public void DoesNotSendMessageIfUserIsNotConfirmedOrIfEmailDoesNotMatchUser(int userId, string submittedEmail, bool isConfirmed)
        {
            var webSecurity = Substitute.For<IWebSecurityService>();
            webSecurity.GetUserId("haacked").Returns(userId);
            webSecurity.IsConfirmed("haacked").Returns(isConfirmed);
            var messengerService = Substitute.For<IMessengerService>();
            var users = new TestDbSet<User> { new User { Id = 42, Name = "haacked", Email = "*****@*****.**" }, new User() };
            var tournamentContext = Substitute.For<ITournamentContext>();
            tournamentContext.Users.Returns(users);
            var accountController = new AccountController(webSecurity, messengerService, tournamentContext);
            var request = Substitute.For<HttpRequestBase>();
            request.Url.Returns(new Uri("http://localhost/"));
            var httpContext = Substitute.For<HttpContextBase>();
            httpContext.Request.Returns(request);
            accountController.ControllerContext = new ControllerContext(httpContext, new RouteData(), accountController);
            var forgotPasswordModel = new ForgotPasswordModel
            {
                UserName = "******",
                Email = submittedEmail
            };

            accountController.ForgotPassword(forgotPasswordModel);

            messengerService.DidNotReceive().Send(Args.String, Args.String, Args.String, Args.String, Args.Boolean);
        }
Exemplo n.º 2
0
        public ActionResult ForgotPassword(ForgotPasswordModel model)
        {
            var isValid = false;
            var resetToken = string.Empty;

            if (ModelState.IsValid)
            {
                var userId = webSecurity.GetUserId(model.UserName);
                var user = tournamentContext.Users.Find(userId);
                if (user != null && webSecurity.IsConfirmed(model.UserName) && user.Email.Equals(model.Email, StringComparison.OrdinalIgnoreCase))
                {
                    resetToken = webSecurity.GeneratePasswordResetToken(model.UserName);
                    isValid = true;
                }

                if (isValid)
                {
                    if (Request.Url != null)
                    {
                        string hostUrl = Request.Url.GetComponents(UriComponents.SchemeAndServer, UriFormat.Unescaped);
                        string resetUrl = hostUrl +
                                          VirtualPathUtility.ToAbsolute("~/Account/PasswordReset?resetToken=" +
                                                                        HttpUtility.UrlEncode(resetToken));

                        var fromAddress = "Your Email Address";
                        var toAddress = model.Email;
                        var subject = "Password reset request";
                        var body =
                            string.Format(
                                "Use this password reset token to reset your password. <br/>The token is: {0}<br/>Visit <a href='{1}'>{1}</a> to reset your password.<br/>",
                                resetToken, resetUrl);

                        messengerService.Send(fromAddress, toAddress, subject, body, true);
                    }
                }
                return RedirectToAction("ForgotPasswordMessage");
            }
            return View(model);
        }
        public void SendsResetMessageIfUserIsConfirmedAndEmailMatchesUserEmail()
        {
            var webSecurity = Substitute.For<IWebSecurityService>();
            webSecurity.GetUserId("haacked").Returns(42);
            webSecurity.IsConfirmed("haacked").Returns(true);
            var messengerService = Substitute.For<IMessengerService>();
            var users = new TestDbSet<User> { new User { Id = 42, Name = "haacked", Email = "*****@*****.**" }, new User() };
            var tournamentContext = Substitute.For<ITournamentContext>();
            tournamentContext.Users.Returns(users);
            var accountController = new AccountController(webSecurity, messengerService, tournamentContext);
            var request = Substitute.For<HttpRequestBase>();
            request.Url.Returns(new Uri("http://localhost/"));
            var httpContext = Substitute.For<HttpContextBase>();
            httpContext.Request.Returns(request);
            accountController.ControllerContext = new ControllerContext(httpContext, new RouteData(), accountController);
            var forgotPasswordModel = new ForgotPasswordModel
            {
                UserName = "******",
                Email = "*****@*****.**"
            };

            accountController.ForgotPassword(forgotPasswordModel);

            messengerService.Received().Send(Args.String, Args.String, Args.String, Args.String, Args.Boolean);
        }