Test login with two-factor authentication

rbCAS · Apr 21, 2013 · 6c55fb5 · 6c55fb5
1 parent 8b84a11
commit 6c55fb5
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 7 deletions.
diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb
@@ -5,11 +5,51 @@
 
   subject { page }
 
-  context 'with valid username and password' do
-    before { sign_in }
+  context 'with two-factor authentication enabled' do
+    before do
+      in_browser(:other) do
+        sign_in
+        @totp = enable_two_factor_authentication
+      end
+    end
+
+    context 'with valid username and password' do
+      before { sign_in }
+
+      it { should_not have_button('Login') }
+      it { should have_button('Continue') }
+      its(:current_path) { should == login_path }
+
+      context 'when filling in the correct otp' do
+        before do
+          fill_in :otp, with: @totp.now
+          click_button 'Continue'
+        end
+
+        it { should_not have_button('Login') }
+        it { should_not have_button('Continue') }
+        its(:current_path) { should == sessions_path }
+      end
 
-    it { should_not have_button('Login') }
-    its(:current_path) { should == sessions_path }
+      context 'when filling in an incorrect otp' do
+        before do
+          fill_in :otp, with: 'aaaaa'
+          click_button 'Continue'
+        end
+
+        it { should have_text('The one-time password you entered is not correct') }
+        it { should have_button('Continue') }
+      end
+    end
+  end
+
+  context 'with two-factor authentication disabled' do
+    context 'with valid username and password' do
+      before { sign_in }
+
+      it { should_not have_button('Login') }
+      its(:current_path) { should == sessions_path }
+    end
   end
 
   context 'with invalid username' do

diff --git a/spec/support/features_helper.rb b/spec/support/features_helper.rb
@@ -16,9 +16,10 @@ def sign_in(options = {})
   def enable_two_factor_authentication
     visit new_two_factor_authenticator_path
     secret = find('p#secret').text.gsub(/^Secret:\s*/, '')
-    totp = ROTP::TOTP.new(secret)
-    fill_in 'otp', with: "#{totp.now}"
-    click_button 'Verify and enable'
+    ROTP::TOTP.new(secret).tap do |totp|
+      fill_in 'otp', with: "#{totp.now}"
+      click_button 'Verify and enable'
+    end
   end
 end