lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-11-28 17:32:44 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
e225650203c8d2afa7ff482434e5d581462bd1d9
Orchard/src/Orchard.Tests.Packages/Users/Services/MembershipServiceTests.cs
loudej e225650203 Adding password storage and verification. Clear and hashed supported. Hashed is default, uses SHA1 with unique salt per user. 
--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4040935
2009-11-17 05:52:23 +00:00

124 lines
4.8 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Security;
using Autofac;
using Autofac.Builder;
using Autofac.Modules;
using NHibernate;
using NUnit.Framework;
using Orchard.Data;
using Orchard.Models;
using Orchard.Models.Driver;
using Orchard.Models.Records;
using Orchard.Security;
using Orchard.Users.Models;
using Orchard.Users.Services;
namespace Orchard.Tests.Packages.Users.Services {
[TestFixture]
public class MembershipServiceTests {
private IMembershipService _membershipService;
private ISessionFactory _sessionFactory;
private ISession _session;
private IContainer _container;
public class TestSessionLocator : ISessionLocator {
private readonly ISession _session;
public TestSessionLocator(ISession session) {
_session = session;
}
public ISession For(Type entityType) {
return _session;
}
}
[TestFixtureSetUp]
public void InitFixture() {
var databaseFileName = System.IO.Path.GetTempFileName();
_sessionFactory = DataUtility.CreateSessionFactory(
databaseFileName,
typeof(UserRecord),
typeof(ModelRecord),
typeof(ModelTypeRecord));
}
[TestFixtureTearDown]
public void TermFixture() {
}
[SetUp]
public void Init() {
var builder = new ContainerBuilder();
builder.RegisterModule(new ImplicitCollectionSupportModule());
builder.Register<MembershipService>().As<IMembershipService>();
builder.Register<DefaultModelManager>().As<IModelManager>();
builder.Register<UserDriver>().As<IModelDriver>();
builder.RegisterGeneric(typeof(Repository<>)).As(typeof(IRepository<>));
_session = _sessionFactory.OpenSession();
builder.Register(new TestSessionLocator(_session)).As<ISessionLocator>();
_container = builder.Build();
_membershipService = _container.Resolve<IMembershipService>();
}
[Test]
public void CreateUserShouldAllocateModelAndCreateRecords() {
var user = _membershipService.CreateUser(new CreateUserParams("a", "b", "c", null, null, true));
Assert.That(user.UserName, Is.EqualTo("a"));
Assert.That(user.Email, Is.EqualTo("c"));
}
[Test]
public void DefaultPasswordFormatShouldBeHashedAndHaveSalt() {
var user = _membershipService.CreateUser(new CreateUserParams("a", "b", "c", null, null, true));
var userRepository = _container.Resolve<IRepository<UserRecord>>();
var userRecord = userRepository.Get(user.Id);
Assert.That(userRecord.PasswordFormat, Is.EqualTo(MembershipPasswordFormat.Hashed));
Assert.That(userRecord.Password, Is.Not.EqualTo("b"));
Assert.That(userRecord.PasswordSalt, Is.Not.Null);
Assert.That(userRecord.PasswordSalt, Is.Not.Empty);
}
[Test]
public void SaltAndPasswordShouldBeDifferentEvenWithSameSourcePassword() {
var user1 = _membershipService.CreateUser(new CreateUserParams("a", "b", "c", null, null, true));
_session.Flush();
_session.Clear();
var user2 = _membershipService.CreateUser(new CreateUserParams("d", "b", "e", null, null, true));
_session.Flush();
_session.Clear();
var userRepository = _container.Resolve<IRepository<UserRecord>>();
var user1Record = userRepository.Get(user1.Id);
var user2Record = userRepository.Get(user2.Id);
Assert.That(user1Record.PasswordSalt, Is.Not.EqualTo(user2Record.PasswordSalt));
Assert.That(user1Record.Password, Is.Not.EqualTo(user2Record.Password));
Assert.That(_membershipService.ValidateUser("a", "b"), Is.Not.Null);
Assert.That(_membershipService.ValidateUser("d", "b"), Is.Not.Null);
}
[Test]
public void ValidateUserShouldReturnNullIfUserOrPasswordIsIncorrect() {
_membershipService.CreateUser(new CreateUserParams("test-user", "test-password", "c", null, null, true));
_session.Flush();
_session.Clear();
var validate1 = _membershipService.ValidateUser("test-user", "bad-password");
var validate2 = _membershipService.ValidateUser("bad-user", "test-password");
var validate3 = _membershipService.ValidateUser("test-user", "test-password");
Assert.That(validate1, Is.Null);
Assert.That(validate2, Is.Null);
Assert.That(validate3, Is.Not.Null);
}
}
}
Reference in New Issue View Git Blame Copy Permalink