Ensure login and logout behavior are available

Check that a user can log in
Check that a user can log out

config/routes.rb

@@ -10,6 +10,9 @@
     request.env['warden'].authenticate?
   end
 
+  # This needs to be firt, but *before* admin and user contrained routes are configured
+  devise_for :users
+
   constraints admin_constraint do
     root to: 'hyrax/dashboard#show'
 
@@ -83,6 +86,7 @@
   end
 
   constraints authenticated_constraint do
+    resources :users
     # Mount Engines
     mount Blacklight::Engine => '/'
     mount Hydra::RoleManagement::Engine => '/'
@@ -109,8 +113,6 @@
   end
 
   # Unauthenticated users should only be able to reach the /contribute controller and the log in page
-  devise_for :users
-
   resources :contribute, as: 'contributions', controller: :contribute, only: [:index, :new, :create, :redirect] do
     collection do
       get 'license'

spec/features/login_out_spec.rb

@@ -0,0 +1,36 @@
+require 'rails_helper'
+include Warden::Test::Helpers
+
+RSpec.feature 'login and logout', :clean do
+  let(:admin) { create(:admin) }
+
+  context 'logging in' do
+    scenario 'provide a login and password' do
+      u = User.create(email: 'admin@example.org', display_name: 'Admin, Example', password: 'password')
+      u.add_role('admin')
+      u.save
+      visit '/dashboard'
+      expect(current_path).to eq "/contribute"
+      find('a.btn-primary').click
+      expect(current_path).to eq "/users/sign_in"
+      fill_in 'user_email', with: u.user_key
+      fill_in 'user_password', with: u.password
+      click_on 'Log in'
+      expect(current_path).to eq "/dashboard"
+    end
+  end
+
+  context 'when logged in' do
+    before { login_as admin }
+
+    scenario 'logging out' do
+      visit '/dashboard'
+
+      within '#user_utility_links' do
+        click_on 'Logout'
+      end
+
+      expect(page).to have_content 'Login'
+    end
+  end
+end