forked from mpeters/smolder
/
public_auth.t
117 lines (104 loc) · 2.82 KB
/
public_auth.t
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
use strict;
use warnings;
use Test::More;
use Smolder::TestScript;
use Smolder::TestData qw(
create_developer
delete_developers
is_smolder_running
base_url
db_field_value
);
use Smolder::Conf qw(HostName);
use Smolder::Mech;
if (is_smolder_running) {
plan(tests => 27);
} else {
plan(skip_all => 'Smolder not running');
}
# 1
use_ok('Smolder::Control::Public::Auth');
my $mech = Smolder::Mech->new();
my $url = base_url() . '/public_auth';
END { delete_developers() }
my $pw = 'stuff123';
my $dev = create_developer(password => $pw);
# 2..15
# login
{
# incomplete
$mech->get_ok($url . '/login');
$mech->form_name('login');
$mech->set_fields(
username => '',
password => '',
);
$mech->submit();
ok($mech->success);
$mech->content_contains('missing required fields');
$mech->content_contains('class="required warn">Username');
# invalid
$mech->form_name('login');
$mech->set_fields(
username => 'asdfasdf',
password => 'notreallyreal',
);
$mech->submit();
ok($mech->success);
$mech->content_contains('class="required warn">Username');
$mech->content_contains('class="required warn">Password');
$mech->content_contains('Invalid username or password');
# valid username, invalid pw
$mech->form_name('login');
$mech->set_fields(
username => $dev->username,
password => 'notreallyreal',
);
$mech->submit();
ok($mech->success);
$mech->content_contains('class="required warn">Username');
$mech->content_contains('class="required warn">Password');
$mech->content_contains('Invalid username or password');
# valid
$mech->form_name('login');
$mech->set_fields(
username => $dev->username,
password => $pw,
);
$mech->submit();
ok($mech->success);
$mech->content_contains("Welcome " . $dev->username);
}
# 16..17
# logout
{
$mech->follow_link_ok({text => 'logout'});
$mech->content_contains('logout was successful');
}
# 18..25
# forgot_pw
{
$mech->get_ok($url . '/login');
$mech->follow_link_ok({text => '[I forgot my password!]'});
$mech->content_contains('Forgot Password');
# non existant developer
$mech->form_name('forgot_pw');
$mech->set_fields(username => 'completely fake username that wont exist');
$mech->submit();
ok($mech->success);
$mech->contains_message('username does not exist');
# successful
my $old_pw = $dev->password();
$mech->form_name('forgot_pw');
$mech->set_fields(username => $dev->username);
$mech->submit();
ok($mech->success);
$mech->contains_message('email with a new password');
isnt($old_pw, db_field_value('developer', 'password', $dev->id));
}
# 26..27
# timeout, forbidden
{
$mech->get_ok($url . '/timeout');
$mech->get_ok($url . '/forbidden');
}