public void AccountController_InvalidLogin_ReturnsInvalidModel()
{
// Arrange
var store = new Mock<IUserStore<ApplicationUser>>(MockBehavior.Strict);
store.As<IUserPasswordStore<ApplicationUser>>()
.Setup(x => x.FindByNameAsync("username1"))
.ReturnsAsync(null);
// Act
var controller = new AccountController();
var viewModel = new LoginViewModel()
{
Password = "******",
Username = "******",
};
ActionResult result = controller.Login(viewModel, "returnUrl").Result;
// Assert
Assert.IsInstanceOf<ViewResult>(result);
var viewResult = result as ViewResult;
Assert.False(viewResult.ViewData.ModelState.IsValid);
}
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
