public void SetPolicyResult(string policy, bool result) { var policyResult = result ? AuthorizationResult.Success() : AuthorizationResult.Failed(); Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), policy)) .ReturnsAsync(policyResult); }
public async Task AuthService_GivenNamedPolicy_DoesNotAuthorize() { var testCase = ConfigureTestCase(builder => { builder.WithIdentity(user => { user.SetupGet(x => x.IsAuthenticated) .Returns(true); }) .WithMockAuthorizationService(authSvc => { authSvc.Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <TestLinkContainer>(), It.IsAny <string>())) .Returns(Task.FromResult(AuthorizationResult.Failed())); }) .WithMockRouteMap(routeMap => { var methodInfoMock = new Mock <IControllerMethodInfo>(); routeMap.Setup(x => x.GetRoute(It.IsAny <string>())) .Returns <string>(routeName => new RouteInfo(routeName, HttpMethod.Get, methodInfoMock.Object)); }); }); var model = new TestLinkContainer(); var context = testCase.CreateContext(model, false, null, new[] { "Policy1" }); var result = await testCase.UnderTest.AuthorizeLink(context); Assert.False(result, "Expected authorization deny"); }
public async Task SiUsuarioNoEsAdmin_Obtenemos2Links_UsandoMoq() { // Preparación var mockAuthorizationService = new Mock <IAuthorizationService>(); mockAuthorizationService.Setup(x => x.AuthorizeAsync( It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), It.IsAny <IEnumerable <IAuthorizationRequirement> >() )).Returns(Task.FromResult(AuthorizationResult.Failed())); mockAuthorizationService.Setup(x => x.AuthorizeAsync( It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), It.IsAny <string>() )).Returns(Task.FromResult(AuthorizationResult.Failed())); var mockURLHelper = new Mock <IUrlHelper>(); mockURLHelper.Setup(x => x.Link(It.IsAny <string>(), It.IsAny <object>())) .Returns(string.Empty); var rootController = new RootController(mockAuthorizationService.Object); rootController.Url = mockURLHelper.Object; // Ejecución var resultado = await rootController.Get(); // Verificación Assert.AreEqual(2, resultado.Value.Count()); }
public void PostMedicalTeam_Forbid() { // Arrange SetupAuthorize(AuthorizationResult.Failed()); var examinationId = Guid.NewGuid().ToString(); const string expectedNursingTeamInformation = "expectedNursingTeamInformation"; var examination = new Examination { ExaminationId = examinationId, }; var postMedicalTeamRequest = new PutMedicalTeamRequest() { NursingTeamInformation = expectedNursingTeamInformation, }; _examinationRetrievalServiceMock.Setup(service => service.Handle(It.IsAny <ExaminationRetrievalQuery>())) .Returns(Task.FromResult(examination)); _medicalTeamUpdateServiceMock.Setup(u => u.Handle(It.IsAny <Examination>(), It.IsAny <string>())) .Returns(Task.FromResult(examination)); Controller.ControllerContext = GetControllerContext(); // Act var response = Controller.PutMedicalTeam(examinationId, postMedicalTeamRequest).Result; // Assert var taskResult = response.Should().BeOfType <ActionResult <PutMedicalTeamResponse> >().Subject; taskResult.Result.Should().BeAssignableTo <ForbidResult>(); }
public async void CreateExamination_ReturnsForbid_WhenNotHavePermission() { // Arrange SetupAuthorize(AuthorizationResult.Failed()); var examination = CreateValidExamination(); _createExaminationServiceMock .Setup(ecs => ecs.Handle(It.IsAny <CreateExaminationQuery>())) .Returns(Task.FromResult(examination)); var mockMeUser = new MeUser { UserId = "abcd" }; var parentLocations = new List <Location>(); UsersRetrievalByOktaIdServiceMock.Setup(service => service.Handle(It.IsAny <UserRetrievalByOktaIdQuery>())) .Returns(Task.FromResult(mockMeUser)); _locationParentsServiceMock.Setup(lps => lps.Handle(It.IsAny <LocationParentsQuery>())) .Returns(Task.FromResult(parentLocations.AsEnumerable())); // Act var response = await Controller.CreateExamination(CreateValidNewCaseRequest()); // Assert response.Result.Should().BeAssignableTo <ForbidResult>(); }
