public void CheckSecurityAnswers_Fail()
{
//Arrange
var newUser = tu.CreateUserObject();
string secA1 = "Pizza";
string secA2 = "Cyan";
string secA3 = "Hiking";
newUser.SecurityQ1Answer = secA1;
newUser.SecurityQ2Answer = secA2;
newUser.SecurityQ3Answer = secA3;
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
List <string> submittedAnswers = new List <string>
{
"Pizza",
"Cyan",
"Photography"
};
//Act
var response = pm.CheckSecurityAnswers(newlyAddedPasswordReset.ResetToken, submittedAnswers);
//Assert
Assert.IsNotNull(response);
Assert.IsFalse(response);
}
}
public void CheckSecurityAnswersController_Fail_WrongAnswers()
{
//Arrange
var expected = -1;
var newUser = tu.CreateUserObject();
string secA1 = "Pizza";
string secA2 = "Cyan";
string secA3 = "Hiking";
newUser.SecurityQ1Answer = secA1;
newUser.SecurityQ2Answer = secA2;
newUser.SecurityQ3Answer = "photography";
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
SecurityAnswersRequest request = new SecurityAnswersRequest();
request.securityA1 = secA1;
request.securityA2 = secA2;
request.securityA3 = secA3;
//Act
var actual = pm.CheckSecurityAnswersController(newlyAddedPasswordReset.ResetToken, request);
//Assert
Assert.AreEqual(expected, actual);
}
}
public void GetSecurityQuestions_Fail()
{
//Arrange
var newUser = tu.CreateUserObject();
string secQ1 = "Favorite food?";
string secQ2 = "Favorite color?";
string secQ3 = "Favorite hobby?";
newUser.SecurityQ1 = secQ1;
newUser.SecurityQ2 = secQ2;
newUser.SecurityQ3 = secQ3;
tu.CreateUserInDb(newUser);
string expectedSecQ1 = "Favorite drink?";
string expectedSecQ2 = "Favorite pantone?";
string expectedSecQ3 = "Favorite thing to do?";
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
//Act
var response = pm.GetSecurityQuestions(newlyAddedPasswordReset.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.AreNotEqual(response[0], expectedSecQ1);
Assert.AreNotEqual(response[1], expectedSecQ2);
Assert.AreNotEqual(response[2], expectedSecQ3);
}
}
public void GetPasswordReset_Fail()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var expected = pm.CreatePasswordReset(newUser.Id);
var unexpected = pm.CreatePasswordReset(newUser.Id);
//Act
var response = pm.GetPasswordReset(unexpected.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.AreNotEqual(expected.ResetToken, response.ResetToken);
}
}
public void CreatePasswordReset_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
//Act
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var response = pm.CreatePasswordReset(newUser.Id);
//Assert
Assert.IsNotNull(response);
}
}
public void GetPasswordResetStatus_Fail()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
//Act
var response = pm.GetPasswordResetStatus(newlyAddedPasswordReset.ResetToken);
//Assert
Assert.IsNotNull(response);
}
}
public void CheckPasswordResetValid_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
//Act
var response = pm.CheckPasswordResetValid(newlyAddedPasswordReset.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.IsTrue(response);
}
}
public void CreatePasswordReset_Fail()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
//Act
var expectedResetToken = "asdf";
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var actualResetToken = pm.CreatePasswordReset(newUser.Id);
//Assert
Assert.AreNotEqual(expectedResetToken, actualResetToken);
}
}
public void CountPasswordResetPast24Hours_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
//Act
var response = pm.PasswordResetsMadeInPast24HoursByUser(newUser.Id);
//Assert
Assert.IsNotNull(response);
Assert.AreEqual(response, 1);
}
}
public void DeletePasswordReset_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var expected = pm.CreatePasswordReset(newUser.Id);
//Act
var response = pm.DeletePasswordReset(expected.ResetToken);
var result = pm.ExistingResetToken(expected.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.IsFalse(result);
}
}
public void CheckIfPasswordResetAllowed_Fail()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
newlyAddedPasswordReset.AllowPasswordReset = false;
pm.UpdatePasswordReset(newlyAddedPasswordReset);
//Act
var response = pm.CheckIfPasswordResetAllowed(newlyAddedPasswordReset.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.IsFalse(response);
}
}
public void UpdatePasswordReset_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var expected = pm.CreatePasswordReset(newUser.Id);
//Act
expected.ResetCount = 1;
var response = pm.UpdatePasswordReset(expected);
var actual = pm.GetPasswordReset(expected.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.AreEqual(expected.ResetToken, actual.ResetToken);
}
}
public void SaltAndHashPassword_Pass()
{
//Arrange
string password = "******";
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
string resetToken = newlyAddedPasswordReset.ResetToken;
//Act
var response = pm.SaltAndHashPassword(resetToken, password);
//Assert
Assert.IsNotNull(response);
Assert.AreNotEqual(response, password);
}
}
public void LockPasswordReset_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
//Act
pm.LockPasswordReset(newlyAddedPasswordReset.ResetToken);
var response = pm.GetPasswordReset(newlyAddedPasswordReset.ResetToken);
//Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Disabled);
Assert.IsFalse(response.AllowPasswordReset);
}
}
public void ResetPasswordController_Fail_ResetNotAllowed()
{
//Arrange
var expected = -2;
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
var newPassword = "******";
//Act
var actual = pm.ResetPasswordController(newlyAddedPasswordReset.ResetToken, newPassword);
//Assert
Assert.AreEqual(expected, actual);
}
}
public void ResetPasswordController_Fail_PasswordPwned()
{
//Arrange
var expected = -1;
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
newlyAddedPasswordReset.AllowPasswordReset = true;
pm.UpdatePasswordReset(newlyAddedPasswordReset);
var newPassword = "******";
//Act
var actual = pm.ResetPasswordController(newlyAddedPasswordReset.ResetToken, newPassword);
//Assert
Assert.AreEqual(expected, actual);
}
}
public void ResetPassword_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
using (_db = tu.CreateDataBaseContext())
{
PasswordManager pm = new PasswordManager(_db);
var newlyAddedPasswordReset = pm.CreatePasswordReset(newUser.Id);
string newPassword = "******";
string newPasswordHashed = pm.HashPassword(newPassword, newUser.PasswordSalt);
//Act
var response = pm.ResetPassword(newlyAddedPasswordReset.ResetToken, newPasswordHashed);
var actual = _db.Users.Find(newUser.Id).PasswordHash;
//Assert
Assert.IsNotNull(response);
Assert.IsTrue(response);
Assert.AreEqual(actual, newPasswordHashed);
}
}
public void CreatePasswordReset_Pass()
{
//Arrange
var newUser = tu.CreateUserObject();
tu.CreateUserInDb(newUser);
//Act
var response = pm.CreatePasswordReset(newUser.Id);
//Assert
Assert.IsNotNull(response);
}
