public void LoginPost_UserFoundButPasswordIncorrect_LoginFails() { // setup UserModel user = new UserModel() { Id = Guid.NewGuid(), UserName = "******", Password = "******" }; _userRepo.GetByUserName(user.UserName).Returns(user); _passwordProvider.CheckPassword(Arg.Any <string>(), Arg.Any <string>()).Returns(false); var browser = CreateBrowser(null); // execute var response = browser.Post(Actions.Login.Default, (with) => { with.HttpRequest(); with.FormValue("UserName", "admin"); with.FormValue("Password", "password"); }); // assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); _passwordProvider.Received(1).CheckPassword(Arg.Any <string>(), Arg.Any <string>()); BasicResult result = JsonConvert.DeserializeObject <BasicResult>(response.Body.AsString()); Assert.IsFalse(result.Success); _userRepo.Received(1).GetByUserName(user.UserName); _passwordProvider.Received(1).CheckPassword("password", user.Password); }
public dynamic LoginPost() { LoginViewModel model = this.Bind <LoginViewModel>(); BasicResult result = new BasicResult(false); // if the email or password hasn't been supplied, exit if ((!String.IsNullOrWhiteSpace(model.UserName)) && (!String.IsNullOrWhiteSpace(model.Password))) { // get the user UserModel user = _userStore.Users.SingleOrDefault(x => x.UserName == model.UserName); if (user != null && _passwordProvider.CheckPassword(model.Password, user.Password)) { result.Success = true; return(this.Login(user.Id, DateTime.Now.AddDays(1))); } } return(this.Response.AsJson(result)); }