示例#1
0
        public void LoginPost_UserFoundButPasswordIncorrect_LoginFails()
        {
            // setup
            UserModel user = new UserModel()
            {
                Id       = Guid.NewGuid(),
                UserName = "******",
                Password = "******"
            };

            _userRepo.GetByUserName(user.UserName).Returns(user);

            _passwordProvider.CheckPassword(Arg.Any <string>(), Arg.Any <string>()).Returns(false);

            var browser = CreateBrowser(null);

            // execute
            var response = browser.Post(Actions.Login.Default, (with) =>
            {
                with.HttpRequest();
                with.FormValue("UserName", "admin");
                with.FormValue("Password", "password");
            });

            // assert
            Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
            _passwordProvider.Received(1).CheckPassword(Arg.Any <string>(), Arg.Any <string>());

            BasicResult result = JsonConvert.DeserializeObject <BasicResult>(response.Body.AsString());

            Assert.IsFalse(result.Success);

            _userRepo.Received(1).GetByUserName(user.UserName);
            _passwordProvider.Received(1).CheckPassword("password", user.Password);
        }
示例#2
0
        public void ChangePassword_PasswordValid_UpdatesAndSaves()
        {
            const string newPassword       = "******";
            const string oldPassword       = "******";
            string       salt              = Guid.NewGuid().ToString();
            string       newHashedPassword = Guid.NewGuid().ToString();

            // setup
            var currentUser = new UserIdentity()
            {
                Id = Guid.NewGuid(), UserName = "******"
            };
            var browser = new Browser((bootstrapper) =>
                                      bootstrapper.Module(new UserModule(_userStore, _userValidator, _passwordProvider))
                                      .RequestStartup((container, pipelines, context) => {
                context.CurrentUser = currentUser;
            })
                                      );

            UserModel user = new UserModel()
            {
                Id       = currentUser.Id,
                UserName = currentUser.UserName,
                Password = oldPassword
            };
            List <UserModel> users = new List <UserModel>()
            {
                user
            };

            _userStore.Users.Returns(users);

            _passwordProvider.GenerateSalt().Returns(salt);
            _passwordProvider.HashPassword(newPassword, salt).Returns(newHashedPassword);

            // execute
            var response = browser.Post(Actions.User.ChangePassword, (with) =>
            {
                with.HttpRequest();
                with.FormsAuth(currentUser.Id, new Nancy.Authentication.Forms.FormsAuthenticationConfiguration());
                with.FormValue("Password", newPassword);
                with.FormValue("ConfirmPassword", newPassword);
            });

            // assert
            Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);

            // check the result
            BasicResult result = JsonConvert.DeserializeObject <BasicResult>(response.Body.AsString());

            Assert.IsTrue(result.Success);
            Assert.AreEqual(0, result.Messages.Length);

            // make sure the user was updated and saved
            Assert.AreEqual(newHashedPassword, user.Password);
            _userStore.Received(1).Save();
            _passwordProvider.Received(1).GenerateSalt();
            _passwordProvider.Received(1).HashPassword(newPassword, salt);
        }
示例#3
0
        public void Load_FileDoesNotExist_CollectionCreatedWithAdminUser()
        {
            // setup
            _fileWrap.Exists(_path).Returns(false);

            // execute
            _userStore.Load();

            // assert
            _fileWrap.Received(1).Exists(_path);
            _fileWrap.DidNotReceive().ReadAllText(Arg.Any <String>());

            _passwordProvider.Received(1).HashPassword("admin", Arg.Any <string>());
            _passwordProvider.Received(1).GenerateSalt();

            Assert.AreEqual(1, _userStore.Users.Count);
            Assert.AreEqual("admin", _userStore.Users[0].UserName);
        }
示例#4
0
        public void Execute_ValidationSucceeds_PasswordIsHashed()
        {
            UserModel model          = DataHelper.CreateUserModel();
            string    salt           = Guid.NewGuid().ToString();
            string    hashedPassword = Guid.NewGuid().ToString();

            _userValidator.Validate(Arg.Any <UserModel>()).Returns(new ValidationResult());
            _passwordProvider.GenerateSalt().Returns(salt);
            _passwordProvider.HashPassword(model.Password, salt).Returns(hashedPassword);

            // execute
            UserModel result = _createUserCommand.Execute(model.UserName, model.Password, model.Role);

            // assert
            _passwordProvider.Received(1).GenerateSalt();
            _passwordProvider.Received(1).HashPassword(model.Password, salt);
            Assert.AreEqual(model.UserName, result.UserName);
            Assert.AreEqual(hashedPassword, result.Password);
            Assert.AreEqual(model.Role, result.Role);
        }
示例#5
0
        public void Execute_ValidationSucceeds_PasswordUpdated()
        {
            UserModel user = DataHelper.CreateUserModel();

            _userRepo.GetByUserName(user.UserName).Returns(user);
            string pwd  = Guid.NewGuid().ToString();
            string salt = Guid.NewGuid().ToString();

            _passwordProvider.GenerateSalt().Returns(salt);

            // execute
            _updateUserPasswordCommand.Execute(user.UserName, pwd);

            // assert
            _passwordProvider.Received(1).HashPassword(pwd, salt);
            _dbContext.Received(1).ExecuteNonQuery(Arg.Any <string>(), Arg.Any <object>());
        }