public ActionResult Login(AccountLoginView account, String returnUrl)
{
if (Service.IsLoggedIn(User))
{
return(RedirectToLocal(returnUrl));
}
if (!Validator.CanLogin(account))
{
return(View(account));
}
Service.Login(account.Username);
return(RedirectToLocal(returnUrl));
}
public void CanLogin_LockedAccount_ReturnsFalse()
{
AccountLoginView view = ObjectsFactory.CreateAccountLoginView(account.Id + 1);
account = context.Set <Account>().Single();
account.IsLocked = true;
context.SaveChanges();
Boolean canLogin = validator.CanLogin(view);
Alert alert = validator.Alerts.Single();
Assert.False(canLogin);
Assert.Equal(0, alert.Timeout);
Assert.Empty(validator.ModelState);
Assert.Equal(AlertType.Danger, alert.Type);
Assert.Equal(Validation.For <AccountView>("LockedAccount"), alert.Message);
}
public AuthControllerTests()
{
mailClient = Substitute.For <IMailClient>();
service = Substitute.For <IAccountService>();
validator = Substitute.For <IAccountValidator>();
controller = Substitute.ForPartsOf <AuthController>(validator, service, mailClient);
accountRecovery = ObjectFactory.CreateAccountRecoveryView();
accountReset = ObjectFactory.CreateAccountResetView();
accountLogin = ObjectFactory.CreateAccountLoginView();
HttpContextBase context = HttpContextFactory.CreateHttpContextBase();
controller.Url = new UrlHelper(context.Request.RequestContext);
controller.ControllerContext = new ControllerContext();
controller.ControllerContext.HttpContext = context;
}
public void CanLogin_IncorrectPassword_ReturnsFalse()
{
account = context.Set <Account>().Single();
account.IsLocked = true;
context.SaveChanges();
AccountLoginView view = ObjectFactory.CreateAccountLoginView();
hasher.VerifyPassword(view.Password, Arg.Any <String>()).Returns(false);
Boolean canLogin = validator.CanLogin(view);
Assert.False(canLogin);
Assert.Empty(validator.Alerts);
Assert.Single(validator.ModelState);
Assert.Equal(Validations.IncorrectAuthentication, validator.ModelState[""].Errors.Single().ErrorMessage);
}
public void CanLogin_IncorrectPassword_ReturnsFalse()
{
account = context.Set <Account>().Single();
account.IsLocked = true;
context.SaveChanges();
AccountLoginView view = ObjectsFactory.CreateAccountLoginView(account.Id + 1);
hasher.VerifyPassword(view.Password, Arg.Any <String>()).Returns(false);
Boolean canLogin = validator.CanLogin(view);
Alert alert = validator.Alerts.Single();
Assert.False(canLogin);
Assert.Equal(0, alert.Timeout);
Assert.Empty(validator.ModelState);
Assert.Equal(AlertType.Danger, alert.Type);
Assert.Equal(Validation.For <AccountView>("IncorrectAuthentication"), alert.Message);
}
public ActionResult LoginPost(AccountLoginView vm)
{
string msg = string.Empty;
string roles = string.Empty;
User user = _userService.FindUser(vm);
msg = CheckAccount(user, ref roles);
if (ModelState.IsValid && string.IsNullOrWhiteSpace(msg))
{
//新增登入用Ticket
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
vm.Account,
DateTime.Now,
DateTime.Now.AddMinutes(60),
false,
roles,
FormsAuthentication.FormsCookiePath
);
//資料加密成字串
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
//將資料存入cookies中
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket));
LoginState.LoginAccount = user.Account;
LoginState.LoginUserId = user.UserId;
LoginState.LoginUserName = user.UserName;
LoginState.LoginEmployeeId = user.EmployeeId;
return(RedirectToAction("Index", "Home"));
}
ViewBag.ErrorMsg = msg;
return(View("Login", vm));
}
public static async Task <ValidatedView <AccountSessionView> > Login(AccountLoginView accountLoginView)
{
if (!accountLoginView.IsValid(out string message))
{
return(ValidatedView <AccountSessionView> .Invalid(message));
}
try {
var accountInfo = await Model <AccountModel> .AsQueryable()
.Where(x => x.Username == accountLoginView.Username)
.Select(x => new { x.ID, x.Password, x.Salt, x.EmailVerificationDate, x.BanHistory })
.FirstOrDefault();
if (accountInfo == null || !accountInfo.Password.Is(accountLoginView.Password.ComputeHash(accountInfo.Salt)))
{
return(ValidatedView <AccountSessionView> .Invalid(ErrorCode.PASSWORD_USERNAME_NOT_FOUND));
}
/* skip for now
* if (accountInfo.EmailVerificationDate == DateTime.MinValue) { // email not verified
* return ValidatedView<AccountSessionView>.Invalid(ErrorCode.EMAIL_NOT_VERIFIED);
* }
*/
AccountSessionModel sessionModel = new AccountSessionModel {
AccountID = accountInfo.ID
};
await Model <AccountSessionModel> .AsCollection().InsertOneAsync(sessionModel);
return(ValidatedView <AccountSessionView>
.Valid(Mapper <AccountSessionModel> .Map <AccountSessionView>(sessionModel)));
} catch (Exception e) {
GameContext.Logger.LogError(e);
}
return(ValidatedView <AccountSessionView> .Invalid(ErrorCode.OPERATION_FAILED));
}
public User FindUser(AccountLoginView vm)
{
string password = Common.Encrypt(vm.Password);
return(_db.Users.FirstOrDefault(x => x.Account == vm.Account && x.Password == password));
}
/// <summary>
/// Login window onClick event
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void OnClick_Login(object sender, RoutedEventArgs e)
{
AccountLoginView view = new AccountLoginView();
view.ShowDialog();
}
public void CanLogin_CanNotLoginFromNonExistingAccount()
{
AccountLoginView account = new AccountLoginView();
Assert.IsFalse(validator.CanLogin(account));
}
public async Task <IActionResult> Login([FromBody] AccountLoginView login)
{
return(Ok(await AccountService.Login(login)));
}
