public ActionResult Login(LoginViewModel viewModel)
{
try
{
if (!ModelState.IsValid)
{
ViewBag.ErrorMessage = "Valid data not supplied";
return View("Login");
}
var principal = WebAuthenticator.Authenticate(viewModel.Username, viewModel.Password);
if (principal.Identity.IsAuthenticated)
{
string redirectUrl = DetermineRedirectUrl(viewModel.RedirectUrl);
return Redirect(redirectUrl);
}
ViewBag.ErrorMessage = "Invalid username, password or could not be validated.";
}
catch (Exception ex)
{
ViewBag.ErrorMessage = ex.Message;
}
return View("Login");
}
/// <summary>
/// Gets login form
/// </summary>
/// <param name="redirectUrl">Url to redirect to after successful login</param>
/// <returns>ActionResult</returns>
public ActionResult LoginForm(string redirectUrl = "")
{
if (User.Identity.IsAuthenticated)
{
ViewBag.ErrorMessage = "You do not have sufficient security rights";
return View("Login");
}
var viewModel = new LoginViewModel();
viewModel.Username = WebAuthenticator.GetUsernameFromCookie();
viewModel.RedirectUrl = DetermineRedirectUrl(redirectUrl);
ViewData.Model = viewModel;
return View("Login");
}
public void Login_WHEN_WebAuthenticator_Returns_Authenticated_User_THEN_Returns_RedirectUrl()
{
const string redirectUrl = "http://localhost/test.html";
var viewModel = new LoginViewModel
{
Username = "******",
Password = "******",
RedirectUrl = redirectUrl
};
var mockedWebAuthenticator = new Mock<IWebAuthenticator>();
mockedWebAuthenticator.Setup(wa => wa.Authenticate(It.IsAny<string>(), It.IsAny<string>())).Returns(GetPrincipal(true));
var mockedConfigurationReader = new Mock<IConfigurationReader>();
mockedConfigurationReader.Setup(cr => cr.GetSection<BlogConfigurationSection>(It.IsAny<string>()))
.Returns(GetBlogConfigurationSection());
var controller = new AuthenticationController(mockedWebAuthenticator.Object, mockedConfigurationReader.Object);
controller.DoDataAnnotationValidation(viewModel);
var result = controller.Login(viewModel) as RedirectResult;
result.ShouldNotBeNull();
result.Url.ShouldEqual(redirectUrl);
}
public void Login_WHEN_WebAuthenticator_Authenticate_Returns_Principal_That_Is_Not_Authenticated_THEN_Returns_LoginView_With_ErrorMessage()
{
var viewModel = new LoginViewModel
{
Username = "******",
Password = "******",
RedirectUrl = String.Empty
};
var mockedWebAuthenticator = new Mock<IWebAuthenticator>();
mockedWebAuthenticator.Setup(wa => wa.Authenticate(It.IsAny<string>(), It.IsAny<string>()))
.Returns(GetPrincipal(false));
var mockedConfigurationReader = new Mock<IConfigurationReader>();
mockedConfigurationReader.Setup(cr => cr.GetSection<BlogConfigurationSection>(It.IsAny<string>()))
.Returns(GetBlogConfigurationSection());
var controller = new AuthenticationController(mockedWebAuthenticator.Object, mockedConfigurationReader.Object);
controller.DoDataAnnotationValidation(viewModel);
var result = controller.Login(viewModel) as ViewResult;
result.ShouldNotBeNull();
result.ViewName.ShouldEqual("Login");
string errorMessage = result.ViewBag.ErrorMessage;
errorMessage.ShouldEqual("Invalid username, password or could not be validated.");
}
public void Login_WHEN_Username_Is_Empty_THEN_Returns_Login_View_With_ErrorMessage_On_Username()
{
var viewModel = new LoginViewModel
{
Username = String.Empty,
Password = "******",
RedirectUrl = String.Empty
};
var mockedWebAuthenticator = new Mock<IWebAuthenticator>();
var mockedConfigurationReader = new Mock<IConfigurationReader>();
mockedConfigurationReader.Setup(cr => cr.GetSection<BlogConfigurationSection>(It.IsAny<string>()))
.Returns(GetBlogConfigurationSection());
var controller = new AuthenticationController(mockedWebAuthenticator.Object, mockedConfigurationReader.Object);
controller.DoDataAnnotationValidation(viewModel);
var result = controller.Login(viewModel) as ViewResult;
result.ShouldNotBeNull();
result.ViewName.ShouldEqual("Login");
result.ViewData.ModelState.IsValid.ShouldBeFalse();
result.ViewData.ModelState.Count.ShouldEqual(1);
result.ViewData.ModelState.Values.First().Errors.First().ErrorMessage.ShouldEqual("Username required");
}
public void Login_Calls_WebAuthenticator_With_Provided_Username_And_Password()
{
var viewModel = new LoginViewModel
{
Username = "******",
Password = "******",
RedirectUrl = String.Empty
};
Expression<Func<IWebAuthenticator, IJumbleblocksPrincipal>> verifiableAction = wa => wa.Authenticate(viewModel.Username, viewModel.Password);
var mockedWebAuthenticator = new Mock<IWebAuthenticator>();
mockedWebAuthenticator.Setup(verifiableAction).Returns(GetPrincipal(true)).Verifiable();
var mockedConfigurationReader = new Mock<IConfigurationReader>();
mockedConfigurationReader.Setup(cr => cr.GetSection<BlogConfigurationSection>(It.IsAny<string>()))
.Returns(GetBlogConfigurationSection());
var controller = new AuthenticationController(mockedWebAuthenticator.Object, mockedConfigurationReader.Object);
controller.Login(viewModel);
mockedWebAuthenticator.Verify(verifiableAction, Times.Once());
}
