public void Invoke_NoToken_SaveNorEditAreCalled() { // prepare var guid = Guid.NewGuid(); var userFromDb = new DataAccess.Models.User { Id = guid, Name = "Name", PasswordHash = "hash", PasswordSalt = "salt" }; var mockedUserRepository = new Mock <IUserRepository>(); mockedUserRepository.Setup(r => r.GetById(It.IsAny <Guid>())) .Returns(userFromDb); var mockedUserTokenRepo = new Mock <IUserTokenRepository>(); var mockedUnitOfWork = new Mock <IUnitOfWork>(); var action = new EditUserPassword(mockedUserTokenRepo.Object, mockedUserRepository.Object, mockedUnitOfWork.Object); // action var actionResult = action.Invoke(guid, "123"); // assert Assert.False(actionResult); mockedUnitOfWork.Verify(r => r.Save(), Times.Never); mockedUserRepository.Verify(r => r.Edit(It.IsAny <DataAccess.Models.User>()), Times.Never); mockedUserTokenRepo.Verify(r => r.FindBy(It.IsAny <Expression <Func <DataAccess.Models.UserToken, bool> > >()), Times.Once); mockedUserTokenRepo.Verify(r => r.Delete(It.IsAny <DataAccess.Models.UserToken>()), Times.Never); mockedUnitOfWork.Verify(r => r.Save(), Times.Never); }
public void Invoke_ValidData_ChangesPasswordSaltAndHash() { // prepare var userFromDb = new DataAccess.Models.User() { Id = 1, Name = "Name", PasswordHash = "hash", PasswordSalt = "salt" }; DataAccess.Models.User userSaved = null; var mockedUserRepo = new Mock <IUserRepository>(); mockedUserRepo.Setup(r => r.GetById(1)).Returns(userFromDb); mockedUserRepo.Setup(r => r.Edit(It.IsAny <DataAccess.Models.User>())) .Callback <DataAccess.Models.User>(u => userSaved = u); var mockedHasher = new Mock <IHasher>(); mockedHasher.Setup(h => h.GenerateRandomSalt()).Returns("salt-generated"); mockedHasher.Setup(h => h.CreateHash("plain", "salt-generated")).Returns("plain-hashed"); var action = new EditUserPassword(mockedUserRepo.Object, mockedHasher.Object); // action var actionResult = action.Invoke(1, "plain"); // assert Assert.True(actionResult); Assert.Equal("plain-hashed", userSaved.PasswordHash); Assert.Equal("salt-generated", userSaved.PasswordSalt); Assert.Equal("Name", userSaved.Name); }
public void Invoke_ValidData_SavedAndEditAreCalled() { // prepare var guid = new Guid(); var userFromDb = new DataAccess.Models.User { Id = guid, Name = "Name", PasswordHash = "hash", PasswordSalt = "salt" }; var userToken = new DataAccess.Models.UserToken { SecretToken = "123" }; var findByResult = new List <DataAccess.Models.UserToken> { userToken }; DataAccess.Models.User userSaved = null; var mockedUserRepository = new Mock <IUserRepository>(); mockedUserRepository.Setup(r => r.GetById(It.IsAny <Guid>())).Returns(userFromDb); mockedUserRepository.Setup(r => r.Edit(It.IsAny <DataAccess.Models.User>())) .Callback <DataAccess.Models.User>(u => userSaved = u); var mockedUserTokenRepo = new Mock <IUserTokenRepository>(); mockedUserTokenRepo.Setup(r => r.FindBy(It.IsAny <Expression <Func <DataAccess.Models.UserToken, bool> > >())) .Returns(findByResult.AsQueryable); var mockedHasher = new Mock <IHasher>(); mockedHasher.Setup(h => h.GenerateRandomSalt()).Returns("salt-generated"); mockedHasher.Setup(h => h.CreatePasswordHash("plain", "salt-generated")).Returns("plain-hashed"); var mockedUnitOfWork = new Mock <IUnitOfWork>(); var action = new EditUserPassword(mockedUserTokenRepo.Object, mockedUserRepository.Object, mockedUnitOfWork.Object, mockedHasher.Object); // action var actionResult = action.Invoke(Guid.NewGuid(), "plain"); // assert Assert.True(actionResult); Assert.Equal("plain-hashed", userSaved.PasswordHash); Assert.Equal("salt-generated", userSaved.PasswordSalt); Assert.Equal("Name", userSaved.Name); Assert.Equal("123", userToken.SecretToken); mockedHasher.Verify(r => r.GenerateRandomSalt(), Times.Once); mockedHasher.Verify(r => r.CreatePasswordHash(It.IsAny <string>(), It.IsAny <string>()), Times.Once); mockedUserRepository.Verify(r => r.Edit(It.IsAny <DataAccess.Models.User>()), Times.Once()); mockedUserTokenRepo.Verify(r => r.Delete(It.IsAny <DataAccess.Models.UserToken>()), Times.Once()); mockedUnitOfWork.Verify(r => r.Save(), Times.Once()); }
public void UpdateUserPassword(EditUserPassword uvm) { var config = new MapperConfiguration(cfg => { cfg.CreateMap <EditUserPassword, User>(); cfg.IgnoreUnMapped(); }); IMapper mapper = config.CreateMapper(); User u = mapper.Map <EditUserPassword, User>(uvm); u.PasswordHash = SHA256HashGenerator.GenerateHash(uvm.Password); ur.UpdateUserDetail(u); }
public IActionResult EditPassword([FromBody] EditUserPassword model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var response = userService.UpdatePassword(model.UserId, model.Password); if (!response.Success) { return(BadRequest(response.Message)); } return(Ok(response.Success)); }
