public virtual ActionResult ResetPassword(ResetPasswordStepOneModel model)
        {
            if (!ModelState.IsValid)
            {
                return View("Step1", model);
            }

            UserProfile profile;

            if (!string.IsNullOrWhiteSpace(model.UserName))
            {
                profile = userProfileRepository.GetUserProfileByUserName(model.UserName);
            }
            else if (!string.IsNullOrWhiteSpace(model.EmailAddress))
            {
                profile = userProfileRepository.GetUserProfileByEmailAddress(model.EmailAddress);
            }
            else
            {
                ModelState.AddModelError("", "A user name or email address must be specified.");
                return View("Step1");
            }

            if (profile == null)
            {
                // could't find the user, but don't want to give that away
                return View("Step2");
            }

            string passwordResetToken = resetPasswordService.GeneratePasswordResetToken(profile.UserName, 120);
            SendEmailToUser(profile, passwordResetToken);

            return View("Step2");
        }
        public void TestThat_ResetPassword_AddsAValidationError_WhenTheModelHasAnInvalidUserNameAndEmailAddress()
        {
            var controller = new ResetPasswordController(Substitute.For<IUserProfileRepository>(), Substitute.For<IResetPasswordService>(), new EmailMessengerFactory(Substitute.For<IPostman>()));

            var model = new ResetPasswordStepOneModel { UserName = null, EmailAddress = null };
            controller.ResetPassword(model);

            Assert.That(controller.ModelState.Count, Is.EqualTo(1));
        }
        public void TestThat_ResetPassword_GeneratesAPasswordResetTokenForTheUser_WhenAValidUserIsFound_FromAUserName()
        {
            var userProfileRepository = Substitute.For<IUserProfileRepository>();
            userProfileRepository.GetUserProfileByUserName("bob").Returns(new UserProfile { UserName = "******", EmailAddress = "*****@*****.**" });
            var resetPasswordService = Substitute.For<IResetPasswordService>();
            var controller = new ResetPasswordController(userProfileRepository, resetPasswordService, new EmailMessengerFactory(Substitute.For<IPostman>()));
            controller.SetupWithHttpContextAndUrlHelper();

            var model = new ResetPasswordStepOneModel { UserName = "******" };
            controller.ResetPassword(model);

            resetPasswordService.Received().GeneratePasswordResetToken("bob", Arg.Any<int>());
        }
        public void TestThat_ResetPassword_SendsAnEmailToTheUser_WhenAValidUserIsFound_FromAUserName()
        {
            var userProfileRepository = Substitute.For<IUserProfileRepository>();
            var userProfile = new UserProfile { UserName = "******", EmailAddress = "*****@*****.**" };
            userProfileRepository.GetUserProfileByUserName("bob").Returns(userProfile);
            var postman = Substitute.For<IPostman>();
            var controller = new ResetPasswordController(userProfileRepository, Substitute.For<IResetPasswordService>(), new EmailMessengerFactory(postman));
            controller.SetupWithHttpContextAndUrlHelper();

            var model = new ResetPasswordStepOneModel { UserName = "******" };
            controller.ResetPassword(model);

            var expectedMessage = MailMessage.FromTemplate(PasswordResetMailTemplate.Create(string.Empty), userProfile);
            postman.Received().Deliver(expectedMessage);
        }
        public void TestThat_ResetPassword_RedirectsToStepTwo_WhenTheModelHasAValidUserName_ButTheUserProfileCouldNotBeFound()
        {
            var controller = new ResetPasswordController(Substitute.For<IUserProfileRepository>(), Substitute.For<IResetPasswordService>(), new EmailMessengerFactory(Substitute.For<IPostman>()));

            var model = new ResetPasswordStepOneModel { UserName = "******" };
            var result = (ViewResult)controller.ResetPassword(model);

            Assert.That(result.ViewName, Is.EqualTo("Step2"));
        }
        public void TestThat_ResetPassword_RedirectsBackToStepOne_WhenTheModelIsInvalid()
        {
            var controller = new ResetPasswordController(Substitute.For<IUserProfileRepository>(), Substitute.For<IResetPasswordService>(), new EmailMessengerFactory(Substitute.For<IPostman>()));
            controller.ModelState.AddModelError("", "invalid");

            var model = new ResetPasswordStepOneModel();
            var result = (ViewResult)controller.ResetPassword(model);

            Assert.That(result.ViewName, Is.EqualTo("Step1"));
        }
        public void TestThat_ResetPassword_RedirectsBackToStepOne_WhenTheModelHasAnInvalidUserNameAndEmailAddress()
        {
            var controller = new ResetPasswordController(Substitute.For<IUserProfileRepository>(), Substitute.For<IResetPasswordService>(), new EmailMessengerFactory(Substitute.For<IPostman>()));

            var model = new ResetPasswordStepOneModel { UserName = null, EmailAddress = null };
            var result = (ViewResult)controller.ResetPassword(model);

            Assert.That(result.ViewName, Is.EqualTo("Step1"));
        }