public bool Authenticate(LoginRequest request, IEnumerable<IAuthenticationStrategy> strategies)
{
_auditor.ApplyHistory(request);
var authResult = strategies.Any(x => x.Authenticate(request));
_auditor.Audit(request);
return authResult;
}
public void is_not_locked_out_with_less_than_the_maximum_attempts()
{
var request = new LoginRequest();
request.NumberOfTries = theSettings.MaximumNumberOfFailedAttempts - 1;
theRule.IsLockedOut(request).ShouldBe(LoginStatus.NotAuthenticated);
}
public void SetRememberMeCookie(LoginRequest request)
{
if (request.RememberMe && request.UserName.IsNotEmpty())
{
_cookies.User.Value = request.UserName;
}
}
public void is_locked_out_if_the_maximum_number_of_attempts_has_been_reached()
{
var request = new LoginRequest();
request.NumberOfTries = theSettings.MaximumNumberOfFailedAttempts;
theRule.IsLockedOut(request).ShouldBe(LoginStatus.LockedOut);
}
public void setting_return_url_sets_url()
{
var loginRequest = new LoginRequest();
var testing_url = "the/best/url";
loginRequest.ReturnUrl = testing_url;
loginRequest.Url.ShouldBe(testing_url);
}
public void is_not_locked_out_if_the_maximum_number_of_attempts_was_reached_but_the_locked_out_time_has_expired()
{
var request = new LoginRequest();
request.LockedOutUntil = DateTime.Today.ToUniversalTime();
theSystemTime.LocalNow(DateTime.Today.AddMinutes(theSettings.CooloffPeriodInMinutes + 1));
theRule.IsLockedOut(request).ShouldBe(LoginStatus.NotAuthenticated);
}
public void ApplyHistory(LoginRequest request)
{
if (request.UserName.IsEmpty()) return;
var history = _session.Load<LoginFailureHistory>(request.UserName);
if (history == null) return;
request.NumberOfTries = history.Attempts;
request.LockedOutUntil = history.LockedOutTime;
}
public void is_locked_out_if_the_locked_out_time_is_not_expired()
{
theSettings.CooloffPeriodInMinutes = 20;
var request = new LoginRequest();
request.NumberOfTries = theSettings.MaximumNumberOfFailedAttempts;
request.LockedOutUntil = DateTime.Today.AddMinutes(10).ToUniversalTime();
theSystemTime.LocalNow(DateTime.Today);
}
public FubuContinuation LoggedIn(LoginRequest request)
{
string url = request.Url;
if (url.IsEmpty())
{
url = "~/";
}
return FubuContinuation.RedirectTo(url);
}
public void LogSuccess(LoginRequest request, Audit audit)
{
_repository.Update(audit);
var history = _session.Load<LoginFailureHistory>(request.UserName);
if (history != null)
{
_session.Delete(history);
}
}
public void apply_history_when_there_is_no_history()
{
var request = new LoginRequest
{
NumberOfTries = 5,
UserName = "******"
};
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
auditor.ApplyHistory(request);
request.NumberOfTries.ShouldBe(5); // Nothing gets replaced
}
public void LogFailure(LoginRequest request, Audit audit)
{
if (request.UserName.IsEmpty()) return;
_repository.Update(audit);
var history = _session.Load<LoginFailureHistory>(request.UserName) ?? new LoginFailureHistory
{
Id = request.UserName
};
history.Attempts = request.NumberOfTries;
history.LockedOutTime = request.LockedOutUntil;
_session.Store(history);
}
public LoginStatus IsLockedOut(LoginRequest request)
{
if (request.NumberOfTries >= _settings.MaximumNumberOfFailedAttempts)
{
return LoginStatus.LockedOut;
}
if (request.LockedOutUntil != null)
{
if (request.LockedOutUntil.Value > _systemTime.UtcNow())
{
return LoginStatus.LockedOut;
}
}
return LoginStatus.NotAuthenticated;
}
public bool Authenticate(LoginRequest request)
{
if (_lockedOutRule.IsLockedOut(request) == LoginStatus.LockedOut)
{
request.Status = LoginStatus.LockedOut;
}
else if (_authenticator.AuthenticateCredentials(request))
{
request.Status = LoginStatus.Succeeded;
_session.MarkAuthenticated(request.UserName);
}
else
{
request.Status = LoginStatus.Failed;
request.NumberOfTries++;
_lockedOutRule.ProcessFailure(request);
}
return request.Status == LoginStatus.Succeeded;
}
public void apply_history_when_there_is_prior_history()
{
var history = new LoginFailureHistory
{
