public void mapUserRoles() { TMConfig.Current = null; HttpContextFactory._context = null; var tmAuthentication = new TM_Authentication(null); Assert.AreEqual(tmAuthentication, tmAuthentication.mapUserRoles(false) , "This should not thrown an exception"); }
public TM_WebServices(bool disable_Csrf_Check) { tmXmlDatabase = TM_Xml_Database.Current; userData = tmXmlDatabase.userData(); tmAuthentication = new TM_Authentication(this).mapUserRoles(disable_Csrf_Check); GZip.setGZipCompression_forAjaxRequests(); }
public TM_WebServices(bool disable_Csrf_Check) { tmXmlDatabase = TM_Xml_Database.Current; userData = tmXmlDatabase .userData(); tmAuthentication = new TM_Authentication(this).mapUserRoles(disable_Csrf_Check); GZip.setGZipCompression_forAjaxRequests(); }
public void authToken() { HttpContextFactory.Context.mock(); var request = HttpContextFactory.Request; var tmAuthentication = new TM_Authentication(null); Assert.AreEqual(Guid.Empty,tmAuthentication.authToken); Assert.IsNull(request.QueryString[authVar]); //test with an random string request.QueryString[authVar] = 10.randomLetters(); Assert.IsNotNull(request.QueryString[authVar]); Assert.AreEqual (Guid.Empty,tmAuthentication.authToken); //test with an random GUID request.QueryString[authVar] = Guid.NewGuid().str(); Assert.IsNotNull (request.QueryString[authVar]); Assert.AreNotEqual(Guid.Empty,tmAuthentication.authToken); }
public void TM_Authentication_mapUserRoles() { HttpContextFactory.Context.mock(); var tmAuthentication = new TM_Authentication(null); Assert.NotNull (tmAuthentication.sessionID); Assert.AreEqual(tmAuthentication.sessionID,Guid.Empty); Assert.IsFalse(tmConfig.WindowsAuthentication.Enabled); tmConfig.WindowsAuthentication.Enabled = true; var identity = tmAuthentication.Current_WindowsIdentity; changeIndentityToBeImpersonation(identity); tmAuthentication.mapUserRoles(); var tmUser_fromSession = tmAuthentication.sessionID.session_TmUser(); Assert.AreNotEqual(tmAuthentication.sessionID,Guid.Empty); // sessionID should be set Assert.IsTrue (tmAuthentication.sessionID.validSession()); Assert.IsNotNull (tmUser_fromSession); Assert.AreEqual (tmUser_fromSession.UserName,identity.Name); tmConfig.WindowsAuthentication.Enabled = false; }
public static bool setCurrentUserPassword(this TM_UserData userData, TM_Authentication tmAuthentication, string currentPassword, string newPassword) { var tmUser = tmAuthentication.currentUser; if (tmUser.notNull()) { if (tmUser.SecretData.PasswordHash == tmUser.createPasswordHash(currentPassword)) { var newPasswordHash = tmUser.createPasswordHash(newPassword); if (newPasswordHash != tmUser.SecretData.PasswordHash) { tmUser.SecretData.PasswordHash = tmUser.createPasswordHash(newPassword); tmUser.saveTmUser(); return true; } } } return false; }
public static bool setCurrentUserPassword(this TM_UserData userData, TM_Authentication tmAuthentication, string currentPassword, string newPassword) { var tmUser = tmAuthentication.currentUser; if (tmUser.notNull()) { if (tmUser.SecretData.PasswordHash == tmUser.createPasswordHash(currentPassword)) { var newPasswordHash = tmUser.createPasswordHash(newPassword); if (newPasswordHash != tmUser.SecretData.PasswordHash) { tmUser.SecretData.PasswordHash = tmUser.createPasswordHash(newPassword); tmUser.saveTmUser(); return(true); } } } return(false); }
public Test_TM_Authentication() { tmAuthentication= tmWebServices.tmAuthentication; Assert.IsFalse(tmConfig.WindowsAuthentication.Enabled); Assert.NotNull(tmAuthentication); }
public static bool setCurrentUserPassword(this TM_UserData userData, TM_Authentication tmAuthentication, string currentPassword, string newPassword) { var tmUser = tmAuthentication.currentUser; if (tmUser.notNull()) { if (tmUser.SecretData.PasswordHash == tmUser.createPasswordHash(currentPassword)) // check if current password matches provided value { var newPasswordHash = tmUser.createPasswordHash(newPassword); if (newPasswordHash != tmUser.SecretData.PasswordHash) // check that password are not repeated { tmUser.logUserActivity("User Password Change", "With previous password provided"); return(tmUser.setPasswordHash(newPasswordHash)); } } } return(false); }
public void TM_Authentication_mapUserRoles() { HttpContextFactory.Context.mock(); var request = HttpContextFactory.Request; var tmAuthentication = new TM_Authentication(null); Assert.NotNull (tmAuthentication.sessionID); Assert.AreEqual(tmAuthentication.sessionID,Guid.Empty); Assert.IsNull (request[authVar]); tmAuthentication.mapUserRoles(); Assert.AreEqual(tmAuthentication.sessionID,Guid.Empty); request.QueryString[authVar] = user_AuthToken.Token.str(); Assert.IsNotNull (request[authVar]); tmAuthentication.mapUserRoles(); Assert.AreNotEqual(tmAuthentication.sessionID,Guid.Empty); Assert.IsTrue (tmAuthentication.sessionID.validSession()); Assert.AreEqual (tmAuthentication.sessionID.session_TmUser(), tmUser); }
public void Login_Using_Pwd_and_Login_Using_AuthToken() { HttpContextFactory.Context.mock(); //Create user and login using its username and pwd var username = 10.randomLetters(); var password = "******".add_RandomLetters(10); var userId = userData.newUser(username,password); var loginId = userData.login(username, password); var tmAuthentication = new TM_Authentication(null); Assert.Less (0, userId); Assert.AreNotEqual(Guid.Empty, loginId); Assert.AreEqual (Guid.Empty, tmAuthentication.sessionID); //set current sessionId to user created above tmAuthentication.sessionID = loginId; Assert.AreEqual(tmAuthentication.sessionID, loginId); Assert.AreEqual(tmAuthentication.sessionID.session_TmUser().UserID , userId); Assert.AreEqual(tmAuthentication.sessionID.session_TmUser().UserName , username); //set authVar to user_AuthToken and simulate the login process HttpContextFactory.Request.QueryString[authVar] = user_AuthToken.Token.str(); tmAuthentication.mapUserRoles(); //the sessionId should now be mapped to tmUser and not to the user created above var sessionId = tmAuthentication.sessionID; Assert.AreNotEqual(sessionId, loginId); Assert.AreEqual (tmAuthentication.sessionID.session_TmUser().UserName , tmUser.UserName); //another request to tmAuthentication.mapUserRoles(); should not change session or login the user again tmAuthentication.mapUserRoles(); Assert.AreEqual (sessionId, tmAuthentication.sessionID); }