Exemple #1
0
        public void POST_Not_Providing_Reset_Code_In_URL_Gives_PageNotFoundException()
        {
            // Arrange
            User user = new UserBuilder().WithPasswordResetCode("code").Build();

            var requestFormValues = new Dictionary <string, StringValues>();

            requestFormValues.Add("GovUk_Text_NewPassword", "NewPassword1");
            requestFormValues.Add("GovUk_Text_ConfirmNewPassword", "NewPassword1");

            var controllerBuilder = new ControllerBuilder <PasswordResetController>();
            var controller        = controllerBuilder
                                    .WithDatabaseObjects(user)
                                    .WithRequestFormValues(requestFormValues)
                                    .WithMockUriHelper()
                                    .Build();

            // Act
            var requestViewModel = new ChooseNewPasswordViewModel {
                ResetCode = null                                                     /* reset code not provided */
            };
            TestDelegate action = () => controller.ChooseNewPasswordPost(requestViewModel);

            // Assert
            Assert.Throws <PageNotFoundException>(action);
        }
Exemple #2
0
        public IActionResult ChooseNewPasswordGet(string code)
        {
            // Redirect if already logged in
            if (User.Identity.IsAuthenticated)
            {
                return(RedirectToAction("ManageOrganisationsGet", "ManageOrganisations"));
            }

            // Find the user from the reset code in the viewModel
            User user = GetUserFromResetCode(code);

            // Check that password reset code has not expired
            ThrowIfPasswordResetCodeHasExpired(user);

            var viewModel = new ChooseNewPasswordViewModel {
                ResetCode = code
            };

            return(View("ChooseNewPassword", viewModel));
        }
Exemple #3
0
        public IActionResult ChooseNewPasswordPost(ChooseNewPasswordViewModel viewModel)
        {
            // Redirect if already logged in
            if (User.Identity.IsAuthenticated)
            {
                return(RedirectToAction("ManageOrganisationsGet", "ManageOrganisations"));
            }

            viewModel.ParseAndValidateParameters(Request, m => m.NewPassword);
            viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword);

            if (viewModel.HasSuccessfullyParsedValueFor(m => m.NewPassword) &&
                viewModel.HasSuccessfullyParsedValueFor(m => m.ConfirmNewPassword) &&
                viewModel.NewPassword != viewModel.ConfirmNewPassword)
            {
                viewModel.AddErrorFor(m => m.ConfirmNewPassword, "Password and confirmation password do not match");
            }

            if (viewModel.HasAnyErrors())
            {
                return(View("ChooseNewPassword", viewModel));
            }

            // Find the user from the reset code in the viewModel
            User userToUpdate = GetUserFromResetCode(viewModel.ResetCode);

            // Check that password reset code has not expired
            ThrowIfPasswordResetCodeHasExpired(userToUpdate);

            userRepository.UpdatePassword(userToUpdate, viewModel.NewPassword);
            emailSendingService.SendResetPasswordCompletedEmail(userToUpdate.EmailAddress);

            // Remove password reset code and send date
            RemovePasswordResetCode(userToUpdate);

            return(RedirectToAction("ChooseNewPasswordCompleteGet"));
        }