public async Task Does_Not_Match_Reset_Passwords_If_No_User_With_Given_Email()
{
using var transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled);
// Given
var emailToCheck = "*****@*****.**";
var createTime = new DateTime(2021, 1, 1);
var testDelegateUser = UserTestHelper.GetDefaultDelegateUser();
var resetPasswordCreateModel = new ResetPasswordCreateModel(
createTime,
"ResetPasswordHash",
testDelegateUser.Id,
UserType.DelegateUser
);
// When
service.CreatePasswordReset(resetPasswordCreateModel);
var matches = await service.FindMatchingResetPasswordEntitiesWithUserDetailsAsync(
emailToCheck,
resetPasswordCreateModel.Hash
);
// Then
matches.Count.Should().Be(0);
}
public async Task Can_Create_And_Find_A_Password_Reset_For_User(UserType userType)
{
using var transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled);
// Given
var createTime = new DateTime(2021, 1, 1);
var testDelegateUser = userType.Equals(UserType.AdminUser)
? (User)UserTestHelper.GetDefaultAdminUser()
: UserTestHelper.GetDefaultDelegateUser();
var resetPasswordCreateModel = new ResetPasswordCreateModel(
createTime,
"ResetPasswordHash",
testDelegateUser.Id,
userType
);
// When
service.CreatePasswordReset(resetPasswordCreateModel);
var matches = await service.FindMatchingResetPasswordEntitiesWithUserDetailsAsync(
testDelegateUser.EmailAddress !,
resetPasswordCreateModel.Hash
);
// Then
matches.Count.Should().Be(1);
var match = matches.Single();
match.UserId.Should().Be(testDelegateUser.Id);
match.Email.Should().Be(testDelegateUser.EmailAddress);
match.UserType.Should().Be(userType);
match.Id.Should().BeGreaterThan(0);
match.ResetPasswordHash.Should().Be(resetPasswordCreateModel.Hash);
match.PasswordResetDateTime.Should().Be(resetPasswordCreateModel.CreateTime);
}
public async Task Does_Not_Match_Reset_Passwords_If_No_Reset_Password_With_Given_Hash()
{
using var transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled);
// Given
var createTime = new DateTime(2021, 1, 1);
var testDelegateUser = UserTestHelper.GetDefaultDelegateUser();
var resetPasswordCreateModel = new ResetPasswordCreateModel(
createTime,
"NormalHash",
testDelegateUser.Id,
UserType.DelegateUser
);
// When
service.CreatePasswordReset(resetPasswordCreateModel);
var matches = await service.FindMatchingResetPasswordEntitiesWithUserDetailsAsync(
testDelegateUser.EmailAddress !,
HashNotYetInDb
);
// Then
matches.Count.Should().Be(0);
}
private string GenerateResetPasswordHash(User user)
{
string hash = Guid.NewGuid().ToString();
var resetPasswordCreateModel = new ResetPasswordCreateModel(
clockService.UtcNow,
hash,
user.Id,
user is DelegateUser ? UserType.DelegateUser : UserType.AdminUser
);
passwordResetDataService.CreatePasswordReset(resetPasswordCreateModel);
return(hash);
}
public void CreatePasswordReset(ResetPasswordCreateModel createModel)
{
var numberOfAffectedRows = connection.Execute(
GetCreateResetPasswordSql(createModel.UserType),
new
{
ResetPasswordHash = createModel.Hash,
CreateTime = createModel.CreateTime,
UserID = createModel.UserId,
});
if (numberOfAffectedRows < 2)
{
string message =
$"Not saving reset password hash as db insert/update failed for User ID: {createModel.UserId} from table {createModel.UserType.TableName}";
logger.LogWarning(message);
throw new ResetPasswordInsertException(message);
}
}
