public void ReturnsRedirect_ToConfirmEmail_WithCommandToken()
{
var form = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var commandHandler = new Mock<IHandleCommands<SendConfirmEmailMessageCommand>>
(MockBehavior.Strict);
commandHandler.Setup(m => m.Handle(It.Is(SendCommandBasedOn(form))));
var services = new ForgotPasswordServices(commandHandler.Object);
var controller = new ForgotPasswordController(services);
ReuseMock.TestControllerBuilder(ControllerCustomization.ForUrlHelper)
.InitializeController(controller);
var result = controller.Post(form);
result.ShouldNotBeNull();
result.ShouldBeType<RedirectToRouteResult>();
var routeResult = (RedirectToRouteResult)result;
routeResult.Permanent.ShouldBeFalse();
routeResult.RouteValues["area"].ShouldEqual(MVC.Identity.Name);
routeResult.RouteValues["controller"].ShouldEqual(MVC.Identity.ConfirmEmail.Name);
routeResult.RouteValues["action"].ShouldEqual(MVC.Identity.ConfirmEmail.ActionNames.Get);
routeResult.RouteValues["token"].ShouldEqual(Guid.Empty);
}
public async Task <IActionResult> ForgetPassword([FromBody] ForgotPasswordForm forgotPasswordForm)
{
if (!ModelState.IsValid)
{
return(BadRequest(new
{
errorMessage = ModelState.Values
.SelectMany(x => x.Errors)
.Select(x => x.ErrorMessage)
}));
}
var user = await _userManager.FindByEmailAsync(forgotPasswordForm.Email);
if (user == null)
{
return(BadRequest(new { errorMessage = "Email has not been registered." }));
}
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var encodedToken = HttpUtility.UrlEncode(token);
var resetPasswordLink = String.Format($"{forgotPasswordForm.ResetPasswordLink}?token={encodedToken}&email={user.Email}");
_emailSender.SendPasswordResetEmail(user.FirstName + " " + user.LastName, forgotPasswordForm.Email, resetPasswordLink);
return(Ok());
}
public virtual ActionResult Post(ForgotPasswordForm model)
{
if (model == null)
{
return(HttpNotFound());
}
if (!ModelState.IsValid)
{
return(View(model));
}
// execute command
var command = Mapper.Map <SendConfirmEmailMessageCommand>(model);
command.SendFromUrl = Url.Action(MVC.Identity.ForgotPassword.Get());
_services.CommandHandler.Handle(command);
// flash feedback message
SetFeedbackMessage(string.Format(SuccessMessageFormat, model.EmailAddress));
// redirect to confirm email
return(RedirectToRoute(new
{
area = MVC.Identity.Name,
controller = MVC.Identity.ConfirmEmail.Name,
action = MVC.Identity.ConfirmEmail.ActionNames.Get,
token = command.ConfirmationToken,
}));
}
public ActionResult RequestPassword(LoginPage currentPage)
{
ForgotPasswordForm forgotPasswordForm = new ForgotPasswordForm();
ForgotPasswordViewModel model = new ForgotPasswordViewModel(currentPage);
return(View(model));
}
public virtual ViewResult Get()
{
var model = new ForgotPasswordForm
{
EmailAddress = HttpContext.SigningEmailAddressCookie() ??
TempData.SigningEmailAddress(),
};
return View(model);
}
public void IgnoresConfirmationToken()
{
var model = new ForgotPasswordForm();
var command = Mapper.Map<SendConfirmEmailMessageCommand>(model);
command.ShouldNotBeNull();
command.ConfirmationToken.ShouldEqual(Guid.Empty);
}
public void MapsIntent_UsingValue_EmailConfirmationIntent_ResetPassword()
{
var model = new ForgotPasswordForm();
var command = Mapper.Map<SendConfirmEmailMessageCommand>(model);
command.ShouldNotBeNull();
command.Intent.ShouldEqual(EmailConfirmationIntent.ResetPassword);
}
public virtual ViewResult Get()
{
var model = new ForgotPasswordForm
{
EmailAddress = HttpContext.SigningEmailAddressCookie() ??
