public async Task AccountService_CreateAccount_GeneratesPassword()
{
var repositoryMock = new EntityRepositoryMock();
var sut = new AccountService(repositoryMock, repositoryMock);
await sut.CreateAccount("*****@*****.**", "testpassword");
var account = repositoryMock.GetEntities <Account>().Single();
var hashedPassword = new HashedPassword(account.PasswordHash, account.PasswordSalt);
Assert.IsTrue(hashedPassword.EqualsPlainPassword("testpassword"), "Password not set correctly.");
}
/// <summary>
/// Checks a password for the specified account.
/// </summary>
/// <param name="email">E-Mail Address of the account to check the password for.</param>
/// <param name="password">Password that should match the password of the account.</param>
/// <returns>True, if the password matches the password of the account; otherwise false.</returns>
public async Task <bool> CheckAccountPassword(string email, string password)
{
// A non-existing account for the email will be treated as a normal
// failed password check to not disclose the information about the existence.
var account = await GetAccountByEmail(email, suppressException : true);
if (account == null)
{
return(false);
}
var hashedPassword = new HashedPassword(account.PasswordHash, account.PasswordSalt);
return(hashedPassword.EqualsPlainPassword(password));
}
public async Task AccountService_ChangePassword_ChangesPassword()
{
var repositoryMock = new EntityRepositoryMock();
var sut = new AccountService(repositoryMock, repositoryMock);
repositoryMock.Add(new Account
{
Id = 1,
EmailAddress = "*****@*****.**"
});
await sut.ChangePassword(1, "testpassword");
var account = repositoryMock.GetEntities <Account>().Single();
var hashedPassword = new HashedPassword(account.PasswordHash, account.PasswordSalt);
Assert.IsNotNull(account.PasswordHash, "account.PasswordHash");
Assert.IsNotNull(account.PasswordSalt, "account.PasswordSalt");
Assert.IsTrue(hashedPassword.EqualsPlainPassword("testpassword"), "Password not set correctly.");
}