public void NotAuthorizedWhenResourceMissing() { // Arrange var routeData = new RouteData(typeof(TestPageRequiringAuthorization), EmptyParametersDictionary); _testAuthorizationService.NextResult = AuthorizationResult.Failed(); // Act _renderer.RenderRootComponent(_authorizeRouteViewComponentId, ParameterView.FromDictionary(new Dictionary <string, object> { { nameof(AuthorizeRouteView.RouteData), routeData }, { nameof(AuthorizeRouteView.DefaultLayout), typeof(TestLayout) }, })); // Assert: renders layout containing "not authorized" message var batch = _renderer.Batches.Single(); var layoutDiff = batch.GetComponentDiffs <TestLayout>().Single(); Assert.Collection(layoutDiff.Edits, edit => AssertPrependText(batch, edit, "Layout starts here"), edit => AssertPrependText(batch, edit, "Not authorized"), edit => AssertPrependText(batch, edit, "Layout ends here")); // Assert: Asserts that the Resource is Null Assert.Collection(_testAuthorizationService.AuthorizeCalls, call => { Assert.Null(call.resource); }); }
public async void GetFinanceDownload_ReturnsForbid_WhenNotHavePermission() { // Arrange SetupAuthorize(AuthorizationResult.Failed()); var mockMeUser = new MeUser() { UserId = "abcd" }; var parentLocations = new List <Location>(); UsersRetrievalByOktaIdServiceMock.Setup(service => service.Handle(It.IsAny <UserRetrievalByOktaIdQuery>())) .Returns(Task.FromResult(mockMeUser)); _examinationRetrievalQueryServiceMock.Setup(service => service.Handle(It.IsAny <ExaminationRetrievalQuery>())).Returns(Task.FromResult(default(Examination))); var financeDownloadRequest = CreateGetFinanceDownloadRequest(); // Act var response = await Controller.GetFinanceDownload(financeDownloadRequest); // Assert response.Result.Should().BeAssignableTo <ForbidResult>(); }
public void GetPatientDetails_ReturnsForbid_WhenNoAccess() { // Arrange SetupAuthorize(AuthorizationResult.Failed()); var examination = new Examination { ExaminationId = "a" }; var examinationRetrievalService = new Mock <IAsyncQueryHandler <ExaminationRetrievalQuery, Examination> >(); var patientDetailsUpdateService = new Mock <IAsyncQueryHandler <PatientDetailsUpdateQuery, Examination> >(); examinationRetrievalService.Setup(service => service.Handle(It.IsAny <ExaminationRetrievalQuery>())) .Returns(Task.FromResult(examination)); var sut = new PatientDetailsController( LoggerMock.Object, Mapper, UsersRetrievalByOktaIdServiceMock.Object, AuthorizationServiceMock.Object, PermissionServiceMock.Object, examinationRetrievalService.Object, patientDetailsUpdateService.Object, _locationParentsQueryServiceMock.Object); // Act var response = sut.GetPatientDetails("a").Result; // Assert var taskResult = response.Should().BeOfType <ActionResult <GetPatientDetailsResponse> >().Subject; taskResult.Result.Should().BeAssignableTo <ForbidResult>(); }
public async Task EditGet_Forbidden_ReturnsForbiddenHttpCode() { var audio = new AudioBuilder().Build(); var audioService = Substitute.For <IAudioService>(); audioService .GetAudioAsync(audio.AudioId, Arg.Any <CancellationToken>()) .Returns(Task.FromResult(audio)); var authService = Substitute.For <IAuthorizationService>(); authService .AuthorizeAsync(Arg.Any <ClaimsPrincipal>(), audio, Arg.Any <IAuthorizationRequirement[]>()) .Returns(Task.FromResult(AuthorizationResult.Failed())); var sut = new AudioControllerBuilder() .WithAudioService(audioService) .WithAuthService(authService) .Build(); var actual = await sut.Edit(audio.AudioId, CancellationToken.None); actual.Should().BeOfType <ForbidResult>(); }
