public void PasswordAnswerAttemptFailedTest()
{
User user = ClientMembershipService.GetUser("timm");
string passwordSalt = "1U3h6r/tQ+dGWhLm9Unyng==";
PasswordFormat passwordFormat = PasswordFormat.Hashed;
int failedPasswordAttemptCount = 0;
DateTime failedPasswordAttemptWindowStart = DateTime.MinValue;
int failedPasswordAnswerAttemptCount = 0;
DateTime failedPasswordAnswerAttemptWindowStart = DateTime.MinValue;
ClientMembershipUser target = new ClientMembershipUser(user,
passwordSalt, passwordFormat, failedPasswordAttemptCount,
failedPasswordAttemptWindowStart, failedPasswordAnswerAttemptCount,
failedPasswordAnswerAttemptWindowStart);
target.PasswordAnswerAttemptSucceeded();
target.PasswordAnswerAttemptFailed();
Assert.AreNotEqual(DateTime.MinValue, target.FailedPasswordAnswerAttemptWindowStart);
Assert.AreEqual(1, target.FailedPasswordAnswerAttemptCount);
Assert.AreEqual(false, target.IsLockedOut);
target.PasswordAnswerAttemptFailed();
target.PasswordAnswerAttemptFailed();
target.PasswordAnswerAttemptFailed();
target.PasswordAnswerAttemptFailed();
Assert.AreEqual(true, target.IsLockedOut);
Assert.AreNotEqual(DateTime.MinValue, target.LastLockoutDate);
}
private void ValidateUserWithPasswordAnswer(ClientMembershipUser user,
string passwordAnswer, bool throwIfFails)
{
if (passwordAnswer != null)
{
passwordAnswer = passwordAnswer.Trim();
}
SecurityHelper.CheckParameter(passwordAnswer,
this.Application.RequiresQuestionAndAnswer,
this.Application.RequiresQuestionAndAnswer,
false, this.Application.MaxPasswordAnswerSize,
"passwordAnswer");
string passwordAnswerFromPersistence =
this.GetPasswordAnswerFromPersistence(user);
try
{
if (!this.CheckPasswordAnswer(passwordAnswer,
passwordAnswerFromPersistence,
user.PasswordFormat, user.PasswordSalt))
{
user.PasswordAnswerAttemptFailed();
if (throwIfFails)
{
throw new SecurityException
("The password answer supplied was not correct");
}
}
else
{
user.PasswordAnswerAttemptSucceeded();
}
}
finally
{
this.PersistUser(user);
}
}
