public void POST_Not_Providing_Reset_Code_In_URL_Gives_PageNotFoundException() { // Arrange User user = new UserBuilder().WithPasswordResetCode("code").Build(); var requestFormValues = new Dictionary <string, StringValues>(); requestFormValues.Add("GovUk_Text_NewPassword", "NewPassword1"); requestFormValues.Add("GovUk_Text_ConfirmNewPassword", "NewPassword1"); var controllerBuilder = new ControllerBuilder <PasswordResetController>(); var controller = controllerBuilder .WithDatabaseObjects(user) .WithRequestFormValues(requestFormValues) .WithMockUriHelper() .Build(); // Act var requestViewModel = new ChooseNewPasswordViewModel { ResetCode = null /* reset code not provided */ }; TestDelegate action = () => controller.ChooseNewPasswordPost(requestViewModel); // Assert Assert.Throws <PageNotFoundException>(action); }
public IActionResult ChooseNewPasswordGet(string code) { // Redirect if already logged in if (User.Identity.IsAuthenticated) { return(RedirectToAction("ManageOrganisationsGet", "ManageOrganisations")); } // Find the user from the reset code in the viewModel User user = GetUserFromResetCode(code); // Check that password reset code has not expired ThrowIfPasswordResetCodeHasExpired(user); var viewModel = new ChooseNewPasswordViewModel { ResetCode = code }; return(View("ChooseNewPassword", viewModel)); }
public IActionResult ChooseNewPasswordPost(ChooseNewPasswordViewModel viewModel) { // Redirect if already logged in if (User.Identity.IsAuthenticated) { return(RedirectToAction("ManageOrganisationsGet", "ManageOrganisations")); } viewModel.ParseAndValidateParameters(Request, m => m.NewPassword); viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword); if (viewModel.HasSuccessfullyParsedValueFor(m => m.NewPassword) && viewModel.HasSuccessfullyParsedValueFor(m => m.ConfirmNewPassword) && viewModel.NewPassword != viewModel.ConfirmNewPassword) { viewModel.AddErrorFor(m => m.ConfirmNewPassword, "Password and confirmation password do not match"); } if (viewModel.HasAnyErrors()) { return(View("ChooseNewPassword", viewModel)); } // Find the user from the reset code in the viewModel User userToUpdate = GetUserFromResetCode(viewModel.ResetCode); // Check that password reset code has not expired ThrowIfPasswordResetCodeHasExpired(userToUpdate); userRepository.UpdatePassword(userToUpdate, viewModel.NewPassword); emailSendingService.SendResetPasswordCompletedEmail(userToUpdate.EmailAddress); // Remove password reset code and send date RemovePasswordResetCode(userToUpdate); return(RedirectToAction("ChooseNewPasswordCompleteGet")); }