private static Result ValidateIfUserDisabled(ApplicationUser user) { return(!user.Disabled ? Result.Success() : Result.Failure(LoginUserErrors.UserIsDisabled())); }
public async Task <IActionResult> Login(LoginViewModel viewModel) { if (viewModel is null) { throw new ArgumentNullException(nameof(viewModel)); } var returnUri = viewModel.ReturnUrl; if (returnUri is null) { return(RedirectToPublicBrowseLogin()); } var signInResult = await loginService.SignInAsync(viewModel.EmailAddress, viewModel.Password, returnUri); LoginViewModel NewLoginViewModel() => new() { ReturnUrl = viewModel.ReturnUrl, EmailAddress = signInResult.Value?.LoginHint }; if (!ModelState.IsValid) { return(View(NewLoginViewModel())); } if (!signInResult.IsSuccess) { var signInErrors = signInResult.Errors; if (signInErrors.Contains(LoginUserErrors.UserNameOrPasswordIncorrect())) { ModelState.Remove(nameof(LoginViewModel.Password)); ModelState.AddModelError(nameof(LoginViewModel.EmailAddress), SignInErrorMessage); ModelState.AddModelError(nameof(LoginViewModel.Password), SignInErrorMessage); } if (!signInErrors.Contains(LoginUserErrors.UserIsDisabled())) { return(View(NewLoginViewModel())); } var disabledErrorFormat = string.Format( CultureInfo.CurrentCulture, UserDisabledErrorMessageTemplate, disabledErrorMessageSettings.EmailAddress, disabledErrorMessageSettings.PhoneNumber); ModelState.AddModelError(nameof(LoginViewModel.DisabledError), disabledErrorFormat); return(View(NewLoginViewModel())); } var returnUrl = returnUri.ToString(); // We can trust viewModel.ReturnUrl since GetAuthorizationContextAsync returned non-null if (signInResult.Value.IsTrustedReturnUrl) { return(Redirect(returnUrl)); } return(LocalRedirect(returnUrl)); }
public async Task Login_LoginViewModel_FailedSignIn_AddsDisabledValidationError() { const string email = "*****@*****.**"; const string phoneNumber = "012345678901"; var disabledSetting = new DisabledErrorMessageSettings() { EmailAddress = email, PhoneNumber = phoneNumber }; using var controller = AccountControllerBuilder .Create() .WithSignInResult(Result.Failure <SignInResponse>(new List <ErrorDetails> { LoginUserErrors.UserIsDisabled() })) .WithDisabledErrorMessageSetting(disabledSetting) .Build(); await controller.Login(LoginViewModelBuilder.Create().Build()); var modelState = controller.ModelState; modelState.IsValid.Should().BeFalse(); modelState.Count.Should().Be(1); (string key, ModelStateEntry entry) = modelState.First(); key.Should().Be(nameof(LoginViewModel.DisabledError)); entry.Errors.Count.Should().Be(1); var expected = string.Format(CultureInfo.CurrentCulture, AccountController.UserDisabledErrorMessageTemplate, email, phoneNumber); entry.Errors.First().ErrorMessage.Should().Be(expected); }