public async void ForgotPassword_InvalidModelState_RedisplaysWithSameModel()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel();
AccountController controller = new AccountController(userManager: null, signInManager: null, stripeService: null);
controller.ModelState.AddModelError(nameof(viewModel.Email), "Required");
var result = await controller.ForgotPassword(viewModel) as ViewResult;
Assert.That(result != null);
Assert.That(result.Model, Is.InstanceOf<ForgotPasswordViewModel>());
var model = (ForgotPasswordViewModel)result.Model;
Assert.That(model, Is.SameAs(viewModel));
}
public async void ForgotPassword_ValidModelState_CallsUserManageFindByEmailAsyncWithModelEmail()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel
{
Email = "*****@*****.**"
};
Mock<VeilUserManager> userManagerMock = new Mock<VeilUserManager>(dbStub.Object, null /*messageService*/, null /*dataProtectionProvider*/);
userManagerMock.
Setup(um => um.FindByEmailAsync(It.IsAny<string>())).
ReturnsAsync(null).
Verifiable();
AccountController controller = new AccountController(userManagerMock.Object, signInManager: null, stripeService: null);
await controller.ForgotPassword(viewModel);
Assert.That(
() =>
userManagerMock.Verify(um => um.FindByEmailAsync(viewModel.Email),
Times.Once),
Throws.Nothing);
}
public async void ForgotPassword_EmailNotRegistered_RedirectsToForgotPasswordConfirmation()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel
{
Email = "*****@*****.**"
};
Mock<VeilUserManager> userManagerStub = new Mock<VeilUserManager>(dbStub.Object, null /*messageService*/, null /*dataProtectionProvider*/);
userManagerStub.
Setup(um => um.FindByEmailAsync(It.IsAny<string>())).
ReturnsAsync(null);
AccountController controller = new AccountController(userManagerStub.Object, signInManager: null, stripeService: null);
var result = await controller.ForgotPassword(viewModel) as RedirectToRouteResult;
Assert.That(result != null);
Assert.That(result.RouteValues["Action"], Is.EqualTo(nameof(AccountController.ForgotPasswordConfirmation)));
Assert.That(result.RouteValues["Controller"], Is.Null.Or.EqualTo("Account"));
}
public async void ForgotPassword_EmailConfirmed_RedirectsToForgotPasswordConfirmation()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel
{
Email = "*****@*****.**"
};
User user = new User
{
Id = new Guid("65ED1E57-D246-4A20-9937-E5C129E67064"),
Email = viewModel.Email
};
string passwordResetToken = "passwordResetToken";
Mock<VeilUserManager> userManagerStub = new Mock<VeilUserManager>(dbStub.Object, null /*messageService*/, null /*dataProtectionProvider*/);
userManagerStub.
Setup(um => um.FindByEmailAsync(viewModel.Email)).
ReturnsAsync(user);
userManagerStub.
Setup(um => um.IsEmailConfirmedAsync(user.Id)).
ReturnsAsync(true);
userManagerStub.
Setup(um => um.GeneratePasswordResetTokenAsync(It.IsAny<Guid>())).
ReturnsAsync(passwordResetToken);
userManagerStub.
Setup(um => um.SendEmailAsync(It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<string>())).
Returns(Task.FromResult(0));
Mock<UrlHelper> urlHelperStub = new Mock<UrlHelper>();
Uri requestUrl = new Uri("http://localhost/");
Mock<HttpRequestBase> requestStub = new Mock<HttpRequestBase>();
requestStub.
SetupGet(r => r.Url).
Returns(requestUrl);
Mock<ControllerContext> contextStub = new Mock<ControllerContext>();
contextStub.
SetupGet(c => c.HttpContext.Request).
Returns(requestStub.Object);
AccountController controller = new AccountController(userManagerStub.Object, signInManager: null, stripeService: null)
{
Url = urlHelperStub.Object,
ControllerContext = contextStub.Object
};
var result = await controller.ForgotPassword(viewModel) as RedirectToRouteResult;
Assert.That(result != null);
Assert.That(result.RouteValues["Action"], Is.EqualTo(nameof(AccountController.ForgotPasswordConfirmation)));
Assert.That(result.RouteValues["Controller"], Is.Null.Or.EqualTo("Account"));
}
public async void ForgotPassword_EmailConfirmed_CallsUserManageSendEmailAsync()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel
{
Email = "*****@*****.**"
};
User user = new User
{
Id = new Guid("65ED1E57-D246-4A20-9937-E5C129E67064"),
Email = viewModel.Email
};
string passwordResetToken = "passwordResetToken";
Mock<VeilUserManager> userManagerMock = new Mock<VeilUserManager>(dbStub.Object, null /*messageService*/, null /*dataProtectionProvider*/);
userManagerMock.