TempData.SigningEmailAddress(),
};
return(View(model));
}
public void MapsEmailAddress()
{
const string value = "*****@*****.**";
var model = new ForgotPasswordForm { EmailAddress = value };
var command = Mapper.Map<SendConfirmEmailMessageCommand>(model);
command.ShouldNotBeNull();
command.EmailAddress.ShouldNotBeNull();
command.EmailAddress.ShouldEqual(model.EmailAddress);
}
private void forgotPasswordLinkLabel_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
if (signingIn)
{
return;
}
ForgotPasswordForm forgotPasswordForm = new ForgotPasswordForm();
forgotPasswordForm.ShowDialog();
forgotPasswordForm.Dispose();
}
public ActionResult ForgotPassword(ForgotPasswordForm form)
{
if (ModelState.IsValid)
{
var accounts = AccountDbContext.getInstance().findAccountsByEmail(form.email);
foreach (Account acc in accounts)
{
EmailHelper.SendEmailToSuperadminAccountsOnPasswordForget(acc);
}
return(RedirectToAction("ForgotPasswordConfirm"));
}
return(View());
}
private bool SendForgotPasswordEmail(ForgotPasswordForm forgotPasswordForm, LoginPage currentPage)
{
var passwordService = ServiceLocator.Current.GetInstance <IResetPasswordService>();
var emailService = ServiceLocator.Current.GetInstance <IEmailService>();
string token = passwordService.GenerateResetHash(forgotPasswordForm.Mail);
return(emailService.SendResetPasswordEmail(forgotPasswordForm.Mail,
currentPage.RequestPasswordSubject,
currentPage.RequestPasswordExisting.ToString(),
token,
GetNewPasswordUrl(token)));
}
public void IsInvalidWhen_IsNull()
{
var validated = new ForgotPasswordForm();
var validator = new ForgotPasswordValidator(null, null);
var results = validator.Validate(validated);
results.IsValid.ShouldBeFalse();
results.Errors.Count.ShouldBeInRange(1, int.MaxValue);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldNotBeNull();
// ReSharper disable PossibleNullReferenceException
error.ErrorMessage.ShouldEqual(
ForgotPasswordValidator.FailedBecauseEmailAddressWasEmpty);
// ReSharper restore PossibleNullReferenceException
}
public ActionResult ForgotPassword(ForgotPasswordForm form)
{
if (Request.Url == null)
{
throw new Exception("Request URL could not be identified");
}
if (ModelState.IsValid)
{
var baseUrl = Request.Url.GetLeftPart(UriPartial.Authority);
_userService.SendResetPasswordLink(form.UserName, baseUrl);
return(RedirectToAction("ForgotPasswordEmailSent"));
}
return(View(form));
}
public ActionResult <object> ChangePasswordByToken([FromBody] ForgotPasswordForm form)
{
try
{
Init();
var ischanged = _authService.ChangePasswordForgot(form.ForgotPasswordToken, form.NewPassword, form.ConfirmPassword, ref _sbError);
if (ischanged)
{
return(Ok());
}
return(BadRequest(_sbError.ToString()));
}
catch (Exception er)
{
return(BadRequest("Error message"));
}
}
public async Task <IHttpActionResult> ForgotSend([FromBody] ForgotPasswordForm forgotPwdForm)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.WithoutFormName()));
}
/*
* if (!Captcha.VerifyResponse(forgotPwdForm.Captcha))
* {
* return BadRequest("Captcha validation fail.");
* }
*/
ApplicationUser user = await UserManager.FindByEmailAsync(forgotPwdForm.Email);
if (user != null)
{
string changeToken = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
try
{
//Read the layout file
string mailBody = File.ReadAllText(HostingEnvironment.MapPath(@"~/EMailLayouts/UserProfile/_ForgotPassword.cshtml"));
string NNWebsiteURL = ConfigurationManager.AppSettings["NNWebsiteURL"].ToString();
//Replace tokens
mailBody = mailBody.Replace("!NN_WSLINK!", NNWebsiteURL);
mailBody = mailBody.Replace("!NN_TOPIMAGE!", NNWebsiteURL + "/Content/Images/tpc-logo.png");
mailBody = mailBody.Replace("!CONFIRM_LINK!", NNWebsiteURL + "/resetpassword/" + Convert.ToBase64String(Encoding.Default.GetBytes(changeToken)));
mailBody = mailBody.Replace("!NN_MAILTO!", "*****@*****.**");
mailBody = mailBody.Replace("!NN_CONTACT_LINK!", NNWebsiteURL + "/contact");
//Sending Confirmation E-Mail
NNSMTPSender.Instance.SendMail(mailBody, "Forgot Password Request", user.Email, "", true);
}
catch (Exception error)
{
return(BadRequest());
}
}
return(Ok());
}
