public void GivenLocalReturnUrl_ReturnsRedirectToReturnUrl()
{
var model = new Login
{
Username = User.Username,
Password = "******",
ReturnUrl = "/home/index"
};
var result = Controller.Login(model) as RedirectResult;
result.Should().Not.Be.Null();
AuthenticationService.Verify(x => x.SetLoginCookie(It.Is<User>(u => u.Username == User.Username), model.RememberMe), Times.Once());
result.Url.Should().Equal(model.ReturnUrl);
}
public void GivenExternalReturnUrl_ReturnsHomePage()
{
var model = new Login
{
Username = User.Username,
Password = "******",
ReturnUrl = "http://google.com"
};
var result = Controller.Login(model) as RedirectToRouteResult;
result.Should().Not.Be.Null();
result.RouteValues["controller"].Should().Equal("Home");
result.RouteValues["action"].Should().Equal("Index");
AuthenticationService.Verify(x => x.SetLoginCookie(It.Is<User>(u => u.Username == User.Username), model.RememberMe), Times.Once());
}
public void GivenInvalidUsernameAndPassword_ReturnsLogin()
{
var model = new Login
{
Username = User.Username,
Password = GetRandom.String(20)
};
var result = Controller.Login(model) as ViewResult;
result.Should().Not.Be.Null();
AuthenticationService.Verify(x => x.SetLoginCookie(It.Is<User>(u => u.Username == User.Username), model.RememberMe), Times.Never());
result.Model.Should().Be.OfType<Login>();
var typedModel = result.Model as Login;
typedModel.Username.Should().Equal(model.Username);
typedModel.Password.Should().Be.NullOrEmpty();
result.ViewName.Should().Equal("");
var modelState = result.ViewData.ModelState;
modelState.ContainsKey("Username").Should().Be.True();
}
public ActionResult Login(Login model)
{
if (ModelState.IsValid)
{
var user = Db.Query<User>("select top 1 * from [{0}] where (Username=@Username OR Email=@Username) and Password=@Password and IsDeleted=0".Fmt(Db.GetTableName<User>()), new
{
model.Username,
Password = model.Password.ToSHAHash()
}).SingleOrDefault();
if (user != null)
{
_authenticationService.SetLoginCookie(user, model.RememberMe);
Metrics.Increment(Metric.Users_SuccessfulLogin);
if (Url.IsLocalUrl(model.ReturnUrl))
return Redirect(model.ReturnUrl);
return RedirectToAction("Index", "Home");
}
ModelState.AddModelErrorFor<Login>(x => x.Username, string.Format("The user name or password provided is incorrect. Did you <a href='{0}'>forget your password?</a>", Url.Account().ForgotPassword()));
}
Metrics.Increment(Metric.Users_FailedLogin);
// If we got this far, something failed, redisplay form
model.Password = null; //clear the password so they have to re-enter it
return View(model);
}
public ActionResult Login(string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
return RedirectToAction("Index", "Home");
}
var model = new Login
{
ReturnUrl = returnUrl,
RememberMe = true
};
return View(model);
}