public async Task GetStats_StateUnderTest_ExpectedBehavior_UnAuthorised() { // Arrange var unitUnderTest = this.CreateDashboardController(); CancellationToken ct = new CancellationToken() { }; this.mockAuthorizationService.Setup( r => r.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <string>(), It.IsAny <string>()) ).ReturnsAsync(AuthorizationResult.Failed()); this.mockUserBusiness.Setup( r => r.GetUserIdAsync(It.IsAny <ClaimsPrincipal>()) ).ReturnsAsync(new Guid()); this.mockDashboardBusiness.Setup( r => r.GetStatsAsync(It.IsAny <long>(), It.IsAny <CancellationToken>()) ).ReturnsAsync( new Dashboard() { LivesImpacted = 2, TotalEvents = 2 } ); // Act var result = await unitUnderTest.GetStats(ct); // Assert Assert.IsType <Dashboard>(result.Value); }
public void WhenNotAuthorized_RendersCustomNotAuthorizedContentInsideLayout() { // Arrange var routeData = new RouteData(typeof(TestPageRequiringAuthorization), EmptyParametersDictionary); _testAuthorizationService.NextResult = AuthorizationResult.Failed(); _authenticationStateProvider.CurrentAuthStateTask = Task.FromResult(new AuthenticationState( new ClaimsPrincipal(new TestIdentity { Name = "Bert" }))); // Act RenderFragment <AuthenticationState> customNotAuthorized = state => builder => builder.AddContent(0, $"Go away, {state.User.Identity.Name}"); _renderer.RenderRootComponent(_authorizeRouteViewComponentId, ParameterView.FromDictionary(new Dictionary <string, object> { { nameof(AuthorizeRouteView.RouteData), routeData }, { nameof(AuthorizeRouteView.DefaultLayout), typeof(TestLayout) }, { nameof(AuthorizeRouteView.NotAuthorized), customNotAuthorized }, })); // Assert: renders layout containing "not authorized" message var batch = _renderer.Batches.Single(); var layoutDiff = batch.GetComponentDiffs <TestLayout>().Single(); Assert.Collection(layoutDiff.Edits, edit => AssertPrependText(batch, edit, "Layout starts here"), edit => AssertPrependText(batch, edit, "Go away, Bert"), edit => AssertPrependText(batch, edit, "Layout ends here")); }
public async Task GetAllEventStatusReport_StateUnderTest_ExpectedBehavior_Unauth() { // Arrange var unitUnderTest = this.CreateReportsController(); this.mockAuthorizationService.Setup( r => r.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <string>(), It.IsAny <string>()) ).ReturnsAsync(AuthorizationResult.Failed()); this.mockUserBusiness.Setup(r => r.GetUserIdAsync(It.IsAny <ClaimsPrincipal>())).ReturnsAsync(new Guid()); List <EventStatusReport> evsts = new List <EventStatusReport>(); evsts.Add(new EventStatusReport() { EventDate = DateTime.Now, EventName = "Desc 2", EventId = "1" }); evsts.Add(new EventStatusReport() { EventDate = DateTime.Now, EventName = "Desc 1", EventId = "2" }); PagedResults <EventStatusReport> sampleResult = new PagedResults <EventStatusReport>() { Items = evsts }; mockReportBusiness.Setup(r => r.GetAllReportByPocAsync( It.IsAny <PagingOptions>(), It.IsAny <SortOptions <Event, EventEntity> >(), It.IsAny <SearchOptions <Event, EventEntity> >(), It.IsAny <long>(), It.IsAny <CancellationToken>())).ReturnsAsync(sampleResult); PagingOptions pagingOptions = new PagingOptions() { Limit = 1, Offset = 1 }; SortOptions <Event, EventEntity> sortOptions = new SortOptions <Event, EventEntity>() { OrderBy = new string[] { "" } }; SearchOptions <Event, EventEntity> searchOptions = new SearchOptions <Event, EventEntity>() { Search = new string[] { "" } }; CancellationToken ct = new CancellationToken(); bool report = false; // Act var result = await unitUnderTest.GetAllEventStatusReport( pagingOptions, sortOptions, searchOptions, report, ct); // Assert Assert.IsType <FileContentResult>(result); }
public Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, Product product) { if (product.SellerId == user.FindFirst(ClaimTypes.NameIdentifier).Value) { return(Task.FromResult(AuthorizationResult.Success())); } return(Task.FromResult(AuthorizationResult.Failed())); }
public override Task OnAuthorizationAsync(Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext context) { if (context.HttpContext.User.Claims.ToList()[2].Value == context.HttpContext.Connection.RemoteIpAddress.ToString()) { return(Task.FromResult(AuthorizationResult.Failed())); } // If there is another authorize filter, do nothing return(base.OnAuthorizationAsync(context)); }
public static IAuthorizationService GetStandardAuthorizationService(bool successful = true) { var fakeAuth = A.Fake <IAuthorizationService>(); A.CallTo(() => fakeAuth.AuthorizeAsync(new ClaimsPrincipal(), new object(), "Any")) .WithAnyArguments() .Returns(Task.FromResult(successful ? AuthorizationResult.Success() : AuthorizationResult.Failed())); return(fakeAuth); }
public async Task user_which_are_not_startech_leaders_cant_admin_the_members() { MockAuthorizationService(AuthorizationResult.Failed()); AuthorizationFilterContext context = CreateHttpContext(); var target = Create(); await target.OnAuthorizationAsync(context); context.Result.Should().BeOfType <UnauthorizedResult>(); }
public async Task when_user_is_member_but_not_leader_and_must_be_leader_is_true_StartechAuthorizationService_should_return_false() { var policy = StartechPolicyHelper.GetPolicyName(Startechs.Agile, true); AuthorizationService.Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), It.IsIn(policy))) .Returns(Task.Factory.StartNew(() => AuthorizationResult.Failed())); var target = Create(); var result = await target.IsMemberOrLeaderOf(Startechs.Agile); result.Should().BeFalse(); }
protected void UnauthorizeMember() { AuthorizationService.Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), It.IsIn(StartechPolicyHelper.AllStartechLeader))) .Returns(Task.Factory.StartNew(() => AuthorizationResult.Failed())); foreach (var startech in Enum.GetValues(typeof(Startechs)).Cast <Startechs>()) { var ThisLoopPolicy = StartechPolicyHelper.GetPolicyName(startech, MustBeLeader: true); AuthorizationService.Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), It.IsIn(ThisLoopPolicy))) .Returns(Task.Factory.StartNew(() => AuthorizationResult.Failed())); } }
public void WebCurrentUserAccessor_returns_user_with_correct_auth() { var authSettings = new AuthorizationSettings { Policies = new Dictionary <string, List <string> > { { "User", new List <string> { "AppUsers", "AppAdmins" } }, { "Admin", new List <string> { "AppAdmins" } } } }; var identityMock = new Mock <IIdentity>(); identityMock.Setup(i => i.Name).Returns("*****@*****.**"); var principalMock = new Mock <ClaimsPrincipal>(); principalMock.Setup(p => p.Identity).Returns(identityMock.Object); var httpContextMock = new Mock <HttpContext>(); httpContextMock.Setup(context => context.User) .Returns(principalMock.Object); var authServiceMock = new Mock <IAuthorizationService>(); authServiceMock.Setup(a => a.AuthorizeAsync(principalMock.Object, null, "User")) .Returns(Task.FromResult(AuthorizationResult.Success())); authServiceMock.Setup(a => a.AuthorizeAsync(principalMock.Object, null, "Admin")) .Returns(Task.FromResult(AuthorizationResult.Failed())); var httpContextAccessorMock = new Mock <IHttpContextAccessor>(); httpContextAccessorMock.Setup(a => a.HttpContext) .Returns(httpContextMock.Object); var accessor = new WebCurrentUserAccessor(httpContextAccessorMock.Object, new EmailUserNameFormatStrategy(), authServiceMock.Object, authSettings); var user = accessor.User; Assert.Equal("Name", user.Login); Assert.Contains("User", user.AuthorizedAs); Assert.DoesNotContain("Admin", user.AuthorizedAs); }
