How to write failed unit test case for controller actions with Authorize attribute

My current structure of my application is -

    public class MyController : Controller
    {
        private readonly MyRepository _repository;
        [Authorize]
        public ActionResult Index()
        {
            var items = _repository.GetAllItems();
            if (items.Count() == 0)
                 return View("EmptyItems");
            else
            {
                 return View("List", items);
            }
        }
    }
    public class Repository : IRepository
    {
        public IEnumerable<TodoListModel> GetAllTodoItems()
        {
             var userid = _securityService.GetUser();
             var list = _dbcontext.TotalItems.Where(e => e.UserId == userid);

             return list;
        }
    }

Below is the unit test method I have written. Below unit test always succeeds. Could someone please advise how do I write unit to check if the user is authenticated or not from my code above ? I am new to MVC so any detailed explanation would be much appreciated.

    [TestMethod]
    public void IndexAction_Should_Return_View_For_AllItems()
    {
        //Arrage            
        var controller = MyController();

        //Act
        var result = controller.Index();

        //Asset
        Assert.IsNotNull(result as ViewResult);
    }