PlanTempusApp/PlanTempus.X.BDD/FeatureFixtures/AccountSecuritySpecs.cs

using LightBDD.Framework;
using LightBDD.Framework.Scenarios;
using LightBDD.MsTest3;
using PlanTempus.X.Services;
using Shouldly;

namespace PlanTempus.X.BDD.FeatureFixtures;

[TestClass]
[FeatureDescription(@"As a system administrator
I want to ensure account security is maintained
So users' data remains protected")]
public partial class AccountSecuritySpecs : FeatureFixture
{
	IAccountService _accountService;
	IEmailService _emailService;
	IOrganizationService _organizationService;
	IAuthService _authService;

	protected Account _currentAccount;
	protected DateTime? _lockoutEnd;
	protected bool _isLocked;
	protected bool _loginSuccessful;

	public async Task Given_account_exists(string email)
	{
		_currentAccount = await _accountService.GetAccountByEmailAsync(email);
		if (_currentAccount == null)
		{
			_currentAccount = await _accountService.CreateAccountAsync(email, "TestPassword123!");
		}
	}

	public async Task When_I_attempt_5_failed_logins_within_5_minutes()
	{
		for (var i = 0; i < 5; i++)
		{
			try
			{
				await _authService.AttemptLoginAsync(_currentAccount.Email, "WrongPassword");
			}
			catch
			{
				// Expected exception with wrong password
			}
		}
	}

	public async Task Then_the_account_should_be_locked()
	{
		_currentAccount = _accountService.GetAccountByEmail(_currentAccount.Email);
		_isLocked = _currentAccount.IsLocked;
		_isLocked.ShouldBeTrue();

        await Task.CompletedTask;
    }

    public async Task And_lockout_end_should_be_set()
	{
		_lockoutEnd = _currentAccount.LockoutEnd;
		_lockoutEnd.ShouldNotBeNull();
		_lockoutEnd.Value.ShouldBeGreaterThan(DateTime.UtcNow);

        await Task.CompletedTask;
    }

    public async Task And_subsequent_login_attempts_should_fail_until_lockout_end()
	{
		try
		{
			_loginSuccessful = await _authService.AttemptLoginAsync(_currentAccount.Email, _currentAccount.Password);
		}
		catch
		{
			_loginSuccessful = false;
		}

		_loginSuccessful.ShouldBeFalse();
	}
}
Various work around the architecture 2025-03-03 00:42:20 +01:00			`using LightBDD.Framework;`
			`using LightBDD.Framework.Scenarios;`
			`using LightBDD.MsTest3;`
			`using PlanTempus.X.Services;`
			`using Shouldly;`

			`namespace PlanTempus.X.BDD.FeatureFixtures;`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00
			`[TestClass]`
			`[FeatureDescription(@"As a system administrator`
			`I want to ensure account security is maintained`
			`So users' data remains protected")]`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`public partial class AccountSecuritySpecs : FeatureFixture`
			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`IAccountService _accountService;`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`IEmailService _emailService;`
			`IOrganizationService _organizationService;`
			`IAuthService _authService;`

Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`protected Account _currentAccount;`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`protected DateTime? _lockoutEnd;`
			`protected bool _isLocked;`
			`protected bool _loginSuccessful;`

Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`public async Task Given_account_exists(string email)`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`_currentAccount = await _accountService.GetAccountByEmailAsync(email);`
			`if (_currentAccount == null)`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`_currentAccount = await _accountService.CreateAccountAsync(email, "TestPassword123!");`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`}`
			`}`

			`public async Task When_I_attempt_5_failed_logins_within_5_minutes()`
			`{`
			`for (var i = 0; i < 5; i++)`
			`{`
			`try`
			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`await _authService.AttemptLoginAsync(_currentAccount.Email, "WrongPassword");`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`}`
			`catch`
			`{`
			`// Expected exception with wrong password`
			`}`
			`}`
			`}`

			`public async Task Then_the_account_should_be_locked()`
			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`_currentAccount = _accountService.GetAccountByEmail(_currentAccount.Email);`
			`_isLocked = _currentAccount.IsLocked;`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`_isLocked.ShouldBeTrue();`

			`await Task.CompletedTask;`
			`}`

			`public async Task And_lockout_end_should_be_set()`
			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`_lockoutEnd = _currentAccount.LockoutEnd;`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`_lockoutEnd.ShouldNotBeNull();`
			`_lockoutEnd.Value.ShouldBeGreaterThan(DateTime.UtcNow);`

			`await Task.CompletedTask;`
			`}`

			`public async Task And_subsequent_login_attempts_should_fail_until_lockout_end()`
			`{`
			`try`
			`{`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`_loginSuccessful = await _authService.AttemptLoginAsync(_currentAccount.Email, _currentAccount.Password);`
Various work around the architecture 2025-03-03 00:42:20 +01:00			`}`
			`catch`
			`{`
			`_loginSuccessful = false;`
			`}`

			`_loginSuccessful.ShouldBeFalse();`
			`}`
Migrate from User to Account domain concept Renames core domain entities and services from "User" to "Account" Refactors project-wide namespaces, classes, and database tables to use "Account" terminology Updates related components, services, and database schema to reflect new domain naming Standardizes naming conventions across authentication and organization setup features 2026-01-09 22:14:46 +01:00			`}`