protected override void Test() { Application.Execute((client, context) => { // Arrange. const string Username = "******"; const string Password = "******"; // Save user to database. context.User(Username, Password); var form = new LoginForm { Username = Username, Password = Password }; var view = new CrowbarViewContext("_LoginForm").SetAnonymousPrincipal(); // Act. var response = client.Render(view, form).Submit(); // Assert. response.ShouldHaveTemporarilyRedirectTo(AppRoute.App); response.ShouldHaveCookie(FormsAuthentication.FormsCookieName); }); }
public ActionResult Login(LoginForm form) { var user = RavenSession.Query<User>().Where(x => x.Username == form.Username).FirstOrDefault(); if (user != null && user.Password.IsValid(form.Password)) { FormsAuthentication.SetAuthCookie(form.Username, false); return Redirect(AppRoute.App); } return Redirect(AppRoute.Root); }
protected override void Test() { Application.Execute((client, context) => { // Arrange. const string Username = "******"; const string Password = "******"; // Save user to database. context.User(Username, Password); var form = new LoginForm { Username = Username, Password = Password }; var view = new CrowbarViewContext("_LoginForm"); view.SetFormsAuthPrincipal("invalid"); // simulate invalid anti-forgery request token. // Act. // Obviously the MVC application should handle this more gracefully, this is just an example. var exception = Assert.Throws<CrowbarException>(() => client.Render(view, form).Submit()); // Assert. Assert.That(exception.InnerException, Is.TypeOf<HttpAntiForgeryException>()); }); }
protected override void Test() { Application.Execute((client, context) => { // Arrange. var form = new LoginForm { Username = "******", Password = "******" }; // Act. var response = client.Render("_LoginForm", form).Submit(); // Assert. response.ShouldHaveTemporarilyRedirectTo("/"); }); }