Esempio n. 1
0
        Given_MaxPreviousPasswordChangesReached_When_ChangePasswordAsync_Then_PasswordHistoryListDoesNotGrow()
        {
            // Arrange
            var oldPasswordHash = TestUser.PasswordHash;
            var oldSalt         = TestUser.PasswordSalt;
            var oldPassword     = "******";
            var newPassword     = "******";

            _configuration.MaxNumberOfPreviousPasswords = 4;
            var passwordLastChangedDate = DateTime.UtcNow;

            TestUser.PasswordLastChangedDateUtc = passwordLastChangedDate;
            TestUser.PreviousPasswords          = new List <PreviousPassword>
            {
                new PreviousPassword {
                    ActiveFromDateUtc = DateTime.UtcNow.AddDays(-1)
                },
                new PreviousPassword {
                    ActiveFromDateUtc = DateTime.UtcNow.AddDays(-2)
                },
                new PreviousPassword {
                    ActiveFromDateUtc = DateTime.UtcNow.AddDays(-3)
                },
                new PreviousPassword {
                    ActiveFromDateUtc = DateTime.UtcNow.AddDays(-4), Salt = "To be removed"
                }
            };

            // Act
            var result = await _sut.ChangePasswordAsync(TestUser.Id, oldPassword, newPassword);

            // Assert
            Assert.AreEqual(0, result);
            _context.AssertWasCalled(a => a.SaveChanges());
            _context.AssertWasCalled(a => a.SetDeleted(Arg <PreviousPassword> .Matches(b => b.Salt == "To be removed")));
            Assert.AreNotEqual(oldPasswordHash, TestUser.PasswordHash);
            Assert.AreNotEqual(oldSalt, TestUser.PasswordSalt);
            var mostRecentPasswordChange =
                TestUser.PreviousPasswords.OrderByDescending(a => a.ActiveFromDateUtc).Take(1).Single();

            Assert.That(mostRecentPasswordChange.ActiveFromDateUtc, Is.EqualTo(passwordLastChangedDate));
        }
        public async Task Given_OldPasswordCorrect_When_ChangePasswordAsync_Then_Success()
        {
            // Arrange
            var oldPasswordHash = TestUser.PasswordHash;
            var oldSalt         = TestUser.PasswordSalt;
            var oldPassword     = "******";
            var newPassword     = "******";

            // Act
            var result = await _sut.ChangePasswordAsync(TestUser.Id, oldPassword, newPassword);

            // Assert
            Assert.AreEqual(0, result, "Password was invalid");
            _context.AssertWasCalled(a => a.SaveChanges());
            Assert.AreEqual(1, TestUser.UserLogs.Count);
            Assert.IsTrue(TestUser.UserLogs.Any(a => a.Description.Contains("Password changed")));
            Assert.That(TestUser.PreviousPasswords.Count, Is.EqualTo(1));
            Assert.AreNotEqual(oldPasswordHash, TestUser.PasswordHash);
            Assert.AreNotEqual(oldSalt, TestUser.PasswordSalt);
            Assert.IsTrue(TestUser.PasswordLastChangedDateUtc > DateTime.UtcNow.AddMinutes(-5));
        }