public ActionResult unapprove(Guid id)
{
MongoMembershipProvider provider = Membership.Provider as MongoMembershipProvider;
provider?.ChangeApproval(id, false);
return(RedirectToAction("Index"));
}
protected static void AddUser(MongoMembershipProvider membershipProvider, string username)
{
MembershipCreateStatus status;
membershipProvider.CreateUser(username, "password123", username + "@em.ail", null, null, true, "Id-" + username, out status);
status.ShouldEqual(MembershipCreateStatus.Success);
}
public void ChangeAppNameTest()
{
var mongoProvider = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresUniqueEmail", "false"},
{"passwordStrengthRegularExpression", "bar.*"},
{"passwordFormat", "Clear"}
};
mongoProvider.Initialize(null, config);
MembershipCreateStatus status;
mongoProvider.CreateUser("foo", "bar!bar", "*****@*****.**", null, null, true, null, out status);
Assert.AreEqual(MembershipCreateStatus.Success, status);
var provider2 = new MongoMembershipProvider();
NameValueCollection config2 = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresUniqueEmail", "false"},
{"applicationName", "/myapp"},
{"passwordStrengthRegularExpression", "foo.*"},
{"passwordFormat", "Clear"}
};
provider2.Initialize(null, config2);
provider2.CreateUser("foo2", "foo!foo", "*****@*****.**", null, null, true, null, out status);
Assert.AreEqual(MembershipCreateStatus.Success, status);
mongoProvider.ApplicationName = "/myapp";
Assert.IsFalse(mongoProvider.ValidateUser("foo", "bar!bar"));
Assert.IsTrue(mongoProvider.ValidateUser("foo2", "foo!foo"));
}
public ActionResult unlock(Guid id)
{
MongoMembershipProvider provider = Membership.Provider as MongoMembershipProvider;
provider?.ChangeLockStatus(id, false);
return(RedirectToAction("Index"));
}
public async Task <ActionResult> Validate(Guid id, string hash)
{
MongoMembershipProvider provider = (MongoMembershipProvider)Membership.Provider;
bool success = await provider.ValidateUserFromHash(id, hash);
return(View(success
? "validate-success"
: "validate-failure"));
}
public async Task <ActionResult> Register(RegistrationUser ru)
{
if (ModelState.IsValid)
{
MembershipUser mu = Membership.CreateUser(ru.UserName, ru.Password, ru.EmailAddress, "{IGNORE}", "{IGNORE}", false, out MembershipCreateStatus status);
switch (status)
{
case MembershipCreateStatus.Success:
{
Roles.AddUserToRole(mu.UserName, "Users");
MongoMembershipProvider provider = (MongoMembershipProvider)Membership.Provider;
Guid id = (Guid)mu.ProviderUserKey;
string hash = (await provider.GenerateValidationHash(id)).ToLower();
string fullUrl = Request.Url?.GetLeftPart(UriPartial.Authority) + Url.Action("Validate",
"Account",
new
{
id,
hash
});
await EmailManager.SendRegistrationEmail(mu, fullUrl);
return(RedirectToAction(nameof(RegisterThanks)));
}
case MembershipCreateStatus.InvalidPassword:
ViewData["ErrorMessage"] = VariantTerms.Support_Error_InvalidPassword;
break;
case MembershipCreateStatus.DuplicateEmail:
ViewData["ErrorMessage"] = VariantTerms.Support_Error_DuplicateEmail;
break;
case MembershipCreateStatus.DuplicateUserName:
ViewData["ErrorMessage"] = VariantTerms.Support_Error_DuplicateUserName;
break;
default:
ViewData["ErrorMessage"] = VariantTerms.Support_Error_UnknownError;
break;
}
}
return(View(ru));
}
public LoginResponse Login(string userName, string password)
{
//chech user premissoins.
