diff --git a/src/Core/API/API.Core/Controllers/AuthController.cs b/src/Core/API/API.Core/Controllers/AuthController.cs index 201c491..0f22ea5 100644 --- a/src/Core/API/API.Core/Controllers/AuthController.cs +++ b/src/Core/API/API.Core/Controllers/AuthController.cs @@ -33,7 +33,7 @@ namespace API.Core.Controllers var response = new ResponseBody { - Message = "Registration successful.", + Message = "User registered successfully.", Payload = new AuthPayload( new UserDTO(created.UserAccountId, created.Username), jwt, @@ -49,7 +49,10 @@ namespace API.Core.Controllers var userAccount = await auth.LoginAsync(req.Username, req.Password); if (userAccount is null) { - return Unauthorized(); + return Unauthorized(new ResponseBody + { + Message = "Invalid username or password." + }); } UserDTO dto = new(userAccount.UserAccountId, userAccount.Username); @@ -59,7 +62,7 @@ namespace API.Core.Controllers return Ok(new ResponseBody { - Message = "Login successful.", + Message = "Logged in successfully.", Payload = new AuthPayload(dto, jwt, DateTime.UtcNow, jwtExpiresAt) }); } diff --git a/src/Core/API/API.Specs/Features/Registration.feature b/src/Core/API/API.Specs/Features/Registration.feature index 5e09b31..6140bea 100644 --- a/src/Core/API/API.Specs/Features/Registration.feature +++ b/src/Core/API/API.Specs/Features/Registration.feature @@ -1,75 +1,67 @@ Feature: User Registration -As a new user -I want to register an account -So that I can log in and access authenticated routes + As a new user + I want to register an account + So that I can log in and access authenticated routes - Scenario: Successful registration with valid details - Given the API is running - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | newuser | New | User | newuser@example.com | 1990-01-01 | Password1! | - Then the response has HTTP status 201 - And the response JSON should have "message" equal "User registered successfully." - And the response JSON should have an access token + Scenario: Successful registration with valid details + Given the API is running + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | newuser | New | User | newuser@example.com | 1990-01-01 | Password1! | + Then the response has HTTP status 201 + And the response JSON should have "message" equal "User registered successfully." + And the response JSON should have an access token - @Ignore - Scenario: Registration fails with existing username - Given the API is running - And I have an existing account with username "existinguser" - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | existinguser | Existing | User | existing@example.com | 1990-01-01 | Password1! | - Then the response has HTTP status 409 - And the response JSON should have "message" equal "Username already exists." + @Ignore + Scenario: Registration fails with existing username + Given the API is running + And I have an existing account with username "existinguser" + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | existinguser | Existing | User | existing@example.com | 1990-01-01 | Password1! | + Then the response has HTTP status 409 + And the response JSON should have "message" equal "Username already exists." - @Ignore - Scenario: Registration fails with existing email - Given the API is running - And I have an existing account with email "existing@example.com" - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | newuser | New | User | existing@example.com | 1990-01-01 | Password1! | - Then the response has HTTP status 409 - And the response JSON should have "message" equal "Email already in use." + @Ignore + Scenario: Registration fails with existing email + Given the API is running + And I have an existing account with email "existing@example.com" + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | newuser | New | User | existing@example.com | 1990-01-01 | Password1! | + Then the response has HTTP status 409 + And the response JSON should have "message" equal "Email already in use." - @Ignore - Scenario: Registration fails with missing required fields - Given the API is running - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | | New | User | | | Password1! | - Then the response has HTTP status 400 - And the response JSON should have "message" equal "Username is required." + Scenario: Registration fails with missing required fields + Given the API is running + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | | New | User | | | Password1! | + Then the response has HTTP status 400 - @Ignore - Scenario: Registration fails