public void GetUser_Test()
{
//Arange
IQueryable<User> users = GetUsers();
ILoginService service = CreateLoginService(users);
//Act
var expected = new User
{
UserId = 1,
Disabled = false,
Login = "******",
Password = "******",
RoleId = 1,
Role = new Role
{
Name = "Admin"
}
};
var actual = service.GetUser(new User
{
Login = "******",
Password = "******"
});
//Assert
Assert.IsTrue(AreUsersEqual(actual, expected));
}
public JsonResult UserLogin(User user)
{
if (user == null)
{
return null;
}
var validUser = _service.GetUser(user);
if (validUser == null)
{
return null;
}
var cookie = _security.Authorize(validUser);
if (cookie == null)
{
return null;
}
Response.Cookies.Clear();
Response.Cookies.Add(cookie);
user.Password = string.Empty;
user.RoleId = validUser.RoleId;
user.Role = new Role
{
RoleId = validUser.Role.RoleId,
Name = validUser.Role.Name
};
return new JsonResult
{
Data = user,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
public static void Authorize_Test()
{
//Arange
var user = new User
{
UserId = 1,
Disabled = false,
Login = "******",
Password = "******",
RoleId = 1,
Role = new Role
{
Name = "Admin"
}
};
const int days = 7;
var expirationDate = DateTime.Now.AddDays(days).ToLocalTime();
var security = new WebSecurity();
//Act
var cookie = security.Authorize(user);
var emptyCookie = security.Authorize(null);
//Assert
Assert.That(cookie, Is.Not.Null);
Assert.That(cookie.Name == ".ASPXAUTH");
Assert.That(TrimToSeconds(cookie.Expires) == TrimToSeconds(expirationDate));
Assert.That(emptyCookie, Is.Null);
}
private static FormsAuthenticationTicket GetTicket(User user)
{
if (user == null)
{
return null;
}
const int version = 1;
const int days = 7;
const char separator = ',';
string cookieName = user.Login.Trim();
string userData = user.UserId.ToString() + separator + user.Role.Name;
string cookiePath = FormsAuthentication.FormsCookiePath;
DateTime currentDate = DateTime.Now;
DateTime expirationDate = currentDate.AddDays(days);
FormsAuthentication.Initialize();
return
new FormsAuthenticationTicket(version: version,
name: cookieName,
issueDate: currentDate,
expiration: expirationDate,
isPersistent: true,
userData: userData,
cookiePath: cookiePath
);
}
private static bool AreUsersEqual(User user, User expectedUser)
{
if (user == null)
{
return false;
}
return (user.Login == expectedUser.Login ||
user.Password == expectedUser.Password);
}
public TransferUser MapLogin(User user)
{
if (user == null)
{
return null;
}
return new TransferUser
{
UserId = user.UserId,
Login = user.Login,
Password = user.Password,
Role = _roleMapper.Map(user.Role),
};
}
public void UserLogin_Test()
{
//Arange
var stubSecurity = new Mock<IWebSecurity>();
var stubLoginService = new Mock<ILoginService>();
var expectedUser = new User
{
Login = "******"
};
var user = new User
{
UserId = 1,
Disabled = false,
Login = "******",
Password = "******",
RoleId = 1,
Role = new Role
{
Name = "Admin"
}
};
var httpCookie = new HttpCookie("Admin", "Admin");
stubLoginService.Setup(s => s.GetUser
(It.IsAny<User>()))
.Returns(user);
stubSecurity.Setup(s => s.Authorize
(It.IsAny<User>()))
.Returns(httpCookie);
var context = new Mock<HttpContextBase>(MockBehavior.Strict);
context.SetupGet(x => x.Response.Cookies).Returns(new HttpCookieCollection());
var rc = new RequestContext(context.Object, new RouteData());
var controller = new LoginController
(stubSecurity.Object, stubLoginService.Object);
controller.ControllerContext = new ControllerContext(rc, controller);
//Act
var actual = controller.UserLogin(user);
var actualUser = (User)actual.Data;
//Assert
Assert.That(actualUser.Login == expectedUser.Login);
}
public HttpCookie Authorize(User user)
{
if (user == null)
{
return null;
}
FormsAuthenticationTicket ticket = GetTicket(user);
if (ticket == null)
{
return null;
}
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
return cookie;
}
public TransferUser Map(User user)
{
if (user == null)
{
return null;
}
return new TransferUser
{
UserId = user.UserId,
Login = user.Login,
PrompterStatus = user.PrompterStatus,
Password = user.Password,
Disabled = user.Disabled,
RoleId = user.RoleId,
Role = _roleMapper.Map(user.Role),
EntityState = EntityState.Unchanged
};
}
public User GetUser(User user)
{
const int minLength = 3;
if (user == null)
{
return null;
}
if (user.Login.Length < minLength || user.Password.Length < minLength)
{
return null;
}
using (var context = _dbContextFactory.Create())
{
var getUser = context.Users
.Where(usr => usr.Login == user.Login.Trim()
&& (!usr.Disabled)
&& usr.Password == user.Password)
.Include(usr => usr.Role)
.FirstOrDefault();
return getUser;
}
}
private static IQueryable<User> GetUsers()
{
var user = new User
{
UserId = 1,
Disabled = false,
Login = "******",
Password = "******",
RoleId = 1,
Role = new Role
{
Name = "Admin"
}
};
var users = new List<User>
{
user,
new User
{
UserId = 2
}
}.AsQueryable();
return users;
}