MongoMembershipProvider mp = new MongoMembershipProvider();
if (mp.ValidateUser(userName, password))
{
var sc = new SessionContext()
{
SessionId = Guid.NewGuid().ToString(), UserId = userName, LastActivity = DateTime.Now
};
Sessions.Add(sc);
return(new LoginResponse()
{
SessionId = sc.SessionId
});
}
return(new LoginResponse()
{
ErrorMessage = "Incorrect login / password"
});
}
public void CrossAppLoginTest()
{
var mongoProvider = new MongoMembershipProvider();
NameValueCollection config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"passwordStrengthRegularExpression", "bar.*"},
{"passwordFormat", "Clear"}
};
mongoProvider.Initialize(null, config);
MembershipCreateStatus status;
mongoProvider.CreateUser("foo", "bar!bar", null, null, null, true, null, out status);
var mongoProvider2 = new MongoMembershipProvider(); ;
NameValueCollection config2 = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"passwordStrengthRegularExpression", ".*"},
{"passwordFormat", "Clear"}
};
mongoProvider2.Initialize(null, config2);
bool worked = mongoProvider2.ValidateUser("foo", "bar!bar");
Assert.AreEqual(false, worked);
this.MongoDatabase.DropCollection(mongoProvider2.UserCollectionName);
}
public void ResetPasswordTest()
{
var mongoProvider = new MongoMembershipProvider();
NameValueCollection config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"passwordStrengthRegularExpression", "bar.*"},
{"passwordFormat", "Clear"},
{"requiresQuestionAndAnswer", "false"}
};
mongoProvider.Initialize(null, config);
MembershipCreateStatus status;
mongoProvider.CreateUser("foo", "bar!bar", "*****@*****.**", null, null, true, null, out status);
MembershipUser u = mongoProvider.GetUser("foo", false);
string newpw = mongoProvider.ResetPassword("foo", null);
newpw.Should().NotBeBlank();
}
public void MinRequiredAlphaTest()
{
var mongoProvider = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"minRequiredNonalphanumericCharacters", "3"}
};
mongoProvider.Initialize(null, config);
MembershipCreateStatus status;
MembershipUser user = mongoProvider.CreateUser("foo", "pw!pass", "email", null, null, true, null, out status);
Assert.IsNull(user);
Assert.AreEqual(MembershipCreateStatus.InvalidPassword, status);
user = mongoProvider.CreateUser("foo", "pw!pa!!", "email", null, null, true, null, out status);
Assert.IsNotNull(user);
Assert.AreEqual(MembershipCreateStatus.Success, status);
}
public void Init()
{
this.provider = (MongoMembershipProvider)Membership.Provider;
}
public void GetPasswordWithWrongAnswerTest()
{
MembershipCreateStatus status;
var provider1 = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresQuestionAndAnswer", "true"},
{"enablePasswordRetrieval", "true"},
{"passwordFormat", "Encrypted"}
};
provider1.Initialize(null, config);
provider1.CreateUser("foo", "barbar!", "*****@*****.**", "color", "blue", true, null, out status);
var provider2 = new MongoMembershipProvider();
NameValueCollection config2 = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresQuestionAndAnswer", "true"},
{"enablePasswordRetrieval", "true"},
{"passwordFormat", "Encrypted"}
};
provider2.Initialize(null, config2);
try
{
string pw = provider2.GetPassword("foo", "wrong");
Assert.Fail("Should have failed");
}
catch (MembershipPasswordException)
{
}
}
public void GetPasswordWithNullValuesTest()
{
MembershipCreateStatus status;
var mongoProvider = new MongoMembershipProvider();
NameValueCollection config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresQuestionAndAnswer", "false"},
{"enablePasswordRetrieval", "true"},
{"passwordFormat", MembershipPasswordFormat.Clear.ToString()}
};
mongoProvider.Initialize(null, config);
MembershipUser user = mongoProvider.CreateUser("foo", "barbar!", "*****@*****.**", null, null, true, null, out status);
Assert.IsNotNull(user);
string pw = mongoProvider.GetPassword("foo", null);
Assert.AreEqual("barbar!", pw);
}
public void CreateUserWithNoQATest()
{
MembershipCreateStatus status;
var mongoProvider = new MongoMembershipProvider();
NameValueCollection config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresQuestionAndAnswer", bool.TrueString},
{"passwordFormat", MembershipPasswordFormat.Clear.ToString()}
};
mongoProvider.Initialize(null, config);
mongoProvider.CreateUser("foo", "barbar!", "*****@*****.**", "color", null, true, null, out status);
Assert.AreEqual(MembershipCreateStatus.InvalidAnswer, status);
mongoProvider.CreateUser("foo", "barbar!", "*****@*****.**", "", "blue", true, null, out status);
Assert.AreEqual(MembershipCreateStatus.InvalidQuestion, status);
}
public void CreateUserWithFormat(MembershipPasswordFormat format)
{
var mongoProvider = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"passwordFormat", format.ToString()}
