2025-03-03 00:42:20 +01:00
|
|
|
using LightBDD.Framework;
|
|
|
|
|
using LightBDD.Framework.Scenarios;
|
|
|
|
|
using LightBDD.MsTest3;
|
|
|
|
|
using PlanTempus.X.Services;
|
|
|
|
|
using Shouldly;
|
|
|
|
|
|
|
|
|
|
namespace PlanTempus.X.BDD.FeatureFixtures;
|
|
|
|
|
[TestClass]
|
2025-03-03 17:40:16 +01:00
|
|
|
[FeatureDescription(@"As a system administrator
|
|
|
|
|
I want to ensure account security is maintained
|
|
|
|
|
So users' data remains protected")]
|
2025-03-03 00:42:20 +01:00
|
|
|
public partial class AccountSecuritySpecs : FeatureFixture
|
|
|
|
|
{
|
|
|
|
|
IUserService _userService;
|
|
|
|
|
IEmailService _emailService;
|
|
|
|
|
IOrganizationService _organizationService;
|
|
|
|
|
IAuthService _authService;
|
|
|
|
|
|
|
|
|
|
protected User _currentUser;
|
|
|
|
|
protected DateTime? _lockoutEnd;
|
|
|
|
|
protected bool _isLocked;
|
|
|
|
|
protected bool _loginSuccessful;
|
|
|
|
|
|
|
|
|
|
public async Task Given_user_exists(string email)
|
|
|
|
|
{
|
|
|
|
|
_currentUser = await _userService.GetUserByEmailAsync(email);
|
|
|
|
|
if (_currentUser == null)
|
|
|
|
|
{
|
|
|
|
|
_currentUser = await _userService.CreateUserAsync(email, "Test User");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public async Task When_I_attempt_5_failed_logins_within_5_minutes()
|
|
|
|
|
{
|
|
|
|
|
for (var i = 0; i < 5; i++)
|
|
|
|
|
{
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
await _authService.AttemptLoginAsync(_currentUser.Email, "WrongPassword");
|
|
|
|
|
}
|
|
|
|
|
catch
|
|
|
|
|
{
|
|
|
|
|
// Expected exception with wrong password
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public async Task Then_the_account_should_be_locked()
|
|
|
|
|
{
|
|
|
|
|
_currentUser = _userService.GetUserByEmail(_currentUser.Email);
|
|
|
|
|
_isLocked = _currentUser.IsLocked;
|
|
|
|
|
_isLocked.ShouldBeTrue();
|
|
|
|
|
|
|
|
|
|
await Task.CompletedTask;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public async Task And_lockout_end_should_be_set()
|
|
|
|
|
{
|
|
|
|
|
_lockoutEnd = _currentUser.LockoutEnd;
|
|
|
|
|
_lockoutEnd.ShouldNotBeNull();
|
|
|
|
|
_lockoutEnd.Value.ShouldBeGreaterThan(DateTime.UtcNow);
|
|
|
|
|
|
|
|
|
|
await Task.CompletedTask;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public async Task And_subsequent_login_attempts_should_fail_until_lockout_end()
|
|
|
|
|
{
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
_loginSuccessful = await _authService.AttemptLoginAsync(_currentUser.Email, _currentUser.Password);
|
|
|
|
|
}
|
|
|
|
|
catch
|
|
|
|
|
{
|
|
|
|
|
_loginSuccessful = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_loginSuccessful.ShouldBeFalse();
|
|
|
|
|
}
|
|
|
|
|
}
|
