public void DoesNotSendMessageIfUserIsNotConfirmedOrIfEmailDoesNotMatchUser(int userId, string submittedEmail, bool isConfirmed) { var webSecurity = Substitute.For<IWebSecurityService>(); webSecurity.GetUserId("haacked").Returns(userId); webSecurity.IsConfirmed("haacked").Returns(isConfirmed); var messengerService = Substitute.For<IMessengerService>(); var users = new TestDbSet<User> { new User { Id = 42, Name = "haacked", Email = "*****@*****.**" }, new User() }; var tournamentContext = Substitute.For<ITournamentContext>(); tournamentContext.Users.Returns(users); var accountController = new AccountController(webSecurity, messengerService, tournamentContext); var request = Substitute.For<HttpRequestBase>(); request.Url.Returns(new Uri("http://localhost/")); var httpContext = Substitute.For<HttpContextBase>(); httpContext.Request.Returns(request); accountController.ControllerContext = new ControllerContext(httpContext, new RouteData(), accountController); var forgotPasswordModel = new ForgotPasswordModel { UserName = "******", Email = submittedEmail }; accountController.ForgotPassword(forgotPasswordModel); messengerService.DidNotReceive().Send(Args.String, Args.String, Args.String, Args.String, Args.Boolean); }
public ActionResult ForgotPassword(ForgotPasswordModel model) { var isValid = false; var resetToken = string.Empty; if (ModelState.IsValid) { var userId = webSecurity.GetUserId(model.UserName); var user = tournamentContext.Users.Find(userId); if (user != null && webSecurity.IsConfirmed(model.UserName) && user.Email.Equals(model.Email, StringComparison.OrdinalIgnoreCase)) { resetToken = webSecurity.GeneratePasswordResetToken(model.UserName); isValid = true; } if (isValid) { if (Request.Url != null) { string hostUrl = Request.Url.GetComponents(UriComponents.SchemeAndServer, UriFormat.Unescaped); string resetUrl = hostUrl + VirtualPathUtility.ToAbsolute("~/Account/PasswordReset?resetToken=" + HttpUtility.UrlEncode(resetToken)); var fromAddress = "Your Email Address"; var toAddress = model.Email; var subject = "Password reset request"; var body = string.Format( "Use this password reset token to reset your password. <br/>The token is: {0}<br/>Visit <a href='{1}'>{1}</a> to reset your password.<br/>", resetToken, resetUrl); messengerService.Send(fromAddress, toAddress, subject, body, true); } } return RedirectToAction("ForgotPasswordMessage"); } return View(model); }
public void SendsResetMessageIfUserIsConfirmedAndEmailMatchesUserEmail() { var webSecurity = Substitute.For<IWebSecurityService>(); webSecurity.GetUserId("haacked").Returns(42); webSecurity.IsConfirmed("haacked").Returns(true); var messengerService = Substitute.For<IMessengerService>(); var users = new TestDbSet<User> { new User { Id = 42, Name = "haacked", Email = "*****@*****.**" }, new User() }; var tournamentContext = Substitute.For<ITournamentContext>(); tournamentContext.Users.Returns(users); var accountController = new AccountController(webSecurity, messengerService, tournamentContext); var request = Substitute.For<HttpRequestBase>(); request.Url.Returns(new Uri("http://localhost/")); var httpContext = Substitute.For<HttpContextBase>(); httpContext.Request.Returns(request); accountController.ControllerContext = new ControllerContext(httpContext, new RouteData(), accountController); var forgotPasswordModel = new ForgotPasswordModel { UserName = "******", Email = "*****@*****.**" }; accountController.ForgotPassword(forgotPasswordModel); messengerService.Received().Send(Args.String, Args.String, Args.String, Args.String, Args.Boolean); }