require File.dirname(__FILE__) + '/../spec_helper'
def login_as(user)
request.session[:user] = user ? users(user).id : nil
end
def create_user(options = {})
post :signup, :user => { :login => 'quire', :email => 'quire@example.com',
:password => 'quire', :password_confirmation => 'quire' }.merge(options)
end
def auth_token(token)
CGI::Cookie.new('name' => 'auth_token', 'value' => token)
end
def cookie_for(user)
auth_token users(user).remember_token
end
context "The AccountController" do
fixtures :users
controller_name :account
specify "should be a AccountController" do
controller.should_be_an_instance_of AccountController
end
specify "should redirect after successful login" do
post :login, :login => 'quentin', :password => 'test'
session[:user].should_not_be_nil
response.should_be_redirect
end
specify "should not redirect after failed login" do
post :login, :login => 'quentin', :password => 'bad password'
session[:user].should_be_nil
response.should_be_success
end
specify "should allow signup" do
expected_users = User.count + 1
create_user
response.should_be_redirect
User.count.should == expected_users
end
specify "should require login on signup" do
expected_users = User.count
create_user(:login => nil)
assigns(:user).errors.on(:login).should_not_be_nil
response.should_be_success
end
specify "should require password on signup" do
expected_users = User.count
create_user(:password => nil)
assigns(:user).errors.on(:password).should_not_be_nil
response.should_be_success
end
specify "should require password confirmation on signup" do
expected_users = User.count
create_user(:password_confirmation => nil)
assigns(:user).errors.on(:password_confirmation).should_not_be_nil
response.should_be_success
end
specify "should require email on signup" do
expected_users = User.count
create_user(:email => nil)
assigns(:user).errors.on(:email).should_not_be_nil
response.should_be_success
end
specify "should log out when requested" do
login_as :quentin
get :logout
session[:user].should_not_be_nil
response.should_be_redirect
end
specify "should remember me" do
post :login, :login => 'quentin', :password => 'test', :remember_me => '1'
response.cookies["auth_token"].should_not_be_nil
end
specify "should not remember me" do
post :login, :login => 'quentin', :password => 'test', :remember_me => '0'
response.cookies["auth_token"].should_be_nil
end
specify "should delete auth token on logout" do
login_as :quentin
get :logout
response.cookies["auth_token"].should == []
end
specify "should login with cookie" do
users(:quentin).remember_me
request.cookies["auth_token"] = cookie_for(:quentin)
get :index
controller.should.satisfy {|c| c.send(:logged_in?)}
end
specify "should fail to login with expired cookie" do
users(:quentin).remember_me
users(:quentin).update_attribute :remember_token_expires_at, 15.minutes.ago
request.cookies["auth_token"] = cookie_for(:quentin)
get :index
controller.should_not.satisfy {|c| c.send(:logged_in?)}
end
specify "should fail to login with invalid cookie" do
users(:quentin).remember_me
request.cookies["auth_token"] = auth_token('invalid_auth_token')
get :index
controller.should_not.satisfy {|c| c.send(:logged_in?)}
end
end
Pastie << self Blog