Id = "AlreadyLockedOut",
Attempts = 3,
LockedOutTime = DateTime.Today.AddMinutes(30)
};
theContainer.GetInstance<ITransaction>().Execute<IDocumentSession>(repo => repo.Store(history));
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
var request = new LoginRequest
{
UserName = history.Id
};
auditor.ApplyHistory(request);
request.NumberOfTries.ShouldBe(history.Attempts);
request.LockedOutUntil.ShouldBe(history.LockedOutTime.Value);
}
public void ProcessFailure(LoginRequest request)
{
if (request.LockedOutUntil != null && request.LockedOutUntil.Value <= _systemTime.UtcNow())
{
request.LockedOutUntil = null;
}
if (IsLockedOut(request) == LoginStatus.LockedOut)
{
request.Status = LoginStatus.LockedOut;
request.Message = LoginKeys.LockedOut.ToString();
request.NumberOfTries = 0; // This is important for the unlocking later
if (request.LockedOutUntil == null)
{
request.LockedOutUntil = _systemTime.UtcNow().AddMinutes(_settings.CooloffPeriodInMinutes);
}
}
else
{
request.Message = LoginKeys.Failed.ToFormat(request.NumberOfTries,
_settings.MaximumNumberOfFailedAttempts);
}
}
public void write_login_success()
{
var request = new LoginRequest
{
Status = LoginStatus.Succeeded,
UserName = "******"
};
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
auditor.Audit(request);
var theAudit = theContainer.GetInstance<IEntityRepository>().All<Audit>()
.Where(x => x.Type == "LoginSuccess").Single();
theAudit.Message.ShouldBeOfType<LoginSuccess>();
theAudit.Timestamp.ShouldBe(theTime.UtcNow());
theAudit.Username.ShouldBe("somebody");
}
public void when_logging_success_wipe_clean_the_login_failure_history()
{
var history = new LoginFailureHistory
{
Id = "doofus",
Attempts = 3
};
theContainer.GetInstance<ITransaction>().Execute<IDocumentSession>(repo => { repo.Store(history); });
var request = new LoginRequest
{
Status = LoginStatus.Succeeded,
UserName = history.Id
};
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
auditor.Audit(request);
}
public void when_logging_failure_for_a_user_that_is_locked_out()
{
var request = new LoginRequest
{
Status = LoginStatus.Failed,
UserName = "******",
NumberOfTries = 1,
LockedOutUntil = DateTime.Today.ToUniversalTime()
};
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
auditor.Audit(request);
var history = theContainer.GetInstance<IDocumentSession>()
.Load<LoginFailureHistory>(request.UserName);
history.LockedOutTime.ShouldBe(request.LockedOutUntil);
}
public void when_logging_failure_for_a_user_that_has_no_prior_failure_history()
{
var request = new LoginRequest
{
Status = LoginStatus.Failed,
UserName = "******",
NumberOfTries = 1,
LockedOutUntil = null
};
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
auditor.Audit(request);
var history = theContainer.GetInstance<IDocumentSession>().Load<LoginFailureHistory>(request.UserName);
history.ShouldNotBeNull();
history.Attempts.ShouldBe(1);
history.LockedOutTime.ShouldBeNull();
}
public void update_an_existing_history()
{
var history = new LoginFailureHistory
{
Id = "AlreadyFailed",
Attempts = 2
};
theContainer.GetInstance<ITransaction>().Execute<IDocumentSession>(repo => { repo.Store(history); });
var request = new LoginRequest
{
Status = LoginStatus.Failed,
UserName = history.Id,
NumberOfTries = 3,
LockedOutUntil = DateTime.Today.ToUniversalTime()
};
var auditor = theContainer.GetInstance<PersistedLoginAuditor>();
auditor.Audit(request);
var history2 = theContainer.GetInstance<IDocumentSession>()
.Load<LoginFailureHistory>(request.UserName);
history2.Attempts.ShouldBe(request.NumberOfTries);
history2.LockedOutTime.ShouldBe(request.LockedOutUntil);
}
public bool Authenticate(LoginRequest request)
{
return(Authenticate(request, _strategies));
}
public bool Authenticate(LoginRequest request)
{
return Authenticate(request, _strategies);
}
public bool MatchesCredentials(LoginRequest request)
{
throw new NotImplementedException();
}
protected bool Equals(LoginRequest other)
{
return string.Equals(Url, other.Url);
}
