@@ -18,7 +18,7 @@ class SessionsController < ApplicationController flash[:notice] = "Logged in successfully" else flash[:error] = "The username and password did not match" - render :action => 'new' + render :action => 'new', :status => 403 end end app/controllers/sessions_controller.rb @@ -25,9 +25,9 @@ describe SessionsController do post :create, :login => 'quentin', :password => 'bad password' end - it 'fails login and does not redirect' do + it 'fails login and responds with a 403 [forbidden]' do session[:user_id].should be_nil - response.should be_success + response.response_code.should == 403 end it "notifies the user that the login is incorrect" do spec/controllers/sessions_controller_spec.rb 816fb69b34cc1bfdaef8a83eff3ae6b892053727 Brian Takita brian.takita@gmail.com http://github.com/btakita/pain-point/commit/61cee117305d446c2f9c51f3a45d4a3f08c5375e 61cee117305d446c2f9c51f3a45d4a3f08c5375e 2008-05-28T14:12:38-07:00 2008-05-28T14:12:38-07:00 SessionsController#create responds with a 403 if the login fails. 612611881e780814cee9dca8a36c32f3825ce50c Brian Takita brian.takita@gmail.com