public void Verify_Ad_Account_Login_Pass_With_Admin_Role()
{
#region Arrange
TResult <LoginViewModel> expectedResponse = new TResult <LoginViewModel>
{
data = new LoginViewModel
{
IsLogin = true,
IsAdmin = true,
IsMember = false
},
Rtncode = FaultInfoRcConstants.OK,
RtnMsg = "is login successful!"
};
//Fake AD service is pass
_authService.ValidateByAd(Arg.Any <string>(), Arg.Any <string>()).Returns(true);
//Fake Find the SecurityUserAccount table from DB
_authService.FindSecurityUserAccount(Arg.Any <string>()).Returns(true);
//Fake Get MdsAdUserData table from DB
_authService.GetMdsAdUser(Arg.Any <List <string> >()).Returns(MdsAdUserData);
//Fake 檢查是否為 Admin 權限
_authService.CheckIsAdminOrMember(Arg.Any <string>()).Returns(WisGroupUser);
#endregion
//Act
TResult <LoginViewModel> actualResponse = _targetObj.Login(UserID, Password);
//Assert
Assert.AreEqual(expectedResponse.data.IsLogin, actualResponse.data.IsLogin);
Assert.AreEqual(expectedResponse.data.IsAdmin, actualResponse.data.IsAdmin);
Assert.AreEqual(expectedResponse.data.IsMember, actualResponse.data.IsMember);
Assert.AreEqual(expectedResponse.Rtncode, actualResponse.Rtncode);
Assert.AreEqual(expectedResponse.RtnMsg, actualResponse.RtnMsg);
//證明 ConfigContext 物件有沒有 如預期的 拿到 UiD 與 UserName
//Assert.AreEqual(UserID, _configContext.UiD);
//Assert.AreEqual(MdsAdUserData.FirstOrDefault().Name, _configContext.UserName);
}
public void Login_Test_False()
{
var options = new DbContextOptionsBuilder <TestContext>()
.UseInMemoryDatabase(databaseName: "Add_writes_to_database")
.Options;
// Run the test against one instance of the context
using (var context = new TestContext(options))
{
context.Customers.Add(new Customer()
{
Name = "sky", PW = "12345"
});
context.SaveChanges();
var service = new LoginBiz(context);
var result = service.Login("sky", "123");
Assert.False(result);
}
}
public async Task <IActionResult> OnPostAsync()
{
if (!ModelState.IsValid)
{
return(Page());
}
string returnUrl = Request.Query["returnUrl"];
Console.WriteLine("UserId={0}, UserPwd={1}, returnUrl={2}", UserId, UserPwd, returnUrl);
try
{
// Clear the existing external cookie
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}
catch (Exception ex)
{
Console.WriteLine("[Login] SignOutAsync error: {0}", ex.Message);
}
// *** !!! This is where you would validate the user !!! ***
// In this example we just log the user in
// (Always log the user in for this demo)
TResult <LoginViewModel> result = _loginBiz.Login(UserId, UserPwd);
if (!result.data.IsLogin)
{
ModelState.AddModelError("", string.Format("{0} ({1})", result.RtnMsg, result.Rtncode));
return(Page());
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Sid, UserId),
new Claim(ClaimTypes.Name, result.data.Name),
new Claim(ClaimTypes.Role, "Administrator"),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
//var c = claimsIdentity.Claims.Where(p => p.Type == ClaimTypes.Sid).FirstOrDefault().Value;
var authProperties = new AuthenticationProperties
{
IsPersistent = true,
RedirectUri = this.Request.Host.Value
};
try
{
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
}
catch (Exception ex)
{
Console.WriteLine("[Login] SignInAsync error: {0}", ex.Message);
}
//依權限導轉
if (result.data.IsAdmin)
{
return(LocalRedirect(Url.Content(@"~/AdminAppList/true")));
}
if (result.data.IsMember)
{
return(LocalRedirect(Url.Content(@"~/MemberApp")));
}
//導回login
string homeUrl = Url.Content("~/");
return(LocalRedirect(homeUrl));
}
public async Task <IActionResult> Index(LoginRequestViewModel request)
{
string lan = this.GetUserBrowserLanguage();
ViewBag.IsTwLanguage = IsTwRegion(lan);
if (!ModelState.IsValid)
{
return(View());
}
string returnUrl = Request.Query["returnUrl"];
Console.WriteLine("UserId={0}, UserPwd={1}, returnUrl={2}", request.UserId, request.UserPwd, returnUrl);
try
{
// Clear the existing external cookie
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}
catch (Exception ex)
{
Console.WriteLine("[Login] SignOutAsync error: {0}", ex.Message);
}
TResult <LoginViewModel> result = _loginBiz.Login(request.UserId, request.UserPwd);
if (!result.Data.IsLogin)
{
ModelState.AddModelError("", string.Format("{0} ({1})", result.RtnMsg, result.Rtncode));
return(View("Index", request));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Sid, request.UserId),
new Claim(ClaimTypes.Name, result.Data.Name),
new Claim(ClaimTypes.Role, "Administrator"),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
IsPersistent = true,
RedirectUri = this.Request.Host.Value
};
try
{
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
}
catch (Exception ex)
{
Console.WriteLine("[Login] SignInAsync error: {0}", ex.Message);
}
//依權限導轉
if (result.Data.IsAdmin)
{
return(RedirectToAction("Index", "Admin"));
}
if (result.Data.IsMember)
{
return(RedirectToAction("Index", "Member"));
}
return(RedirectToAction("Index", "Member"));
}
