public void LogOn_Post_ReturnsViewIfValidateUserFails() { // Arrange AccountController controller = GetAccountController(); LogOnModel model = new LogOnModel() { //UserName = "******", Password = "******", //RememberMe = false }; // Act ActionResult result = controller.LogOn(model, null); // Assert Assert.IsInstanceOfType(result, typeof(ViewResult)); ViewResult viewResult = (ViewResult)result; Assert.AreEqual(model, viewResult.ViewData.Model); Assert.AreEqual("The user name or password provided is incorrect.", controller.ModelState[""].Errors[0].ErrorMessage); }
public void LogOn_Post_ReturnsViewIfModelStateIsInvalid() { // Arrange AccountController controller = GetAccountController(); LogOnModel model = new LogOnModel() { //UserName = "******", Password = "******", //RememberMe = false }; controller.ModelState.AddModelError("", "Dummy error message."); // Act ActionResult result = controller.LogOn(model, null); // Assert Assert.IsInstanceOfType(result, typeof(ViewResult)); ViewResult viewResult = (ViewResult)result; Assert.AreEqual(model, viewResult.ViewData.Model); }
public void LogOn_Post_ReturnsRedirectOnSuccess_WithLocalReturnUrl() { // Arrange AccountController controller = GetAccountController(); LogOnModel model = new LogOnModel() { //UserName = "******", Password = "******", //RememberMe = false }; // Act ActionResult result = controller.LogOn(model, "/someUrl"); // Assert Assert.IsInstanceOfType(result, typeof(RedirectResult)); RedirectResult redirectResult = (RedirectResult)result; Assert.AreEqual("/someUrl", redirectResult.Url); Assert.IsTrue(((MockFormsAuthenticationService)controller.FormsService).SignIn_WasCalled); }
public void LogOn_Post_ReturnsRedirectToHomeOnSuccess_WithExternalReturnUrl() { // Arrange AccountController controller = GetAccountController(); LogOnModel model = new LogOnModel() { //UserName = "******", Password = "******", //RememberMe = false }; // Act ActionResult result = controller.LogOn(model, "http://malicious.example.net"); // Assert Assert.IsInstanceOfType(result, typeof(RedirectToRouteResult)); RedirectToRouteResult redirectResult = (RedirectToRouteResult)result; Assert.AreEqual("Home", redirectResult.RouteValues["controller"]); Assert.AreEqual("Index", redirectResult.RouteValues["action"]); Assert.IsTrue(((MockFormsAuthenticationService)controller.FormsService).SignIn_WasCalled); }
public ActionResult LogOn(LogOnModel model, string returnUrl) { //first check to see if this post request is meant for this action, if not, then don't do anything if (Request.Url.ToString().ToLower().Contains(Url.Action("LogOn", "Account").ToLower())) { if (ModelState.IsValid) { if (MembershipService.ValidateUser(model.Email, model.Password)) { FormsService.SignIn(model.Email, true); if (Url.IsLocalUrl(returnUrl)) { return JavaScript("window.location = \"" + returnUrl + "\";"); } else { return JavaScript("window.location.reload();"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } } else { //clear the model state errors for this request since this httppost was meant for another action //e.g. when we post back on 'forgot password', it will also hit this action because the form is also //on the page, but we know the request is not meant for this action so just clear the errors manually //so it doesn't get rendered onto the page ModelState.Clear(); } // If we got this far, something failed, redisplay form return View("_LoginForm", model); }