};
mongoProvider.Initialize("MongoMembershipProvider", config);
// create the user
MembershipCreateStatus status;
var user = mongoProvider.CreateUser("foo", "barbar!", "*****@*****.**", null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.Success);
user.Should().NotBeNull();
// verify that the password format was saved
var collection = this.MongoDatabase.GetCollection<User>(mongoProvider.UserCollectionName);
var userFromDB = collection.FindOneById(BsonValue.Create(user.ProviderUserKey));
userFromDB.PasswordFormat.Should().Be(format);
// then attempt to verify the user
mongoProvider.ValidateUser("foo", "barbar!").Should().BeTrue();
}
public void CreateUserWithErrorsTest()
{
var mongoProvider = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"passwordStrengthRegularExpression", "bar.*"},
{"passwordFormat", MembershipPasswordFormat.Hashed.ToString()}
};
mongoProvider.Initialize("MongoMembershipProvider", config);
// first try to create a user with a password not long enough
MembershipCreateStatus status;
MembershipUser user = provider.CreateUser("foo", "xyz", "*****@*****.**", null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.InvalidPassword);
user.Should().BeNull();
// now with not enough non-alphas
user = provider.CreateUser("foo", "xyz1234", "*****@*****.**", null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.InvalidPassword);
user.Should().BeNull();
// now one that doesn't pass the regex test
user = provider.CreateUser("foo", "xyzxyz!", "*****@*****.**", null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.InvalidPassword);
user.Should().BeNull();
// now one that works
user = provider.CreateUser("foo", "barbar!", "*****@*****.**", null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.Success);
user.Should().NotBeNull();
}
public void CreateUserWithCustomInvalidCharactersTest(string invalidUserChars, string invalidEmailChars)
{
var mongoProvider = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"passwordStrengthRegularExpression", "bar.*"},
{"passwordFormat", MembershipPasswordFormat.Hashed.ToString()},
{"invalidUsernameCharacters", invalidUserChars},
{"invalidEmailCharacters", invalidEmailChars}
};
mongoProvider.Initialize("MongoMembershipProvider", config);
// Username
MembershipCreateStatus status;
var username = "******";
foreach (var c in invalidUserChars.Split())
{
MembershipUser user = mongoProvider.CreateUser(string.Format(username, c), "barbar!", "*****@*****.**", null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.InvalidUserName);
user.Should().BeNull();
}
// Email
var email = "foo{0}@bar.com";
foreach (var c in invalidEmailChars.Split())
{
MembershipUser user = provider.CreateUser("foo", "barbar!", string.Format(email, c), null, null, true, null, out status);
status.Should().Be(MembershipCreateStatus.InvalidEmail);
user.Should().BeNull();
}
}
public void IsUserInRoleCrossDomain()
{
Membership.CreateUser("foo", "bar!bar", "*****@*****.**");
var mongoMembershipProvider = new MongoMembershipProvider();
var mongoMembershipProviderConfig = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"applicationName", "app2"},
};
mongoMembershipProvider.Initialize("MongoMembershipProvider", mongoMembershipProviderConfig);
var roleProvider = new MongoRoleProvider();
var roleProviderConfig = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"applicationName", "app2"}
};
roleProvider.Initialize("MongoRoleProvider", roleProviderConfig);
roleProvider.CreateRole("Administrator");
roleProvider.AddUsersToRoles(new[] { "foo" }, new[] { "Administrator" });
Assert.IsFalse(roleProvider.IsUserInRole("foo", "Administrator"));
}
public void GetPasswordTest(bool requireQA, bool enablePasswordRetrieval, string answer)
{
MembershipCreateStatus status;
var mongoProvider = new MongoMembershipProvider();
var config = new NameValueCollection
{
{"connectionStringName", ConfigurationManager.ConnectionStrings[0].Name},
{"requiresQuestionAndAnswer", requireQA.ToString()},
{"enablePasswordRetrieval", enablePasswordRetrieval.ToString()},
{"passwordStrengthRegularExpression", "bar.*"},
{"passwordFormat", MembershipPasswordFormat.Clear.ToString()},
{"writeExceptionsToEventLog", bool.FalseString}
};
mongoProvider.Initialize("MongoMembershipProvider", config);
mongoProvider.CreateUser("foo", "barbar!", "*****@*****.**", "color", "blue", true, null, out status);
try
{
string password = mongoProvider.GetPassword("foo", answer);
if (!enablePasswordRetrieval)
{
Assert.Fail("This should have thrown an exception");
}
Assert.AreEqual("barbar!", password);
}
catch (Exception)
{
if (requireQA && answer != null)
{
Assert.Fail("This should not have thrown an exception");
}
}
}
