huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update security stamp when setting username

This commit is contained in:
Suhas Joshi 2015-03-27 15:32:00 -07:00
parent afff831d62
commit 791173fda8
2 changed files with 54 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/Microsoft.AspNet.Identity/UserManager.cs
View File

@ -494,17 +494,12 @@ namespace Microsoft.AspNet.Identity
using (await BeginLoggingScopeAsync(user))
{
await UpdateUserName(user, userName);
await Store.SetUserNameAsync(user, userName, CancellationToken);
await UpdateSecurityStampInternal(user);
return Logger.Log(await UpdateUserAsync(user));
}
}
private async Task UpdateUserName(TUser user, string userName)
{
await Store.SetUserNameAsync(user, userName, CancellationToken);
await UpdateNormalizedUserNameAsync(user);
}
/// <summary>
/// Get the user's id
/// </summary>
@ -540,7 +535,7 @@ namespace Microsoft.AspNet.Identity
Logger.Log(await UpdateUserAsync(user));
}
return Logger.Log(result != PasswordVerificationResult.Failed);
return Logger.Log(result != PasswordVerificationResult.Failed);
}
}
@ -1945,7 +1940,7 @@ namespace Microsoft.AspNet.Identity
return Logger.Log(IdentityResult.Success);
}
await store.ResetAccessFailedCountAsync(user, CancellationToken);
return Logger.Log(await UpdateUserAsync(user));
return Logger.Log(await UpdateUserAsync(user));
}
}
@ -1998,7 +1993,6 @@ namespace Microsoft.AspNet.Identity
var state = Resources.FormatLoggingResultMessageForUser(methodName, await GetUserIdAsync(user));
return Logger?.BeginScope(state);
}
private void ThrowIfDisposed()
{

59
test/Shared/UserManagerTestBase.cs
View File

@ -128,15 +128,56 @@ namespace Microsoft.AspNet.Identity.Test
}
[Fact]
public async Task CanSetUserName()
public async Task CheckSetUserNameValidatesUser()
{
var manager = CreateManager();
var user = CreateTestUser("UpdateAsync");
manager.UserValidators.Add(new UserValidator<TUser>());
var username = "UpdateAsync" + Guid.NewGuid().ToString();
var newUsername = "New" + Guid.NewGuid().ToString();
var user = CreateTestUser(username, useNamePrefixAsUserName: true);
IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
Assert.Null(await manager.FindByNameAsync("New"));
IdentityResultAssert.IsSuccess(await manager.SetUserNameAsync(user, "New"));
Assert.NotNull(await manager.FindByNameAsync("New"));
Assert.Null(await manager.FindByNameAsync("UpdateAsync"));
Assert.Null(await manager.FindByNameAsync(newUsername));
IdentityResultAssert.IsSuccess(await manager.SetUserNameAsync(user, newUsername));
Assert.NotNull(await manager.FindByNameAsync(newUsername));
Assert.Null(await manager.FindByNameAsync(username));
var newUser = CreateTestUser(username, useNamePrefixAsUserName: true);
IdentityResultAssert.IsSuccess(await manager.CreateAsync(newUser));
IdentityResultAssert.IsFailure(await manager.SetUserNameAsync(newUser, ""), IdentityErrorDescriber.Default.InvalidUserName(""));
IdentityResultAssert.IsFailure(await manager.SetUserNameAsync(newUser, newUsername), IdentityErrorDescriber.Default.DuplicateUserName(newUsername));
}
[Fact]
public async Task SetUserNameUpdatesSecurityStamp()
{
var manager = CreateManager();
var username = "UpdateAsync" + Guid.NewGuid().ToString();
var newUsername = "New" + Guid.NewGuid().ToString();
var user = CreateTestUser(username, useNamePrefixAsUserName: true);
IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
var stamp = await manager.GetSecurityStampAsync(user);
Assert.Null(await manager.FindByNameAsync(newUsername));
IdentityResultAssert.IsSuccess(await manager.SetUserNameAsync(user, newUsername));
Assert.NotEqual(stamp, await manager.GetSecurityStampAsync(user));
}
[Fact]
public async Task CheckSetEmailValidatesUser()
{
var manager = CreateManager();
manager.Options.User.RequireUniqueEmail = true;
manager.UserValidators.Add(new UserValidator<TUser>());
var random = new Random();
var email = "foo" + random.Next() + "@example.com";
var newEmail = "bar" + random.Next() + "@example.com";
var user = CreateTestUser(email: email);
IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
IdentityResultAssert.IsSuccess(await manager.SetEmailAsync(user, newEmail));
var newUser = CreateTestUser(email: email);
IdentityResultAssert.IsSuccess(await manager.CreateAsync(newUser));
IdentityResultAssert.IsFailure(await manager.SetEmailAsync(newUser, newEmail), IdentityErrorDescriber.Default.DuplicateEmail(newEmail));
IdentityResultAssert.IsFailure(await manager.SetEmailAsync(newUser, ""), IdentityErrorDescriber.Default.InvalidEmail(""));
}
[Fact]
@ -1019,7 +1060,7 @@ namespace Microsoft.AspNet.Identity.Test
{
var manager = CreateRoleManager();
var roleName = "delete" + Guid.NewGuid().ToString();
var role = CreateTestRole(roleName, useRoleNamePrefixAsRoleName:true);
var role = CreateTestRole(roleName, useRoleNamePrefixAsRoleName: true);
Assert.False(await manager.RoleExistsAsync(roleName));
IdentityResultAssert.IsSuccess(await manager.CreateAsync(role));
Assert.True(await manager.RoleExistsAsync(roleName));
@ -1118,7 +1159,7 @@ namespace Microsoft.AspNet.Identity.Test
var userMgr = CreateManager(context);
var roleMgr = CreateRoleManager(context);
var roleName = "delete" + Guid.NewGuid().ToString();
var role = CreateTestRole(roleName, useRoleNamePrefixAsRoleName:true);
var role = CreateTestRole(roleName, useRoleNamePrefixAsRoleName: true);
Assert.False(await roleMgr.RoleExistsAsync(roleName));
IdentityResultAssert.IsSuccess(await roleMgr.CreateAsync(role));
var user = CreateTestUser();
@ -1276,7 +1317,7 @@ namespace Microsoft.AspNet.Identity.Test
var userMgr = CreateManager(context);
var roleMgr = CreateRoleManager(context);
var roleName = "addUserDupeTest" + Guid.NewGuid().ToString();
var role = CreateTestRole(roleName, useRoleNamePrefixAsRoleName:true);
var role = CreateTestRole(roleName, useRoleNamePrefixAsRoleName: true);
var user = CreateTestUser();
IdentityResultAssert.IsSuccess(await userMgr.CreateAsync(user));
IdentityResultAssert.IsSuccess(await roleMgr.CreateAsync(role));