public void LogOn_Post_ReturnsViewIfValidateUserFails()
        {
            // Arrange
            AccountController controller = GetAccountController();
            LogOnModel model = new LogOnModel()
            {
                //UserName = "******",
                Password = "******",
                //RememberMe = false
            };

            // Act
            ActionResult result = controller.LogOn(model, null);

            // Assert
            Assert.IsInstanceOfType(result, typeof(ViewResult));
            ViewResult viewResult = (ViewResult)result;
            Assert.AreEqual(model, viewResult.ViewData.Model);
            Assert.AreEqual("The user name or password provided is incorrect.", controller.ModelState[""].Errors[0].ErrorMessage);
        }
        public void LogOn_Post_ReturnsViewIfModelStateIsInvalid()
        {
            // Arrange
            AccountController controller = GetAccountController();
            LogOnModel model = new LogOnModel()
            {
                //UserName = "******",
                Password = "******",
                //RememberMe = false
            };
            controller.ModelState.AddModelError("", "Dummy error message.");

            // Act
            ActionResult result = controller.LogOn(model, null);

            // Assert
            Assert.IsInstanceOfType(result, typeof(ViewResult));
            ViewResult viewResult = (ViewResult)result;
            Assert.AreEqual(model, viewResult.ViewData.Model);
        }
        public void LogOn_Post_ReturnsRedirectOnSuccess_WithLocalReturnUrl()
        {
            // Arrange
            AccountController controller = GetAccountController();
            LogOnModel model = new LogOnModel()
            {
                //UserName = "******",
                Password = "******",
                //RememberMe = false
            };

            // Act
            ActionResult result = controller.LogOn(model, "/someUrl");

            // Assert
            Assert.IsInstanceOfType(result, typeof(RedirectResult));
            RedirectResult redirectResult = (RedirectResult)result;
            Assert.AreEqual("/someUrl", redirectResult.Url);
            Assert.IsTrue(((MockFormsAuthenticationService)controller.FormsService).SignIn_WasCalled);
        }
        public void LogOn_Post_ReturnsRedirectToHomeOnSuccess_WithExternalReturnUrl()
        {
            // Arrange
            AccountController controller = GetAccountController();
            LogOnModel model = new LogOnModel()
            {
                //UserName = "******",
                Password = "******",
                //RememberMe = false
            };

            // Act
            ActionResult result = controller.LogOn(model, "http://malicious.example.net");

            // Assert
            Assert.IsInstanceOfType(result, typeof(RedirectToRouteResult));
            RedirectToRouteResult redirectResult = (RedirectToRouteResult)result;
            Assert.AreEqual("Home", redirectResult.RouteValues["controller"]);
            Assert.AreEqual("Index", redirectResult.RouteValues["action"]);
            Assert.IsTrue(((MockFormsAuthenticationService)controller.FormsService).SignIn_WasCalled);
        }
Esempio n. 5
0
        public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            //first check to see if this post request is meant for this action, if not, then don't do anything
            if (Request.Url.ToString().ToLower().Contains(Url.Action("LogOn", "Account").ToLower()))
            {
                if (ModelState.IsValid)
                {
                    if (MembershipService.ValidateUser(model.Email, model.Password))
                    {
                        FormsService.SignIn(model.Email, true);
                        if (Url.IsLocalUrl(returnUrl))
                        {
                            return JavaScript("window.location = \"" + returnUrl + "\";");
                        }
                        else
                        {
                            return JavaScript("window.location.reload();");
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "The user name or password provided is incorrect.");
                    }
                }
            }
            else
            {
                //clear the model state errors for this request since this httppost was meant for another action
                //e.g. when we post back on 'forgot password', it will also hit this action because the form is also
                //on the page, but we know the request is not meant for this action so just clear the errors manually
                //so it doesn't get rendered onto the page
                ModelState.Clear();
            }

            // If we got this far, something failed, redisplay form
            return View("_LoginForm", model);
        }