public async Task UpdatePasswordWithTokenWrongType()
{
bool result;
const string password = "******";
const string email = "*****@*****.**";
const string newPassword = "******";
const string tokenString = "token";
Models.DbModels.User updatedUser;
using (var context = new QuizContext(ManagerTestHelper.Options))
{
var sut = ManagerTestHelper.GetUserManager(context, Mock.Of <IAuthManager>());
await ManagerTestHelper.AddUserAsync(context, 0);
var user = await ManagerTestHelper.AddUserAsync(context, 1, email, password, false);
await ManagerTestHelper.AddUserAsync(context, 2);
await ManagerTestHelper.AddOneTimeTokenAsync(context, email, OneTimeTokenType.AccountVerification, tokenString, true);
await context.SaveChangesAsync();
result = await sut.UpdatePassword(tokenString, newPassword);
updatedUser = await context.Users.FindAsync(user.Id);
}
Assert.IsFalse(result);
Assert.IsTrue(AuthenticationHelper.CompareByteArrays(AuthenticationHelper.EncryptPassword(password), updatedUser.PasswordHash));
}
public async Task UpdatePasswordInvalidPassword()
{
bool result;
const string password = "******";
const string email = "*****@*****.**";
const string newPassword = "******";
Models.DbModels.User updatedUser;
using (var context = new QuizContext(ManagerTestHelper.Options))
{
var sut = ManagerTestHelper.GetUserManager(context, Mock.Of <IAuthManager>());
await ManagerTestHelper.AddUserAsync(context, 0);
var user = await ManagerTestHelper.AddUserAsync(context, 1, email, password, true);
await ManagerTestHelper.AddUserAsync(context, 2);
await context.SaveChangesAsync();
result = await sut.UpdatePassword(user.Id, newPassword);
updatedUser = await context.Users.FindAsync(user.Id);
}
Assert.IsFalse(result);
Assert.IsTrue(AuthenticationHelper.CompareByteArrays(AuthenticationHelper.EncryptPassword(password), updatedUser.PasswordHash));
}
public void EncryptPasswordCreatesTheSameHashForTheSamePassword()
{
const string password = "******";
var hash1 = AuthenticationHelper.EncryptPassword(password);
var hash2 = AuthenticationHelper.EncryptPassword(password);
var isSame = AuthenticationHelper.CompareByteArrays(hash1, hash2);
Assert.IsTrue(isSame);
}
/// <summary>
///
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public async System.Threading.Tasks.Task <AuthToken> GenerateTokenAsync(TokenRequest request)
{
var passwordHash = AuthenticationHelper.EncryptPassword(request.Password);
var user = await Context.Users.FirstOrDefaultAsync(u => u.Email == request.Email);
if (user != null && AuthenticationHelper.CompareByteArrays(user.PasswordHash, passwordHash))
{
var token = await GenerateTokenAsync(user.Id, request.DeviceId);
return(token);
}
return(null);
}
public async Task UpdatePasswordWithToken()
{
bool result;
const string password = "******";
const string email = "*****@*****.**";
const string newPassword = "******";
const string tokenString = "token";
Models.DbModels.User updatedUser;
OneTimeToken deletedToken;
using (var context = new QuizContext(ManagerTestHelper.Options))
{
var sut = ManagerTestHelper.GetUserManager(context, Mock.Of <IAuthManager>());
await ManagerTestHelper.AddUserAsync(context, 0);
var user = await ManagerTestHelper.AddUserAsync(context, 1, email, password, false);
await ManagerTestHelper.AddUserAsync(context, 2);
await ManagerTestHelper.AddOneTimeTokenAsync(context, email, OneTimeTokenType.ForgotPassword, tokenString, true);
await context.SaveChangesAsync();
result = await sut.UpdatePassword(tokenString, newPassword);
updatedUser = await context.Users.FindAsync(user.Id);
deletedToken = await context.OneTimeTokens.FirstOrDefaultAsync(t => t.Email == email && t.Token == tokenString);
}
Assert.IsTrue(result);
Assert.IsTrue(AuthenticationHelper.CompareByteArrays(AuthenticationHelper.EncryptPassword(newPassword), updatedUser.PasswordHash));
Assert.IsNull(deletedToken);
}
public void CompareByteArraysNull(bool expected, byte[] arr1, byte[] arr2)
{
var actual = AuthenticationHelper.CompareByteArrays(arr1, arr2);
Assert.AreEqual(expected, actual);
}