forked from ServiceStack/ServiceStack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathOrmLiteUserAuthRepositoryTests.cs
More file actions
130 lines (110 loc) · 4.29 KB
/
OrmLiteUserAuthRepositoryTests.cs
File metadata and controls
130 lines (110 loc) · 4.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
// Copyright (c) Service Stack LLC. All Rights Reserved.
// License: https://raw.github.com/ServiceStack/ServiceStack/master/license.txt
using System.Net;
using NUnit.Framework;
using ServiceStack.Auth;
using ServiceStack.Data;
using ServiceStack.OrmLite;
using ServiceStack.Testing;
namespace ServiceStack.Common.Tests.OAuth
{
public class OrmLiteUserAuthRepositoryTests
{
private ServiceStackHost appHost;
[TestFixtureSetUp]
public void TestFixtureSetUp()
{
appHost = new BasicAppHost
{
ConfigureAppHost = host =>
{
host.Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider[] {
new CredentialsAuthProvider(),
}));
},
ConfigureContainer = container =>
{
container.Register<IDbConnectionFactory>(c =>
new OrmLiteConnectionFactory(":memory:", SqliteDialect.Provider) {
AutoDisposeConnection = false,
});
container.Register<IUserAuthRepository>(c => new OrmLiteAuthRepository(c.Resolve<IDbConnectionFactory>()));
container.Resolve<IUserAuthRepository>().InitSchema();
}
}.Init();
}
[TestFixtureTearDown]
public void TestFixtureTearDown()
{
appHost.Dispose();
}
private object RegisterUser(string email = "as@if.com")
{
using (var db = appHost.Resolve<IDbConnectionFactory>().Open())
{
db.Delete<UserAuth>(q => q.Email == email);
}
var response = appHost.ExecuteService(new Register
{
Password = "p@55word",
Email = email,
DisplayName = "DisplayName",
FirstName = "FirstName",
LastName = "LastName",
});
Assert.That(response as RegisterResponse, Is.Not.Null, response.ToString());
return response;
}
[Test]
public void Can_attempt_multiple_invalid_logins_without_being_locked_out()
{
RegisterUser(email: "as@if.com");
3.Times(() =>
{
var response = appHost.ExecuteService(new Authenticate
{
UserName = "as@if.com",
Password = "wrongpassword"
});
});
using (var db = appHost.Resolve<IDbConnectionFactory>().Open())
{
var user = db.Single<UserAuth>(q => q.Email == "as@if.com");
Assert.That(user.LockedDate, Is.Null);
}
}
[Test]
public void Does_lockout_user_after_reaching_max_invalid_logins_limit()
{
RegisterUser(email: "as@if.com");
var authRepo = (OrmLiteAuthRepository)appHost.Resolve<IUserAuthRepository>();
authRepo.MaxLoginAttempts = 3;
authRepo.MaxLoginAttempts.Value.Times(i =>
{
appHost.ExecuteService(new Authenticate {
UserName = "as@if.com",
Password = "wrongpassword"
});
using (var db = appHost.Resolve<IDbConnectionFactory>().Open())
{
var user = db.Single<UserAuth>(q => q.Email == "as@if.com");
Assert.That(user.LastLoginAttempt, Is.Not.Null);
Assert.That(user.InvalidLoginAttempts, Is.EqualTo(i + 1)); //0 index
}
});
using (var db = appHost.Resolve<IDbConnectionFactory>().Open())
{
var user = db.Single<UserAuth>(q => q.Email == "as@if.com");
Assert.That(user.LockedDate, Is.Not.Null);
}
var response = appHost.ExecuteService(new Authenticate
{
UserName = "as@if.com",
Password = "p@55word"
});
var httpError = (HttpError)response;
Assert.That(httpError.Message, Is.EqualTo("This account has been locked"));
Assert.That(httpError.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
}
}
}