToken { get; set; }`
	`367`	`}`
	`368`
	`369`	`public class ChangePasswordRequest`
	`370`	`{`
	`371`	`public required string OldPassword { get; set; }`
	`372`	`public required string NewPassword { get; set; }`
	`373`	`}`
	`374`
	`375`	`public class ResetPasswordRequest`
	`376`	`{`
	`377`	`public required string ResetCode { get; set; }`
	`378`	`public required string NewPassword { get; set; }`
	`379`	`}`
	`380`	`}`

< Summary

Metrics

File(s)

D:\a\smart-meal-planner\smart-meal-planner\backend\Backend\Controllers\AuthController.cs

Methods/Properties