public async Task ShouldUpdatePassword()
{
UserService userService = new UserService(_dbContext, _userManager, _mainEventProvider, _securityService);
UserController userController = new UserController(userService, _securityService);
var oldPassword = "******";
var newPassword = "******";
// Now we have to create password for this user
// HashPassword-method needs already existing user, so we create password only AFTER we have created the user
// The user is already created in BaseTest
var hasher = new PasswordHasher <ApplicationUser>();
var hash = hasher.HashPassword(_createdUser2.Entity, oldPassword);
_createdUser2.Entity.PasswordHash = hash;
_dbContext.SaveChanges();
SetUser(userController, _createdUser2.Entity.Id);
PasswordUpdateVm dataForUpdate = new PasswordUpdateVm
{
OldPassword = oldPassword,
NewPassword = newPassword,
CheckNewPassword = newPassword
};
await userController.UpdatePasswordAsync(dataForUpdate);
ApplicationUser updatedUser = _dbContext.Users.Find(_createdUser2.Entity.Id);
Assert.AreNotEqual(hash, updatedUser.PasswordHash);
}
public async Task <ActionResult> UpdatePasswordAsync(PasswordUpdateVm data)
{
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
await _userService.UpdatePasswordAsync(data, userId);
Log.Information("User {userId} updated user password {@data}", userId, data);
return(Ok());
}
public void ShouldNotUpdatePasswordIfIncorrect()
{
UserService userService = new UserService(_dbContext, _userManager, _mainEventProvider, _securityService);
UserController userController = new UserController(userService, _securityService);
SetUser(userController, _createdUser2.Entity.Id);
PasswordUpdateVm dataForUpdate = new PasswordUpdateVm
{
OldPassword = "******",
NewPassword = "******",
CheckNewPassword = "******"
};
var ex = Assert.ThrowsAsync <HttpException>(async() =>
{
await userController.UpdatePasswordAsync(dataForUpdate);
});
Assert.AreEqual("Det gamle passordet er ugyldig", ex.Message);
}
