public void AccountController_InvalidLogin_ReturnsInvalidModel() { // Arrange var store = new Mock<IUserStore<ApplicationUser>>(MockBehavior.Strict); store.As<IUserPasswordStore<ApplicationUser>>() .Setup(x => x.FindByNameAsync("username1")) .ReturnsAsync(null); // Act var controller = new AccountController(); var viewModel = new LoginViewModel() { Password = "******", Username = "******", }; ActionResult result = controller.Login(viewModel, "returnUrl").Result; // Assert Assert.IsInstanceOf<ViewResult>(result); var viewResult = result as ViewResult; Assert.False(viewResult.ViewData.ModelState.IsValid); }
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return View(model); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await SignInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberMe, shouldLockout: false); switch (result) { case SignInStatus.Success: return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); default: ModelState.AddModelError("", "Invalid login attempt."); return View(model); } }