public ActionResult ChangePassword() { int uid = Convert.ToInt32(Session["CurrentUserID"]); UserViewModel uvm = this.us.GetUsersByUserID(uid); EditUserPassword evm = new EditUserPassword() { UserID = uvm.UserID, Email = uvm.Email, Password = "", ConfirmPassword = "" }; if (evm != null) { return(View(evm)); } return(RedirectToAction("Index", "Home")); }
public ActionResult ChangePassword(EditUserPassword evm) { if (ModelState.IsValid) { evm.UserID = Convert.ToInt32(Session["CurrentUserID"]); this.us.UpdateUserPassword(evm); Session["CurrentUserEmail"] = evm.Email; return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("x", "Invalid data"); return(View(evm)); } }
public void Invoke_ValidData_NoUser() { // prepare var userToken = new DataAccess.Models.UserToken { SecretToken = "123" }; var findByResult = new List <DataAccess.Models.UserToken> { userToken }; DataAccess.Models.User userSaved = null; var mockedUserRepository = new Mock <IUserRepository>(); var mockedUserTokenRepo = new Mock <IUserTokenRepository>(); mockedUserTokenRepo.Setup(r => r.FindBy(It.IsAny <Expression <Func <DataAccess.Models.UserToken, bool> > >())) .Returns(findByResult.AsQueryable); var mockedHasher = new Mock <IHasher>(); mockedHasher.Setup(h => h.GenerateRandomSalt()).Returns("salt-generated"); mockedHasher.Setup(h => h.CreatePasswordHash("plain", "salt-generated")).Returns("plain-hashed"); var mockedUnitOfWork = new Mock <IUnitOfWork>(); var action = new EditUserPassword(mockedUserTokenRepo.Object, mockedUserRepository.Object, mockedUnitOfWork.Object, mockedHasher.Object); // action var actionResult = action.Invoke(Guid.NewGuid(), "plain"); // assert Assert.False(actionResult); Assert.Null(userSaved); mockedHasher.Verify(r => r.GenerateRandomSalt(), Times.Never); mockedHasher.Verify(r => r.CreatePasswordHash(It.IsAny <string>(), It.IsAny <string>()), Times.Never); mockedUserRepository.Verify(r => r.Edit(It.IsAny <DataAccess.Models.User>()), Times.Never); mockedUnitOfWork.Verify(r => r.Save(), Times.Never); mockedUserTokenRepo.Verify(r => r.Delete(It.IsAny <DataAccess.Models.UserToken>()), Times.Never); mockedUnitOfWork.Verify(r => r.Save(), Times.Never); }
public IActionResult EditPassword(EditUserPassword editPassword, int user_id) { if (HttpContext.Session.GetInt32("user_id") != null) { if (dbContext.Users.Any(u => u.UserId == (int)HttpContext.Session.GetInt32("user_id"))) { if ((int)HttpContext.Session.GetInt32("user_id") == user_id) { if (ModelState.IsValid) { var hasher = new PasswordHasher <EditUserPassword>(); editPassword.Password = hasher.HashPassword(editPassword, editPassword.Password); dbContext.Users.FirstOrDefault(u => u.UserId == user_id).Password = editPassword.Password; dbContext.SaveChanges(); return(RedirectToAction("SelfEdit")); } ViewBag.User = dbContext.Users.FirstOrDefault(u => u.UserId == user_id); return(View("SelfEdit")); } else { if (dbContext.Users.FirstOrDefault(u => u.UserId == (int)HttpContext.Session.GetInt32("user_id")).Level == 9) { if (ModelState.IsValid) { var hasher = new PasswordHasher <EditUserPassword>(); editPassword.Password = hasher.HashPassword(editPassword, editPassword.Password); dbContext.Users.FirstOrDefault(u => u.UserId == user_id).Password = editPassword.Password; dbContext.SaveChanges(); return(RedirectToAction("Edit", new { user_id = user_id })); } ViewBag.User = dbContext.Users.FirstOrDefault(u => u.UserId == user_id); return(View("Edit")); } return(RedirectToAction("Dashboard")); } } return(RedirectToAction("Logout")); } return(RedirectToAction("Login")); }
public void Invoke_InvalidData_SaveNorEditAreCalled() { // prepare var userFromDb = new DataAccess.Models.User() { Id = 1 }; var mockedUserRepo = new Mock <IUserRepository>(); mockedUserRepo.Setup(r => r.GetById(1)) .Returns(userFromDb); var action = new EditUserPassword(mockedUserRepo.Object); // action var actionResult = action.Invoke(1, ""); // assert Assert.False(actionResult); mockedUserRepo.Verify(r => r.Save(), Times.Never); mockedUserRepo.Verify(r => r.Edit(It.IsAny <DataAccess.Models.User>()), Times.Never); }
public IActionResult EditPassword([FromBody] EditUserPassword model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var userIdVal = User.FindFirst(ClaimTypes.NameIdentifier)?.Value; if (string.IsNullOrEmpty(userIdVal)) { return(BadRequest("Invalid attempt")); } int userId = Convert.ToInt32(userIdVal); var response = userService.UpdatePassword(userId, model.Password); if (!response.Success) { return(BadRequest(response.Message)); } return(Ok(response.Success)); }