-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathsessions_controller_test.rb
111 lines (91 loc) · 2.98 KB
/
sessions_controller_test.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
require "test_helper"
class SessionsControllerTest < ActionDispatch::IntegrationTest
setup do
@unconfirmed_user = User.create!(email: "unconfirmed_user@example.com", password: "password", password_confirmation: "password")
@confirmed_user = User.create!(email: "confirmed_user@example.com", password: "password", password_confirmation: "password", confirmed_at: Time.current)
end
test "should get login if anonymous" do
get login_path
assert_response :ok
end
test "should redirect from login if authenticated" do
login @confirmed_user
get login_path
assert_redirected_to root_path
end
test "should login and create active session if confirmed" do
assert_difference("@confirmed_user.active_sessions.count") do
post login_path, params: {
user: {
email: @confirmed_user.email,
password: @confirmed_user.password
}
}
end
assert_redirected_to root_path
assert_equal @confirmed_user, current_user
end
test "should remember user when logging in" do
assert_nil cookies[:remember_token]
post login_path, params: {
user: {
email: @confirmed_user.email,
password: @confirmed_user.password,
remember_me: 1
}
}
assert_not_nil current_user
assert_not_nil cookies[:remember_token]
remember_me_cookie = cookies.get_cookie("remember_token")
assert remember_me_cookie.http_only?
assert remember_me_cookie.secure?
assert_equal "Strict", remember_me_cookie.to_h["SameSite"]
end
test "should forget user when logging out" do
login @confirmed_user, remember_user: true
delete logout_path
# FIXME: Expected "" to be nil.
# When I run byebug in SessionsController#destroy cookies[:remember_token] does == nil.
# I think this might be a bug in Rails?
# assert_nil cookies[:remember_token]
assert cookies[:remember_token].blank?
assert_nil current_user
assert_redirected_to root_path
assert_not_nil flash[:notice]
end
test "should not login if unconfirmed" do
post login_path, params: {
user: {
email: @unconfirmed_user.email,
password: @unconfirmed_user.password
}
}
assert_equal "Please confirm your email first.", flash[:alert]
assert_nil current_user
assert_redirected_to new_confirmation_path
end
test "should handle invalid login" do
post login_path, params: {
user: {
email: @confirmed_user.email,
password: "foo"
}
}
assert_not_nil flash[:alert]
assert_nil current_user
end
test "should logout and delete current active session if authenticated" do
login @confirmed_user
assert_difference("@confirmed_user.active_sessions.count", -1) do
delete logout_path
end
assert_nil current_user
assert_redirected_to root_path
assert_not_nil flash[:notice]
end
test "should not logout if anonymous" do
login @confirmed_user
delete logout_path
assert_redirected_to root_path
end
end