public ActionResult RequestPassword(LoginPage currentPage, ForgotPasswordForm forgotPasswordForm)
{
string username = Membership.GetUserNameByEmail(forgotPasswordForm.Mail);
if (string.IsNullOrEmpty(username))
{
ModelState.AddModelError("ForgotPasswordForm.Mail", _localizationService.GetString("/common/account/nonexisting_account"));
}
if (!ModelState.IsValid)
{
return(RequestPassword(currentPage));
}
LoginViewModel model = new LoginViewModel(currentPage);
var result = SendForgotPasswordEmail(forgotPasswordForm, currentPage);
return(View("SentForgotPassword", model));
}
public void ExecutesCommand_WhenAction_IsValid()
{
var form = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var commandHandler = new Mock<IHandleCommands<SendConfirmEmailMessageCommand>>
(MockBehavior.Strict);
commandHandler.Setup(m => m.Handle(It.Is(SendCommandBasedOn(form))));
var services = new ForgotPasswordServices(commandHandler.Object);
var controller = new ForgotPasswordController(services);
ReuseMock.TestControllerBuilder(ControllerCustomization.ForUrlHelper)
.InitializeController(controller);
controller.Post(form);
commandHandler.Verify(m =>
m.Handle(It.Is(SendCommandBasedOn(form))),
Times.Once());
}
public void ReturnView_WhenModelState_IsInvalid()
{
var form = new ForgotPasswordForm
{
EmailAddress = "wrong",
};
var controller = new ForgotPasswordController(null);
controller.ModelState.AddModelError("error", string.Empty);
var result = controller.Post(form);
result.ShouldNotBeNull();
result.ShouldBeType<ViewResult>();
var viewResult = (ViewResult)result;
viewResult.Model.ShouldNotBeNull();
viewResult.Model.ShouldBeType<ForgotPasswordForm>();
var model = (ForgotPasswordForm)viewResult.Model;
model.ShouldEqual(form);
model.EmailAddress.ShouldEqual(form.EmailAddress);
}
public virtual ActionResult Post(ForgotPasswordForm model)
{
if (model == null) return HttpNotFound();
if (!ModelState.IsValid) return View(model);
// execute command
var command = Mapper.Map<SendConfirmEmailMessageCommand>(model);
command.SendFromUrl = Url.Action(MVC.Identity.ForgotPassword.Get());
_services.CommandHandler.Handle(command);
// flash feedback message
SetFeedbackMessage(string.Format(SuccessMessageFormat, model.EmailAddress));
// redirect to confirm email
return RedirectToRoute(new
{
area = MVC.Identity.Name,
controller = MVC.Identity.ConfirmEmail.Name,
action = MVC.Identity.ConfirmEmail.ActionNames.Get,
token = command.ConfirmationToken,
});
}
public void FlashesSuccessMessage_UsingModelProperty_EmailAddress()
{
var form = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var commandHandler = new Mock<IHandleCommands<SendConfirmEmailMessageCommand>>
(MockBehavior.Strict);
commandHandler.Setup(m => m.Handle(It.Is(SendCommandBasedOn(form))));
var services = new ForgotPasswordServices(commandHandler.Object);
var controller = new ForgotPasswordController(services);
ReuseMock.TestControllerBuilder(ControllerCustomization.ForUrlHelper)
.InitializeController(controller);
controller.Post(form);
controller.TempData.ShouldNotBeNull();
var message = controller.TempData.FeedbackMessage();
message.ShouldNotBeNull();
message.ShouldEqual(string.Format(
ForgotPasswordController.SuccessMessageFormat,
form.EmailAddress));
}
private static Expression<Func<SendConfirmEmailMessageCommand, bool>> SendCommandBasedOn(ForgotPasswordForm model)
{
return q => q.EmailAddress == model.EmailAddress && q.Intent == EmailConfirmationIntent.ResetPassword;
}
public void IsInvalidWhen_MatchesPerson_WithSamlUser()
{
var validated = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var person = new Person
{
User = new User
{
EduPersonTargetedId = "something",
},
Emails = new[] { new EmailAddress { Value = validated.EmailAddress, }, },
};
var establishment = new Establishment
{
IsMember = true,
EmailDomains = new[] { new EstablishmentEmailDomain { Value = "@domain.tld" }, },
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<Establishment>()).Returns(new[] { establishment }.AsQueryable);
entities.Setup(m => m.Query<Person>()).Returns(new[] { person }.AsQueryable);
var validator = new ForgotPasswordValidator(entities.Object, null);
var results = validator.Validate(validated);