with invalid email format - Given the API is running - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | newuser | New | User | invalidemail | 1990-01-01 | Password1! | - Then the response has HTTP status 400 - And the response JSON should have "message" equal "Invalid email format." + Scenario: Registration fails with invalid email format + Given the API is running + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | newuser | New | User | invalidemail | 1990-01-01 | Password1! | + Then the response has HTTP status 400 - @Ignore - Scenario: Registration fails with weak password - Given the API is running - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | newuser | New | User | newuser@example.com | 1990-01-01 | weakpass | - Then the response has HTTP status 400 - And the response JSON should have "message" equal "Password does not meet complexity requirements." + Scenario: Registration fails with weak password + Given the API is running + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | newuser | New | User | newuser@example.com | 1990-01-01 | weakpass | + Then the response has HTTP status 400 + And the response JSON should have "message" equal "Password does not meet complexity requirements." - @Ignore - Scenario: Cannot register a user younger than 19 years of age (regulatory requirement) - Given the API is running - When I submit a registration request with values: - | Username | FirstName | LastName | Email | DateOfBirth | Password | - | younguser | Young | User | younguser@example.com | | Password1! | - Then the response has HTTP status 400 - And the response JSON should have "message" equal "You must be at least 19 years old to register." + Scenario: Cannot register a user younger than 19 years of age (regulatory requirement) + Given the API is running + When I submit a registration request with values: + | Username | FirstName | LastName | Email | DateOfBirth | Password | + | younguser | Young | User | younguser@example.com | {underage_date} | Password1! | + Then the response has HTTP status 400 - Scenario: Registration endpoint only accepts POST requests - Given the API is running - When I submit a registration request using a GET request - Then the response has HTTP status 404 - And the response JSON should have "message" equal "Not Found." \ No newline at end of file + Scenario: Registration endpoint only accepts POST requests + Given the API is running + When I submit a registration request using a GET request + Then the response has HTTP status 404 diff --git a/src/Core/API/API.Specs/Steps/AuthSteps.cs b/src/Core/API/API.Specs/Steps/AuthSteps.cs index bc745f4..b2e6fdb 100644 --- a/src/Core/API/API.Specs/Steps/AuthSteps.cs +++ b/src/Core/API/API.Specs/Steps/AuthSteps.cs @@ -163,17 +163,28 @@ public class AuthSteps(ScenarioContext scenario) { var client = GetClient(); var row = table.Rows[0]; - + + var username = row["Username"] ?? ""; + var firstName = row["FirstName"] ?? ""; + var lastName = row["LastName"] ?? ""; + var email = row["Email"] ?? ""; + var dateOfBirth = row["DateOfBirth"] ?? ""; + + if (dateOfBirth == "{underage_date}") + { + dateOfBirth = DateTime.UtcNow.AddYears(-18).ToString("yyyy-MM-dd"); + } + + var password = row["Password"]; + var registrationData = new { - username = row.TryGetValue("Username", out var value) ? value : null, - firstName = row.TryGetValue("FirstName", out var value1) ? value1 : null, - lastName = row.TryGetValue("LastName", out var value2) ? value2 : null, - email = row.TryGetValue("Email", out var value3) ? value3 : null, - dateOfBirth = row.ContainsKey("DateOfBirth") && !string.IsNullOrEmpty(row["DateOfBirth"]) - ? row["DateOfBirth"] - : null, - password = row.ContainsKey("Password") ? row["Password"] : null + username, + firstName, + lastName, + email, + dateOfBirth, + password }; var body = JsonSerializer.Serialize(registrationData); @@ -189,17 +200,17 @@ public class AuthSteps(ScenarioContext scenario) scenario[ResponseKey] = response; scenario[ResponseBodyKey] = responseBody; } - + [Given("I have an existing account with username {string}")] public void GivenIHaveAnExistingAccountWithUsername(string username) { - + } [Given("I have an existing account with email {string}")] public void GivenIHaveAnExistingAccountWithEmail(string email) { - + } [When("I submit a registration request using a GET request")] @@ -217,4 +228,4 @@ public class AuthSteps(ScenarioContext scenario) scenario[ResponseKey] = response; scenario[ResponseBodyKey] = responseBody; } -} \ No newline at end of file +}