public async Task <AuthorizationResult> HandleRequirement(ActionExecutingContext context, NccAuthRequirement requirement, object model) { if (context.HttpContext.User == null) { return(AuthorizationResult.Failed()); } //var usersPolicyList = _nccUserAuthPolicyService.LoadByModulePolicy(PolicyHandler.NccAuthRequireHandler, requirement); return(AuthorizationResult.Success()); }
public void UpdatePatientDetails_ReturnsForbid_WhenNoPermissionAtNewMEOfficeLocation() { // Arrange AuthorizationServiceMock .SetupSequence(aus => aus.AuthorizeAsync( It.IsAny <ClaimsPrincipal>(), It.IsAny <ILocationPath>(), It.IsAny <IEnumerable <IAuthorizationRequirement> >())) .Returns(Task.FromResult(AuthorizationResult.Success())) .Returns(Task.FromResult(AuthorizationResult.Failed())); var expectedExaminationId = "expectedExaminationId"; var expectedExamination = new Examination() { ExaminationId = expectedExaminationId, }; var examinationRetrievalService = new Mock <IAsyncQueryHandler <ExaminationRetrievalQuery, Examination> >(); var patientDetailsUpdateService = new Mock <IAsyncQueryHandler <PatientDetailsUpdateQuery, Examination> >(); UsersRetrievalByOktaIdServiceMock .Setup(service => service.Handle(It.IsAny <UserRetrievalByOktaIdQuery>())) .Returns(Task.FromResult(AuthorizedUser)); examinationRetrievalService .Setup(service => service.Handle(It.IsAny <ExaminationRetrievalQuery>())) .Returns(Task.FromResult(expectedExamination)); patientDetailsUpdateService .Setup(pdus => pdus.Handle(It.IsAny <PatientDetailsUpdateQuery>())) .Returns(Task.FromResult(expectedExamination)); Controller = new PatientDetailsController( LoggerMock.Object, Mapper, UsersRetrievalByOktaIdServiceMock.Object, AuthorizationServiceMock.Object, PermissionServiceMock.Object, examinationRetrievalService.Object, patientDetailsUpdateService.Object, _locationParentsQueryServiceMock.Object); Controller.ControllerContext = GetControllerContext(); var expectedPutPatientDetailsRequest = new PutPatientDetailsRequest(); // Act var response = Controller.UpdatePatientDetails(expectedExaminationId, expectedPutPatientDetailsRequest).Result; // Assert var taskResult = response.Should().BeOfType <ActionResult <PutPatientDetailsResponse> >().Subject; taskResult.Result.Should().BeAssignableTo <ForbidResult>(); }
public void WhenUsageTypeIsNotAllowed_AuthServiceShouldThrowUnauthorizedAccessException(UsageType usageType, string requirement) { // arrange var entity = new Mock <IEntity>(); _authorizationService .Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <IEntity>(), It.IsAny <IEnumerable <IAuthorizationRequirement> >())) .ReturnsAsync(AuthorizationResult.Failed()); // act & assert Assert.ThrowsAsync(typeof(UnauthorizedAccessException), () => _subject.EnsureAuthorizedUserAsync(usageType, entity.Object)); }
public async Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal User, object Resource, IEnumerable <IAuthorizationRequirement> Requirements) { if (User.Identity.IsAuthenticated) { return(await Task.FromResult(AuthorizationResult.Success())); } else { return(await Task.FromResult(AuthorizationResult.Failed())); } }
public AuthorizationResult Evaluate(AuthorizationHandlerContext context) { if (context.HasSucceeded) { return(AuthorizationResult.Success()); } return(AuthorizationResult.Failed( context.HasFailed ? AuthorizationFailure.ExplicitFail() : AuthorizationFailure.Failed(context.PendingRequirements) )); }
