sermoa / mychores
watch download tarball
public
Forks2Right
Watchers8Right
Description: The code for MyChores, open-source, freely available to anyone who wants it.
Homepage: http://www.mychores.co.uk
Clone URL: git://github.com/sermoa/mychores.git
Click here to lend your support to: mychores and make a donation at www.pledgie.com !
mychores / features / forgot_password.feature
100644 161 lines (140 sloc) 7.222 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161

Feature: Forgot password
  In order to log in again
  As a user who has forgotten my password
  I want to reset my password
  
  Scenario: Reset password with email address
    Given a person called 'Alex' with login ID 'al3x'
    And I am not logged in
    When I click on 'Forgotten password?'
    Then I should see the text 'Enter your login ID(.*)or email address'
    When I fill in 'login_or_email' with 'alex@test.com'
    And I click the 'Submit' button
    Then I should see the text 'An email will shortly be sent to you with further instructions to change your password'
  
  Scenario: Reset password with login ID
    Given a person called 'Alex' with login ID 'al3x'
    And I am not logged in
    When I click on 'Forgotten password?'
    And I fill in 'login_or_email' with 'al3x'
    And I click the 'Submit' button
    Then I should see the text 'An email will shortly be sent to you with further instructions to change your password'
  
  Scenario: Reset password makes an email get sent
    Given a person called 'Alex' with login ID 'al3x'
    And there are no emails waiting to be sent
    And I am not logged in
    When I click on 'Forgotten password?'
    And I fill in 'login_or_email' with 'al3x'
    And I click the 'Submit' button
    Then there should be 1 email on the queue
    And that email should be addressed to 'Alex@test.com'
    And that email should have the subject 'Password reset link from MyChores'
    And that email should contain 'Dear Alex' in the body
    And that email should contain 'The link below will enable you to change your MyChores password' in the body
    And that email should contain the correct password reset link for Alex
    And that email should contain 'Your login ID is: al3x' in the body
    
  Scenario: Having sent the reset link you can still log in with the existing password
    GivenScenario: Reset password makes an email get sent
    When I click on 'Login'
    And I fill in 'Login ID' with 'al3x'
    And I fill in 'Password' with '12345'
    And I click the 'Login' button
    Then I should be logged in
  
  Scenario: Fill in with a non-valid ID and nothing happens
    Given a person called 'Alex' with login ID 'al3x'
    And there are no emails waiting to be sent
    And I am not logged in
    When I click on 'Forgotten password?'
    And I fill in 'login_or_email' with 'whoops!'
    And I click the 'Submit' button
    Then I should see the text 'Login ID or email not found'
    And there should be 0 emails on the queue
  
  Scenario: Fill in with nothing, and nothing happens
    Given I am not logged in
    When I click on 'Forgotten password?'
    And I click the 'Submit' button
    Then I should see the text 'If you are having trouble, email contact@mychores.co.uk for help'
    
  Scenario: Use the link to reset password
    Given a person called 'Alex' with login ID 'al3x'
    And I am not logged in
    When I visit the correct reset password link for Alex
    And I fill in 'person_new_password' with 'chang3d'
    And I fill in 'person_confirm_new_password' with 'chang3d'
    And I click the 'Change' button
    Then I should see the text 'Password changed successfully. You may now login with the new password'
    And I should NOT be logged in
    
  Scenario: Cannot reset the password without the right code
    Given a person called 'Alex' with login ID 'al3x'
    And I am not logged in
    When I visit the incorrect reset password link for Alex
    Then I should see the text 'Sorry, for security reasons you may not access this page without a valid link sent via email'
    And I should NOT be logged in
    
  Scenario: Changing the password changes the security code
    Given a person called 'Alex' with login ID 'al3x'
    And we already know the security code for Alex
    And I am not logged in
    When I visit the correct reset password link for Alex
    And I fill in 'person_new_password' with 'chang3d'
    And I fill in 'person_confirm_new_password' with 'chang3d'
    And I click the 'Change' button
    Then I should see the text 'Password changed successfully. You may now login with the new password'
    And the security code for Alex should have changed
    
  Scenario: Cannot use the same link again
    Given a person called 'Alex' with login ID 'al3x'
    And we already know the security code for Alex
    And I am not logged in
    When I visit the correct reset password link for Alex
    And I fill in 'person_new_password' with 'chang3d'
    And I fill in 'person_confirm_new_password' with 'chang3d'
    And I click the 'Change' button
    Then I should see the text 'Password changed successfully. You may now login with the new password'
    When I try to use the same reset password link again for Alex
    Then I should see the text 'Sorry, for security reasons you may not access this page without a valid link sent via email'
    
  Scenario: Can now log in with the new password
    GivenScenario: Use the link to reset password
    When I click on 'Login'
    And I fill in 'Login ID' with 'al3x'
    And I fill in 'Password' with 'chang3d'
    And I click the 'Login' button
    Then I should be logged in
    
  Scenario: Can no longer log in with the old password
    GivenScenario: Use the link to reset password
    When I click on 'Login'
    And I fill in 'Login ID' with 'al3x'
    And I fill in 'Password' with '12345'
    And I click the 'Login' button
    Then I should see the text 'Login failed - please try again'
    Then I should NOT be logged in
    
  Scenario: Cannot reset the password unless they match
    Given a person called 'Alex' with login ID 'al3x'
    And I am not logged in
    When I visit the correct reset password link for Alex
    And I fill in 'person_new_password' with 'whoops'
    And I fill in 'person_confirm_new_password' with 'whatan00b'
    And I click the 'Change' button
    Then I should see the text 'New password did not match the confirmation'
    
  Scenario: Password has not changed because they did not match
    GivenScenario: Cannot reset the password unless they match
    When I click on 'Login'
    And I fill in 'Login ID' with 'al3x'
    And I fill in 'Password' with '12345'
    And I click the 'Login' button
    Then I should be logged in
    
  Scenario: Cannot reset the password if it is too short
    Given a person called 'Alex' with login ID 'al3x'
    And I am not logged in
    When I visit the correct reset password link for Alex
    And I fill in 'person_new_password' with '123'
    And I fill in 'person_confirm_new_password' with '123'
    And I click the 'Change' button
    Then I should see the text 'New password must be at least 5 characters'
    
  Scenario: Password has not changed because it was too short
    GivenScenario: Cannot reset the password if it is too short
    When I click on 'Login'
    And I fill in 'Login ID' with 'al3x'
    And I fill in 'Password' with '123'
    And I click the 'Login' button
    Then I should see the text 'Login failed - please try again'
    And I should NOT be logged in
    When I fill in 'Login ID' with 'al3x'
    And I fill in 'Password' with '12345'
    And I click the 'Login' button
    Then I should be logged in