public void Should_delete_credentials()
{
const string username1 = "*****@*****.**";
const string username2 = "*****@*****.**";
const string password = "******";
var identity = _identityDirectory.CreateIdentity();
_identityStore.AddCredentials(identity, username1, password);
_identityStore.AddCredentials(identity, username2, password, false, new[] { "contacts" });
var credential = _identityStore.GetUsernameCredential(username2);
_identityStore.DeleteCredential(credential);
var credentials = _identityStore.GetCredentials(identity).ToList();
var credential1 = credentials.FirstOrDefault(c => c.Username == username1);
var credential2 = credentials.FirstOrDefault(c => c.Username == username2);
Assert.AreEqual(1, credentials.Count());
Assert.IsNotNull(credential1);
Assert.IsNull(credential2);
}
private void ResetPassword(IOwinContext context, Identification identification)
{
var form = context.Request.ReadFormAsync().Result;
var userName = form["username"];
var resetToken = form["reset-token"];
var newPassword = form["new-password"];
var failed = false;
if (resetToken == null)
{
SetOutcome(context, identification, "No password reset token provided");
failed = true;
}
else if (userName == null)
{
SetOutcome(context, identification, "No username provided");
failed = true;
}
else if (newPassword == null)
{
SetOutcome(context, identification, "No new password provided");
failed = true;
}
ICredential credential = null;
if (!failed)
{
credential = _identityStore.GetUsernameCredential(userName);
if (credential == null)
{
SetOutcome(context, identification, "Invalid username provided");
failed = true;
}
}
if (!failed)
{
var token = _tokenStore.GetToken("passwordReset", resetToken, "ResetPassword", userName);
if (token.Status == TokenStatus.Allowed)
{
try
{
if (_identityStore.ChangePassword(credential, form["new-password"]))
{
SetOutcome(context, identification, "Password succesfully reset");
identification.Identity = credential.Identity;
identification.Claims = _identityDirectory.GetClaims(credential.Identity);
context.Response.Cookies.Append(IdentityCookie, credential.Identity);
context.Response.Cookies.Delete(RememberMeCookie);
context.Response.Redirect(SecureHomePage);
}
else
{
SetOutcome(context, identification, "Password reset failed");
}
}
catch (InvalidPasswordException e)
{
SetOutcome(context, identification,
"Invalid password. " + e.Message
+ ". You will need to get a new password reset token to try again.");
}
}
else
{
SetOutcome(context, identification, "This password reset token has been used before");
}
}
GoHome(context, identification);
}
