public VerifyCaptchaAttributeTests() { _model = new PassResetEmailViewModel() { CaptchaToken = "some_fancy_token", Email = "*****@*****.**" }; _routeData = new RouteData(); _routeData.Values.Add("action", "PassChange"); _modelState = new ModelStateDictionary(); _actionArguments = new Dictionary <string, object>() { { "model", _model } }; _actionContextMock = GetActionContextMock(); _actionExecutingContext = GetActionExecutingContext(); _httpMock = new Mock <IHttpService>(); _userServiceMock = new Mock <IUserService>(); _next = () => { ActionExecutedContext ctx = new ActionExecutedContext(_actionContextMock.Object, new List <IFilterMetadata>(), new Mock <Controller>().Object); return(Task.FromResult(ctx)); }; _userServiceMock.Setup(mock => mock.GetIpAddress(_actionContextMock.Object.HttpContext)).Returns("127.0.0.1"); _httpMock.Setup(mock => mock.VerifyCaptchaAsync(It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(true); _filter = new VerifyCaptchaAttribute(_httpMock.Object, _userServiceMock.Object); }
private async Task PassChange_OnUserNotExisting_ReturnsStatusCode409() { string expectedErrorsResult = "Invalid user details."; PassResetEmailViewModel model = new PassResetEmailViewModel() { Email = _wrongEmail }; IActionResult result = await _controller.PassChange(model); ObjectResult objectResult = result as ObjectResult; Assert.NotNull(result); Assert.Equal(StatusCodes.Status409Conflict, objectResult.StatusCode); Assert.Equal(expectedErrorsResult, objectResult.Value); }
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { string actionName = context.RouteData.Values["action"] as string; string token = string.Empty; bool verificationSuccess; if (actionName == "PassChange") { PassResetEmailViewModel model = context.ActionArguments["model"] as PassResetEmailViewModel; token = model.CaptchaToken; } else if (actionName == "AddNewUser") { UserRegisterViewModel model = context.ActionArguments["model"] as UserRegisterViewModel; token = model.CaptchaToken; } else { context.Result = new ObjectResult("Bad request.") { StatusCode = 400 }; return; } string ip = _userService.GetIpAddress(context.HttpContext); verificationSuccess = await _http.VerifyCaptchaAsync(token, ip); if (!verificationSuccess) { context.Result = new ObjectResult("Oops! Something went wrong.") { StatusCode = 429 }; return; } await next(); }
public UserControllerTests() { _properPassResetModel = new PassResetEmailViewModel() { CaptchaToken = _properToken, Email = _properEmail }; _properResetModel = new ResetPasswordViewModel() { Email = _properEmail, Password = _properPassword, Token = _properToken }; _properRegisterUserModel = new UserRegisterViewModel() { Email = _properEmail, CaptchaToken = _properToken, DisplayName = _properName, Password = _properPassword, UserName = _properName }; _properUser = new AppUser() { Email = _properEmail }; _userServiceMock = new Mock <IUserService>(); _emailSenderMock = new Mock <IEmailSender>(); _userServiceMock.Setup(mock => mock.FindUserByEmail(_properEmail)).ReturnsAsync(_properUser); _userServiceMock.Setup(mock => mock.FindUserByEmail(_wrongEmail)).ReturnsAsync((AppUser)null); _userServiceMock.Setup(mock => mock.GenerateUsername(It.IsAny <string>())).Returns(It.IsAny <string>()); _userServiceMock.Setup(mock => mock.GetPassResetToken(It.IsAny <AppUser>())).ReturnsAsync(It.IsAny <string>()); _userServiceMock.Setup(mock => mock.ResetPassword(It.IsAny <AppUser>(), It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(true); _userServiceMock.Setup(mock => mock.CreateUserAsync(It.IsAny <UserRegisterViewModel>())).ReturnsAsync(true); _emailSenderMock.Setup(mock => mock.SendEmailAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(true); _controller = new UserController(_userServiceMock.Object, _emailSenderMock.Object); }
public async Task <IActionResult> PassChange([FromBody] PassResetEmailViewModel model) { if (_hostingEnv.IsProduction()) { if (model.Email == "*****@*****.**" || model.Email == "*****@*****.**") { return(new ObjectResult("Clicker account can not be modified. Please create new user account to test this feature.") { StatusCode = 423 }); } } AppUser user = await _userService.FindUserByEmail(model.Email); if (user == null) { return(new ObjectResult("Invalid user details.") { StatusCode = 409 }); } string token = await _userService.GetPassResetToken(user); string passResetUrl = _configuration["Data:PassReset_url"]; string resetLink = passResetUrl + model.Email + "/" + token; if (!await _emailSender.SendEmailAsync(model.Email, "Reset your password", "Please click or copy the password reset link to your browser: " + resetLink)) { return(new ObjectResult("Email could not be sent.") { StatusCode = 502 }); } return(Ok()); }