How can I unit test my ASP.NET MVC controller that uses FormsAuthentication?

maz picture maz · Dec 14, 2008 · Viewed 11.8k times · Source

I'm working with a ASP.NET MVC solution in a test driven manner and I want to login a user to my application using forms authentication. The code I would like to end up with in the controller looks something like this:

FormsAuthentication.SetAuthCookie(userName, false);

My question is how do I write a test to justify this code?

Is there a way to check that the SetAuthCookie method was called with the correct parameters?

Is there any way of injecting a fake/mock FormsAuthentication?

Answer

Darin Dimitrov picture Darin Dimitrov · Dec 14, 2008

I would start by writing an interface and a wrapper class that will encapsulate this logic and then use the interface in my controller:

public interface IAuth 
{
    void DoAuth(string userName, bool remember);
}

public class FormsAuthWrapper : IAuth 
{
    public void DoAuth(string userName, bool remember) 
    {
        FormsAuthentication.SetAuthCookie(userName, remember);
    }
}

public class MyController : Controller 
{
    private readonly IAuth _auth;

    public MyController(IAuth auth) 
    {
        _auth = auth;
    }

}

Now IAuth could be easily mocked in a unit test and verify that the controller calls the expected methods on it. I would NOT unit test the FormsAuthWrapper class because it just delegates the call to the FormsAuthentication which does what it is supposed to do (Microsoft guarantee :-)).