public void POST_Not_Providing_Reset_Code_In_URL_Gives_PageNotFoundException() { // Arrange User user = new UserBuilder().WithPasswordResetCode("code").Build(); var requestFormValues = new Dictionary <string, StringValues>(); requestFormValues.Add("GovUk_Text_NewPassword", "NewPassword1"); requestFormValues.Add("GovUk_Text_ConfirmNewPassword", "NewPassword1"); var controllerBuilder = new ControllerBuilder <PasswordResetController>(); var controller = controllerBuilder .WithDatabaseObjects(user) .WithRequestFormValues(requestFormValues) .WithMockUriHelper() .Build(); // Act var requestViewModel = new ChooseNewPasswordViewModel { ResetCode = null /* reset code not provided */ }; TestDelegate action = () => controller.ChooseNewPasswordPost(requestViewModel); // Assert Assert.Throws <PageNotFoundException>(action); }
public void POST_Valid_Reset_Code_In_URL_Allows_User_To_Change_Their_Password() { // Arrange User user = new UserBuilder().WithPasswordResetCode("code").Build(); var requestFormValues = new Dictionary <string, StringValues>(); requestFormValues.Add("GovUk_Text_NewPassword", "NewPassword1"); requestFormValues.Add("GovUk_Text_ConfirmNewPassword", "NewPassword1"); var controllerBuilder = new ControllerBuilder <PasswordResetController>(); var controller = controllerBuilder .WithDatabaseObjects(user) .WithRequestFormValues(requestFormValues) .WithMockUriHelper() .Build(); // Act controller.ChooseNewPasswordPost(new ChooseNewPasswordViewModel { ResetCode = "code" }); // Assert Assert.AreEqual(Crypto.GetPBKDF2("NewPassword1", Convert.FromBase64String(user.Salt)), user.PasswordHash); Assert.IsNull(user.PasswordResetCode); Assert.AreEqual(1, controllerBuilder.EmailsSent.Count); var email = controllerBuilder.EmailsSent.FirstOrDefault(); Assert.NotNull(email); Assert.AreEqual(EmailTemplates.SendResetPasswordCompletedEmail, email.TemplateId); var auditLogs = controllerBuilder.DataRepository.GetAll <AuditLog>(); Assert.AreEqual(1, auditLogs.Count()); var log = auditLogs.FirstOrDefault(); Assert.NotNull(log); Assert.AreEqual(AuditedAction.UserChangePassword, log.Action); }
public void POST_Using_Expired_Reset_Code_Gives_PasswordResetCodeExpiredException() { // Arrange User user = new UserBuilder().WithPasswordResetCode("code", VirtualDateTime.Now.AddDays(-10)).Build(); var requestFormValues = new Dictionary <string, StringValues>(); requestFormValues.Add("GovUk_Text_NewPassword", "NewPassword1"); requestFormValues.Add("GovUk_Text_ConfirmNewPassword", "NewPassword1"); var controllerBuilder = new ControllerBuilder <PasswordResetController>(); var controller = controllerBuilder .WithDatabaseObjects(user) .WithRequestFormValues(requestFormValues) .WithMockUriHelper() .Build(); // Assert Assert.Throws <PasswordResetCodeExpiredException>(() => controller.ChooseNewPasswordPost(new ChooseNewPasswordViewModel { ResetCode = "code" })); }