fix bug in authenticate related to logging in before account is verified. #496

brockallen · brockallen · commit da3ad4f58d39 · 2015-02-10T10:14:57.000-05:00
diff --git a/src/BrockAllen.MembershipReboot.Test/AccountService/UserAccountServiceTests.cs b/src/BrockAllen.MembershipReboot.Test/AccountService/UserAccountServiceTests.cs
@@ -2467,8 +2467,20 @@ public void SendUsernameReminder_EmailIsNotUnique_Fails()
                 Assert.Fail();
             }
             catch (InvalidOperationException) { }
-            
         }
 
+        [TestMethod]
+        public void Logging_in_before_account_is_verified_does_not_cause_account_to_have_last_login_set()
+        {
+            configuration.RequireAccountVerification = true;
+
+            var acct = subject.CreateAccount("test", "pass", "test@test.com");
+
+            var result = subject.Authenticate("test", "pass");
+            Assert.IsFalse(result);
+
+            acct = subject.GetByID(acct.ID);
+            Assert.IsTrue(acct.IsNew());
+        }
     }
 }
diff --git a/src/BrockAllen.MembershipReboot/AccountService/UserAccountService.cs b/src/BrockAllen.MembershipReboot/AccountService/UserAccountService.cs
@@ -902,7 +902,7 @@ protected virtual bool Authenticate(TAccount account, string password)
                     {
                         Tracing.Error("[UserAccountService.Authenticate] failed -- account not verified");
                         this.AddEvent(new AccountNotVerifiedEvent<TAccount>() { Account = account });
-                        result = false;
+                        return false;
                     }
 
                     Tracing.Verbose("[UserAccountService.Authenticate] authentication success");

Original file line number	Diff line number	Diff line change
`@@ -2467,8 +2467,20 @@ public void SendUsernameReminder_EmailIsNotUnique_Fails()`
`2467`	`2467`	`Assert.Fail();`
`2468`	`2468`	`}`
`2469`	`2469`	`catch (InvalidOperationException) { }`
`2470`		`-`
`2471`	`2470`	`}`
`2472`	`2471`
	`2472`	`+ [TestMethod]`
	`2473`	`+ public void Logging_in_before_account_is_verified_does_not_cause_account_to_have_last_login_set()`
	`2474`	`+ {`
	`2475`	`+ configuration.RequireAccountVerification = true;`
	`2476`	`+`
	`2477`	`+ var acct = subject.CreateAccount("test", "pass", "[email protected]");`
	`2478`	`+`
	`2479`	`+ var result = subject.Authenticate("test", "pass");`
	`2480`	`+ Assert.IsFalse(result);`
	`2481`	`+`
	`2482`	`+ acct = subject.GetByID(acct.ID);`
	`2483`	`+ Assert.IsTrue(acct.IsNew());`
	`2484`	`+ }`
`2473`	`2485`	`}`
`2474`	`2486`	`}`
Original file line number	Diff line number	Diff line change
`@@ -902,7 +902,7 @@ protected virtual bool Authenticate(TAccount account, string password)`
`902`	`902`	`{`
`903`	`903`	`Tracing.Error("[UserAccountService.Authenticate] failed -- account not verified");`
`904`	`904`	`this.AddEvent(new AccountNotVerifiedEvent<TAccount>() { Account = account });`
`905`		`- result = false;`
	`905`	`+ return false;`
`906`	`906`	`}`
`907`	`907`
`908`	`908`	`Tracing.Verbose("[UserAccountService.Authenticate] authentication success");`