Setup(um => um.FindByEmailAsync(viewModel.Email)).
ReturnsAsync(user);
userManagerMock.
Setup(um => um.IsEmailConfirmedAsync(user.Id)).
ReturnsAsync(true);
userManagerMock.
Setup(um => um.GeneratePasswordResetTokenAsync(It.IsAny<Guid>())).
ReturnsAsync(passwordResetToken);
userManagerMock.
Setup(um => um.SendEmailAsync(It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<string>())).
Returns(Task.FromResult(0)).
Verifiable();
Mock<UrlHelper> urlHelperStub = new Mock<UrlHelper>();
Uri requestUrl = new Uri("http://localhost/");
Mock<HttpRequestBase> requestStub = new Mock<HttpRequestBase>();
requestStub.
SetupGet(r => r.Url).
Returns(requestUrl);
Mock<ControllerContext> contextStub = new Mock<ControllerContext>();
contextStub.
SetupGet(c => c.HttpContext.Request).
Returns(requestStub.Object);
AccountController controller = new AccountController(userManagerMock.Object, signInManager: null, stripeService: null)
{
Url = urlHelperStub.Object,
ControllerContext = contextStub.Object
};
await controller.ForgotPassword(viewModel);
Assert.That(
() =>
userManagerMock.Verify(um => um.SendEmailAsync(user.Id, It.IsAny<string>(), It.IsAny<string>()),
Times.Once),
Throws.Nothing);
}
public async void ForgotPassword_EmailNotConfirmed_RedirectsToForgotPasswordConfirmation()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel
{
Email = "*****@*****.**"
};
User user = new User
{
Id = new Guid("65ED1E57-D246-4A20-9937-E5C129E67064"),
Email = viewModel.Email
};
Mock<VeilUserManager> userManagerStub = new Mock<VeilUserManager>(dbStub.Object, null /*messageService*/, null /*dataProtectionProvider*/);
userManagerStub.
Setup(um => um.FindByEmailAsync(viewModel.Email)).
ReturnsAsync(user);
userManagerStub.
Setup(um => um.IsEmailConfirmedAsync(user.Id)).
ReturnsAsync(false);
AccountController controller = new AccountController(userManagerStub.Object, signInManager: null, stripeService: null);
var result = await controller.ForgotPassword(viewModel) as RedirectToRouteResult;
Assert.That(result != null);
Assert.That(result.RouteValues["Action"], Is.EqualTo(nameof(AccountController.ForgotPasswordConfirmation)));
Assert.That(result.RouteValues["Controller"], Is.Null.Or.EqualTo("Account"));
}
public async void ForgotPassword_EmailRegistered_CallsUserManagerIsEmailConfirmedAsync()
{
ForgotPasswordViewModel viewModel = new ForgotPasswordViewModel
{
Email = "*****@*****.**"
};
User user = new User
{
Id = new Guid("65ED1E57-D246-4A20-9937-E5C129E67064"),
Email = viewModel.Email
};
Mock<VeilUserManager> userManagerMock = new Mock<VeilUserManager>(dbStub.Object, null /*messageService*/, null /*dataProtectionProvider*/);
userManagerMock.
Setup(um => um.FindByEmailAsync(viewModel.Email)).
ReturnsAsync(user);
userManagerMock.
Setup(um => um.IsEmailConfirmedAsync(It.IsAny<Guid>())).
ReturnsAsync(false).
Verifiable();
AccountController controller = new AccountController(userManagerMock.Object, signInManager: null, stripeService: null);
await controller.ForgotPassword(viewModel);
Assert.That(
() =>
userManagerMock.Verify(um => um.IsEmailConfirmedAsync(user.Id),
Times.Once),
Throws.Nothing);
}
public async Task<ActionResult> ForgotPassword(ForgotPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var user = await userManager.FindByEmailAsync(model.Email);
if (user == null || !(await userManager.IsEmailConfirmedAsync(user.Id)))
{
// Don't reveal that the user does not exist or is not confirmed
return RedirectToAction("ForgotPasswordConfirmation");
}
// Send an email with this link
string code = await userManager.GeneratePasswordResetTokenAsync(user.Id);
var callbackUrl = Url.Action(
"ResetPassword", "Account",
new
{
userId = user.Id,
code = code
},
protocol: Request.Url.Scheme);
await userManager.SendEmailAsync(
user.Id,
"Veil - Password Reset",
"Please reset your Veil account password by clicking <a href=\"" + callbackUrl +
"\">here</a>");
return RedirectToAction("ForgotPasswordConfirmation");
}
