Service refactor (#153)

* remove email out of register service * Update auth service, move JWT handling out of controller * add docker config for service auth test * Update mock email system * Format: ./src/Core/Service * Refactor authentication payloads and services for registration and login processes * Format: src/Core/API, src/Core/Service
2026-04-05 18:09:04 +00:00 · 2026-02-16 15:12:59 -05:00
parent 0d52c937ce
commit 2cad88e3f6
31 changed files with 762 additions and 484 deletions
--- a/src/Core/Service/Service.Auth/LoginService.cs
+++ b/src/Core/Service/Service.Auth/LoginService.cs
@@ -5,30 +5,42 @@ using Infrastructure.Repository.Auth;

 namespace Service.Auth;

+public record LoginServiceReturn(
+    UserAccount UserAccount,
+    string RefreshToken,
+    string AccessToken
+);
+
 public class LoginService(
    IAuthRepository authRepo,
-    IPasswordInfrastructure passwordInfrastructure
+    IPasswordInfrastructure passwordInfrastructure,
+    ITokenService tokenService
 ) : ILoginService
 {
-
-    public async Task<UserAccount> LoginAsync(string username, string password)
+    public async Task<LoginServiceReturn> LoginAsync(
+        string username,
+        string password
+    )
    {
        // Attempt lookup by username
-        var user = await authRepo.GetUserByUsernameAsync(username);
-
        // the user was not found
-        if (user is null)
-            throw new UnauthorizedException("Invalid username or password.");
+        var user =
+            await authRepo.GetUserByUsernameAsync(username)
+            ?? throw new UnauthorizedException("Invalid username or password.");

        // @todo handle expired passwords
-        var activeCred = await authRepo.GetActiveCredentialByUserAccountIdAsync(user.UserAccountId);
-
-        if (activeCred is null)
-            throw new UnauthorizedException("Invalid username or password.");
+        var activeCred =
+            await authRepo.GetActiveCredentialByUserAccountIdAsync(
+                user.UserAccountId
+            )
+            ?? throw new UnauthorizedException("Invalid username or password.");

        if (!passwordInfrastructure.Verify(password, activeCred.Hash))
            throw new UnauthorizedException("Invalid username or password.");

-        return user;
+        string accessToken = tokenService.GenerateAccessToken(user);
+        string refreshToken = tokenService.GenerateRefreshToken(user);
+
+        return new LoginServiceReturn(user, refreshToken, accessToken);
    }
 }