public AuthorizationResult Evaluate(AuthorizationHandlerContext context) { if (context.HasFailed == true) { return(AuthorizationResult.Failed(AuthorizationFailure.ExplicitFail())); } var success = context.PendingRequirements.Count() < context.Requirements.Count(); return(success ? AuthorizationResult.Success() : AuthorizationResult.Failed(AuthorizationFailure.ExplicitFail())); }
public Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, IEnumerable <IAuthorizationRequirement> requirements) { var httpcontext = resource as AuthorizationFilterContext; if (TokenValidate(httpcontext.HttpContext).Succeeded) { var rotedata = httpcontext.RouteData; var _controllerName = rotedata.Values["controller"]?.ToString(); var _actionName = rotedata.Values["action"]?.ToString(); var _areaName = rotedata.Values["area"]?.ToString(); } return(Task.FromResult(AuthorizationResult.Failed())); }
Mock <IAuthorizationService> CreateAuthorizationServiceMockThatDoesNotAuthorizeUser() { var authorizationServiceMock = new Mock <IAuthorizationService>(); authorizationServiceMock.Setup( x => x.AuthorizeAsync( It.IsAny <ClaimsPrincipal>(), It.IsAny <Product>(), It.IsAny <IEnumerable <IAuthorizationRequirement> >()) ) .ReturnsAsync(AuthorizationResult.Failed()); return(authorizationServiceMock); }
protected override void Given() { base.Given(); _authorizationServiceMock.Setup(m => m.AuthorizeAsync( It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), PolicyNames.CanEditReport)) .Returns(Task.FromResult(AuthorizationResult.Success())); _authorizationServiceMock.Setup(m => m.AuthorizeAsync( It.IsAny <ClaimsPrincipal>(), It.IsAny <object>(), PolicyNames.CanSubmitReport)) .Returns(Task.FromResult(AuthorizationResult.Failed())); }
public async Task GetAllEventsExcel_StateUnderTest_ExpectedBehavior_UnauthorizedUser() { // Arrange var unitUnderTest = this.CreateEventsController(); this.mockAuthorizationService.Setup( r => r.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), It.IsAny <string>(), It.IsAny <string>()) ).ReturnsAsync(AuthorizationResult.Failed()); PagedResults <EventReport> sampleResult = new PagedResults <EventReport> { Items = Enumerable.Empty <EventReport>() }; this.mockUserBusiness.Setup(r => r.GetUserIdAsync(It.IsAny <ClaimsPrincipal>())).ReturnsAsync(new Guid()); this.mockEventBusiness.Setup(r => r.GetAllForExcelAsync( It.IsAny <PagingOptions>(), It.IsAny <SortOptions <Event, EventEntity> >(), It.IsAny <SearchOptions <Event, EventEntity> >(), It.IsAny <long>(), It.IsAny <CancellationToken>()) ).ReturnsAsync(sampleResult); bool report = false; PagingOptions pagingOptions = new PagingOptions() { Limit = 1, Offset = 1 }; SortOptions <Event, EventEntity> sortOptions = new SortOptions <Event, EventEntity>() { OrderBy = new string[] { "" } }; SearchOptions <Event, EventEntity> searchOptions = new SearchOptions <Event, EventEntity>() { Search = new string[] { "" } }; CancellationToken ct = new CancellationToken(); // Act var result = await unitUnderTest.GetAllEventsExcel( report, pagingOptions, sortOptions, searchOptions, ct); // Assert Assert.IsType <FileContentResult>(result); }
public void IndexShowsLoginLinkWhenUnAuthorized() { Services.AddAuthenticationServices(TestAuthenticationStateProvider.CreateUnauthenticationState(), AuthorizationResult.Failed()); Services.AddScoped <MockNavigationManager, MockNavigationManager>(); var wrapper = RenderComponent <CascadingAuthenticationState>(p => p.AddChildContent <Index>()); // Arrange var cut = wrapper.FindComponent <Index>(); Assert.DoesNotContain("Select a Frequency, or create a new one", cut.Markup); cut.Find("a").MarkupMatches(@"<a href=""/login"">Log In</a>"); }