results.IsValid.ShouldBeFalse();
results.Errors.Count.ShouldBeInRange(1, int.MaxValue);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldNotBeNull();
// ReSharper disable PossibleNullReferenceException
error.ErrorMessage.ShouldEqual(string.Format(
ForgotPasswordValidator.FailedBecauseEduPersonTargetedIdWasNotEmpty,
validated.EmailAddress.GetEmailDomain()));
// ReSharper restore PossibleNullReferenceException
}
public void IsInvalidWhen_MatchesUnconfirmedEmailAddress()
{
var validated = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var person = new Person
{
User = new User
{
Name = "*****@*****.**",
},
Emails = new[]
{
new EmailAddress
{
Value = validated.EmailAddress,
},
},
};
var establishment = new Establishment
{
IsMember = true,
EmailDomains = new[] { new EstablishmentEmailDomain { Value = "@domain.tld" }, },
};
var passwords = new Mock<IStorePasswords>(MockBehavior.Strict);
passwords.Setup(m => m
.Exists(It.Is(IsSignedUpBasedOn(person))))
.Returns(true);
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<Establishment>()).Returns(new[] { establishment }.AsQueryable);
entities.Setup(m => m.Query<Person>()).Returns(new[] { person }.AsQueryable);
var validator = new ForgotPasswordValidator(entities.Object, passwords.Object);
var results = validator.Validate(validated);
results.IsValid.ShouldBeFalse();
results.Errors.Count.ShouldBeInRange(1, int.MaxValue);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldNotBeNull();
// ReSharper disable PossibleNullReferenceException
error.ErrorMessage.ShouldEqual(string.Format(
ValidateEmailAddress.FailedBecauseIsNotConfirmed,
validated.EmailAddress));
// ReSharper restore PossibleNullReferenceException
}
public void IsValidWhen_MatchesPerson_WithNonSamlLocalUser_AndConfirmedEmailAddress()
{
var validated = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var person = new Person
{
User = new User
{
Name = "*****@*****.**",
},
Emails = new[]
{
new EmailAddress
{
Value = validated.EmailAddress,
IsConfirmed = true,
},
},
};
var establishment = new Establishment
{
IsMember = true,
EmailDomains = new[] { new EstablishmentEmailDomain { Value = "@domain.tld" }, },
};
var passwords = new Mock<IStorePasswords>(MockBehavior.Strict);
passwords.Setup(m => m
.Exists(It.Is(IsSignedUpBasedOn(person))))
.Returns(true);
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<Establishment>()).Returns(new[] { establishment }.AsQueryable);
entities.Setup(m => m.Query<Person>()).Returns(new[] { person }.AsQueryable);
var validator = new ForgotPasswordValidator(entities.Object, passwords.Object);
var results = validator.Validate(validated);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldBeNull();
}
public virtual JsonResult ValidateEmailAddress(
[CustomizeValidator(Properties = ForgotPasswordForm.EmailAddressPropertyName)] ForgotPasswordForm model)
{
return(ValidateRemote(ForgotPasswordForm.EmailAddressPropertyName));
}
public void HasPublicSetter()
{
var obj = new ForgotPasswordForm
{
ReturnUrl = "/path/to/resource"
};
obj.ShouldNotBeNull();
}
public void Implements_IReturnUrl()
{
var model = new ForgotPasswordForm();
model.ShouldImplement<IReturnUrl>();
}
public void IsInvalidWhen_MatchesNoPerson()
{
var validated = new ForgotPasswordForm
{
EmailAddress = "*****@*****.**",
};
var establishment = new Establishment
{
IsMember = true,
};
var entities = new Mock<IQueryEntities>(MockBehavior.Strict).Initialize();
entities.Setup(m => m.Query<Establishment>()).Returns(new[] { establishment }.AsQueryable);
entities.Setup(m => m.Query<Person>()).Returns(new Person[] { }.AsQueryable);
var validator = new ForgotPasswordValidator(entities.Object, null);
var results = validator.Validate(validated);
results.IsValid.ShouldBeFalse();
results.Errors.Count.ShouldBeInRange(1, int.MaxValue);
var error = results.Errors.SingleOrDefault(e => e.PropertyName == PropertyName);
error.ShouldNotBeNull();
// ReSharper disable PossibleNullReferenceException
error.ErrorMessage.ShouldEqual(string.Format(
ForgotPasswordValidator.FailedBecauseUserNameMatchedNoLocalMember,
validated.EmailAddress));
// ReSharper restore PossibleNullReferenceException
}
