public void ForgotPassword_InvalidUserName_DoesntSendEmail_But_RedirectsTo_PasswordResetRequestedView()
        {
            // Arrange
            const string nonExistingUser = "******";

            _webSecurity.Setup(x => x.GetUserId(nonExistingUser)).Returns(-1);

            // Act
            var model = new ForgotPasswordViewModel
            {
                UserNameOrEmail = nonExistingUser
            };
            Mother.ControllerHelpers.SetupControllerModelState(model, _controllerUnderTest);
            var response = _controllerUnderTest.ForgotPassword(model);

            // Assert
            var result = response as RedirectToRouteResult;
            Assert.AreEqual("PasswordResetRequested", result.RouteValues["action"]);

            _messageService.Verify(x => x.SendMessage(It.IsAny<Message>(), It.IsAny<Person>(), It.IsAny<string>()), Times.Never);
        }
Exemplo n.º 2
0
        public ActionResult ForgotPassword(ForgotPasswordViewModel model)
        {
            if (ModelState.IsValid)
            {
                // First assume the username was typed in.
                var userName = model.UserNameOrEmail;
                var userId = _webSecurity.GetUserId(model.UserNameOrEmail);
                if (userId == -1)
                {
                    // If the user was not found by name, assume his email was typed in.
                    var user = _volunteerSvc.FindUserByEmail(model.UserNameOrEmail);
                    if (user != null)
                    {
                        userName = user.UserName;
                        userId = user.Id;
                    }
                }

                // Only send email when user actually exists. For security reasons
                // don't show an error when the given user doesn't exist.
                if (userId != -1)
                {
                    var volunteer = _volunteerSvc.FindByUserId(userId);
                    if (volunteer != null)
                    {
                        var token = _webSecurity.GeneratePasswordResetToken(userName);
                        // Generate the absolute Url for the password reset action.
                        var routeValues = new RouteValueDictionary { { "token", token } };
                        var passwordResetLink = Url.Action("ResetPassword", "Account", routeValues, Request.Url.Scheme);

                        var body = String.Format(@"<p>Click on the following link to reset your password: <a href='{0}'>{0}</a></p>", passwordResetLink);
                        var message = new Message("CrisisCheckin - Password Reset", body);

                        _messageService.SendMessage(message, volunteer);
                    }
                }
                return RedirectToAction("PasswordResetRequested");
            }
            return View(model);
        }
        public void ForgotPassword_ValidEmailInsteadOfUsername_SendsEmail_And_RedirectsTo_PasswordResetRequestedView()
        {
            // Arrange
            const string usernameOrEmail = "*****@*****.**";
            const int existingUserId = 42;
            const string existingUsername = "******";
            const string token = "t-o-k-e-n";
            var person = new Person {Id = existingUserId};

            _webSecurity.Setup(x => x.GetUserId(usernameOrEmail))
                .Returns(-1);
            _volunteerService.Setup(x => x.FindUserByEmail(usernameOrEmail))
                .Returns(new User { Id = existingUserId, UserName = existingUsername});
            _webSecurity.Setup(x => x.GeneratePasswordResetToken(existingUsername))
                .Returns(token);
            _volunteerService.Setup(x => x.FindByUserId(existingUserId))
                .Returns(person);

            _routeCollection.MapRoute(
                name: "PasswordReset",
                url: "{controller}/{action}",
                defaults: new { controller = "Account", action = "PasswordReset" }
            );

            // Act
            var model = new ForgotPasswordViewModel
            {
                UserNameOrEmail = usernameOrEmail
            };
            Mother.ControllerHelpers.SetupControllerModelState(model, _controllerUnderTest);
            var response = _controllerUnderTest.ForgotPassword(model);

            // Assert
            var result = response as RedirectToRouteResult;
            Assert.AreEqual("PasswordResetRequested", result.RouteValues["action"]);

            _messageService.Verify(x => x.SendMessage(It.IsAny<Message>(), person, It.IsAny<string>()));
        }
Exemplo n.º 4
0
 public ActionResult ForgotPassword()
 {
     var model = new ForgotPasswordViewModel();
     return View(model);
 }