public ActionResult Index(string returnUrl)
{
var viewModel = new BackendLoginViewModel
{
ReturnUrl = returnUrl,
Heading = _localizationService.GetString("/Login/BackendLogin/Heading"),
LoginMessage = _localizationService.GetString("/Login/BackendLogin/LoginMessage")
};
return View(viewModel);
}
public void Index_WhenReturnUrl_ShouldCreateViewModel()
{
const string url = "http://test.com/episerver/cms";
var result = ((ViewResult)_subject.Index(url)).Model as BackendLoginViewModel;
var expectedResult = new BackendLoginViewModel
{
ReturnUrl = url,
Heading = "Heading",
LoginMessage = "LoginMessage"
};
result.ShouldBeEquivalentTo(expectedResult);
}
public async Task<ActionResult> Index(BackendLoginViewModel viewModel)
{
var returnUrl = !string.IsNullOrEmpty(viewModel.ReturnUrl) ? viewModel.ReturnUrl : UrlHelper.GenerateContentUrl("~/", ControllerContext.HttpContext);
if (!ModelState.IsValid)
{
// re-apply the messages for the login view.
viewModel.Heading = _localizationService.GetString("/Login/BackendLogin/Heading");
viewModel.LoginMessage = _localizationService.GetString("/Login/BackendLogin/LoginMessage");
return PartialView("Index", viewModel);
}
var result = await _signInManager.PasswordSignInAsync(viewModel.Username, viewModel.Password, viewModel.RememberMe, false);
switch (result)
{
case SignInStatus.Success:
break;
default:
ModelState.AddModelError("Password", _localizationService.GetString("/Login/Form/Error/WrongPasswordOrEmail"));
return PartialView("Index", viewModel);
}
// As a security concern in order to prevent open re-direct attacks we
// check the return URL to make sure it is within the own site. The method
// Url.IsLocalUrl does not recognize localhost as true, so to make this work while
// debugging we should also allow calls coming from within the same server.
// We can do this by first checking with Request.IsLocal.
if (Request.IsLocal || returnUrl.IsLocalUrl(Request))
{
return Redirect(returnUrl);
}
// If the return URL was set to an external address then make sure the call goes to the
// start page of the site instead.
return RedirectToAction("Index", new { node = Core.ContentReference.StartPage });
}
public void Index__WhenModelStateIsInvalid_ShouldReturnViewModel()
{
var url = "http://tester.com/eepiserver";
_subject.ModelState.AddModelError("testError", "test");
var result = ((PartialViewResult)_subject.Index(new BackendLoginViewModel
{
Heading = "Test Heading",
LoginMessage = "LoginMessage",
Password = "******",
RememberMe = false,
ReturnUrl = url,
Username = "******"
}).Result).Model as BackendLoginViewModel;
var expectedResult = new BackendLoginViewModel
{
Heading = "Heading",
LoginMessage = "LoginMessage",
Password = "******",
RememberMe = false,
ReturnUrl = url,
Username = "******"
};
result.ShouldBeEquivalentTo(expectedResult);
}
