修改BUG:登录用户名不存在时程序崩溃 #IS1QC

This commit is contained in:
Argo-Surface 2019-02-27 01:41:56 +08:00
parent 8cf71a1595
commit 0e9bbc7571
4 changed files with 20 additions and 2 deletions

View File

@ -48,7 +48,7 @@ namespace Bootstrap.DataAccess.MongoDB
if (string.IsNullOrEmpty(userName) && string.IsNullOrEmpty(password)) return false; if (string.IsNullOrEmpty(userName) && string.IsNullOrEmpty(password)) return false;
var u = DbManager.Users.Find(user => user.UserName.ToLowerInvariant() == userName.ToLowerInvariant()).FirstOrDefault(); var u = DbManager.Users.Find(user => user.UserName.ToLowerInvariant() == userName.ToLowerInvariant()).FirstOrDefault();
return !string.IsNullOrEmpty(u.PassSalt) && u.Password == LgbCryptography.ComputeHash(password, u.PassSalt); return u != null && !string.IsNullOrEmpty(u.PassSalt) && u.Password == LgbCryptography.ComputeHash(password, u.PassSalt);
} }
/// <summary> /// <summary>

View File

@ -78,7 +78,7 @@ namespace Bootstrap.DataAccess
{ {
var user = DbManager.Create().SingleOrDefault<User>("select Password, PassSalt from Users where ApprovedTime is not null and UserName = @0", userName); var user = DbManager.Create().SingleOrDefault<User>("select Password, PassSalt from Users where ApprovedTime is not null and UserName = @0", userName);
return !string.IsNullOrEmpty(user.PassSalt) && user.Password == LgbCryptography.ComputeHash(password, user.PassSalt); return user != null && !string.IsNullOrEmpty(user.PassSalt) && user.Password == LgbCryptography.ComputeHash(password, user.PassSalt);
} }
/// <summary> /// <summary>

View File

@ -15,6 +15,14 @@ namespace Bootstrap.Admin.Api
Assert.NotNull(_token); Assert.NotNull(_token);
} }
[Fact]
public async void Login_Fail()
{
var resq = await Client.PostAsJsonAsync("", new { userName = "Admin-NotExists", password = "123789" });
var _token = await resq.Content.ReadAsStringAsync();
Assert.Equal("", _token);
}
[Fact] [Fact]
public async void Option_Ok() public async void Option_Ok()
{ {

View File

@ -20,6 +20,16 @@ namespace Bootstrap.DataAccess
Assert.True(u.Authenticate("Admin", "123789")); Assert.True(u.Authenticate("Admin", "123789"));
} }
/// <summary>
///
/// </summary>
[Fact]
public void Authenticate_Fail()
{
var u = new User();
Assert.False(u.Authenticate("Admin-NotExists", "123789"));
}
[Fact] [Fact]
public void ChangePassword_Ok() public void ChangePassword_Ok()
{ {