spec/controllers/sessions_controller_spec.rb at master from insoshi's insoshi

insoshi / insoshi

Description:	The open source social networking platform in Ruby on Rails from the author of RailsSpace
Homepage:	http://insoshi.com
Clone URL:	git://github.com/insoshi/insoshi.git Give this clone URL to anyone. `git clone git://github.com/insoshi/insoshi.git`
Search Repo:

Changed set_focus_to_id to set_focus_to

Michael Hartl (author)

Fri Sep 05 19:57:14 -0700 2008

commit c596d8ecbdb9e8bdad2e87ad74c950ff201ef489
tree 841d894dd4ac6ea38588c26cd64132f19a7312f5
parent 6cf92e3c6b25a39b2437459c0cce8b82bdd30048

insoshi / spec / controllers / sessions_controller_spec.rb

100644 107 lines (89 sloc) 3.066 kb

raw history

require File.dirname(__FILE__) + '/../spec_helper'
 
describe SessionsController do
  integrate_views
 
  before(:each) do
    @person = people(:quentin)
  end
  
  it "should render the new session page" do
    get :new
    response.should be_success
  end
 
  it 'logins and redirects' do
    post :create, :email => @person.email,
                  :password => @person.unencrypted_password
    session[:person_id].should == @person.id
    response.should be_redirect
  end
  
  it "should update person's last_logged_in_at attribute" do
    last_logged_in_at = @person.last_logged_in_at
    post :create, :email => @person.email, :password => 'test'
    @person.reload.last_logged_in_at.should_not == last_logged_in_at
  end
  
  it 'fails login and does not redirect' do
    post :create, :email => 'quentin@example.com', :password => 'bad password'
    session[:person_id].should be_nil
    response.should be_success
  end
 
  it 'logs out' do
    login_as @person
    get :destroy
    session[:person_id].should be_nil
    response.should be_redirect
  end
 
  it 'remembers me' do
    post :create, :email => 'quentin@example.com', :password => 'test',
                  :remember_me => "1"
    response.cookies["auth_token"].should_not be_nil
  end
  
  it 'does not remember me' do
    post :create, :email => 'quentin@example.com', :password => 'test',
                  :remember_me => "0"
    response.cookies["auth_token"].should be_nil
  end
 
  it 'deletes token on logout' do
    login_as @person
    get :destroy
    response.cookies["auth_token"].should == []
  end
 
  it 'logs in with cookie' do
    @person.remember_me
    request.cookies["auth_token"] = cookie_for(:quentin)
    get :new
    controller.send(:logged_in?).should be_true
  end
  
  it 'fails expired cookie login' do
    @person.remember_me
    @person.update_attribute :remember_token_expires_at, 5.minutes.ago
    request.cookies["auth_token"] = cookie_for(:quentin)
    get :new
    controller.send(:logged_in?).should_not be_true
  end
  
  it 'fails cookie login' do
    @person.remember_me
    request.cookies["auth_token"] = auth_token('invalid_auth_token')
    get :new
    controller.send(:logged_in?).should_not be_true
  end
  
  it "should redirect deactivated users" do
    @person.toggle!(:deactivated)
    post :create, :email => @person.email,
                  :password => @person.unencrypted_password
    response.should redirect_to(home_url)
    flash[:error].should =~ /deactivated/
  end
  
  it "should redirect users with unverified email addresses" do
    Preference.find(:first).update_attributes(:email_verifications => true)
    @person.email_verified = false
    @person.save!
    post :create, :email => @person.email,
                  :password => @person.unencrypted_password
    response.should redirect_to(login_url)
    flash[:notice].should =~ /check your email/
  end
 
  def auth_token(token)
    CGI::Cookie.new('name' => 'auth_token', 'value' => token)
  end
    
  def cookie_for(person)
    auth_token people(person).remember_token
  end
end