From 6261ce0e1ed3dbd5be07d2c8624c4b64bc706336 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 15:47:00 +0200 Subject: [PATCH 01/15] Login integration test --- Gemfile.lock | 10 ++++++++++ casino.gemspec | 1 + spec/features/login_spec.rb | 23 +++++++++++++++++++++++ spec/spec_helper.rb | 2 ++ spec/support/sign_in.rb | 7 +++++++ 5 files changed, 43 insertions(+) create mode 100644 spec/features/login_spec.rb diff --git a/Gemfile.lock b/Gemfile.lock index bd2d66de..6a0ec9ff 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -40,6 +40,12 @@ GEM addressable (2.3.3) arel (3.0.2) builder (3.0.4) + capybara (2.1.0) + mime-types (>= 1.16) + nokogiri (>= 1.3.3) + rack (>= 1.0.0) + rack-test (>= 0.5.4) + xpath (~> 2.0) casino_core (1.4.0) activerecord (~> 3.2.9) addressable (~> 2.3) @@ -66,6 +72,7 @@ GEM mime-types (1.21) multi_json (1.7.2) multipart-post (1.2.0) + nokogiri (1.5.9) polyglot (0.3.3) rack (1.4.5) rack-cache (1.2) @@ -126,11 +133,14 @@ GEM polyglot (>= 0.3.1) tzinfo (0.3.37) useragent (0.5.0) + xpath (2.0.0) + nokogiri (~> 1.3) PLATFORMS ruby DEPENDENCIES + capybara (~> 2.1) casino! rake (~> 10.0) rspec (~> 2.12) diff --git a/casino.gemspec b/casino.gemspec index 81e5d626..8ac080e0 100644 --- a/casino.gemspec +++ b/casino.gemspec @@ -23,6 +23,7 @@ Gem::Specification.new do |s| s.cert_chain = ['casino-public_cert.pem'] end + s.add_development_dependency 'capybara', '~> 2.1' s.add_development_dependency 'rake', '~> 10.0' s.add_development_dependency 'rspec', '~> 2.12' s.add_development_dependency 'rspec-rails', '~> 2.0' diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb new file mode 100644 index 00000000..849d5ee7 --- /dev/null +++ b/spec/features/login_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper' + +feature 'Login' do + include CASino::Engine.routes.url_helpers + + scenario 'with valid username and password' do + integration_sign_in + + expect(page).to have_content('Logout') + end + + scenario 'with invalid username' do + integration_sign_in username: 'lalala', password: 'foobar123' + + expect(page).to have_content('Login') + end + + scenario 'with blank password' do + integration_sign_in password: '' + + expect(page).to have_content('Login') + end +end \ No newline at end of file diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index d40cd597..d974d4e8 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -8,6 +8,8 @@ require 'rspec/rails' require 'rspec/autorun' +require 'capybara/rails' + ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../') # Requires supporting ruby files with custom matchers and macros, etc, diff --git a/spec/support/sign_in.rb b/spec/support/sign_in.rb index bdc662aa..c11e969a 100644 --- a/spec/support/sign_in.rb +++ b/spec/support/sign_in.rb @@ -9,3 +9,10 @@ def test_sign_in(options = {}) request.cookies[:tgt] = ticket.ticket return ticket end + +def integration_sign_in(options = {}) + visit login_path + fill_in 'username', with: options[:username] || 'testuser' + fill_in 'password', with: options[:password] || 'foobar123' + click_button 'Login' +end From 499175ed94ce4e49b5faabeeb9246ccb314935c9 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 15:52:20 +0200 Subject: [PATCH 02/15] Logout integration test --- spec/features/logout_spec.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 spec/features/logout_spec.rb diff --git a/spec/features/logout_spec.rb b/spec/features/logout_spec.rb new file mode 100644 index 00000000..8e9306ce --- /dev/null +++ b/spec/features/logout_spec.rb @@ -0,0 +1,12 @@ +require 'spec_helper' + +feature 'Logout' do + include CASino::Engine.routes.url_helpers + + scenario 'when logged in' do + integration_sign_in + click_link 'Logout' + + expect(page).to have_content('logged out') + end +end From d5ec964725a4b978b58020088e7240d455be30f3 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 15:55:01 +0200 Subject: [PATCH 03/15] Fix compatibility of non-integration tests with capybara --- spec/controllers/listener/legacy_validator_spec.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/controllers/listener/legacy_validator_spec.rb b/spec/controllers/listener/legacy_validator_spec.rb index f8acd966..37e76ab9 100644 --- a/spec/controllers/listener/legacy_validator_spec.rb +++ b/spec/controllers/listener/legacy_validator_spec.rb @@ -3,20 +3,20 @@ describe CASino::Listener::LegacyValidator do let(:controller) { Object.new } let(:listener) { described_class.new(controller) } - let(:text) { "foobar\nbla\n" } - let(:render_parameters) { { text: text, content_type: 'text/plain' } } + let(:response_text) { "foobar\nbla\n" } + let(:render_parameters) { { text: response_text, content_type: 'text/plain' } } describe '#validation_succeeded' do it 'tells the controller to render the response text' do controller.should_receive(:render).with(render_parameters) - listener.validation_succeeded(text) + listener.validation_succeeded(response_text) end end describe '#validation_failed' do it 'tells the controller to render the response text' do controller.should_receive(:render).with(render_parameters) - listener.validation_failed(text) + listener.validation_failed(response_text) end end end From e90d42620ff8d3a12945ddf1640cce7746d33a4f Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:13:04 +0200 Subject: [PATCH 04/15] Remove unused test code --- spec/support/sign_in.rb | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/spec/support/sign_in.rb b/spec/support/sign_in.rb index c11e969a..d07b2632 100644 --- a/spec/support/sign_in.rb +++ b/spec/support/sign_in.rb @@ -1,15 +1,3 @@ -def test_sign_in(options = {}) - request.env['HTTP_USER_AGENT'] = options[:user_agent] || 'TestBrowser 1.2' - ticket = TicketGrantingTicket.create!({ - ticket: controller.random_ticket_string('TGC'), - username: options[:username] || 'user1', - extra_attributes: options[:extra_attributes], - user_agent: request.env['HTTP_USER_AGENT'] - }) - request.cookies[:tgt] = ticket.ticket - return ticket -end - def integration_sign_in(options = {}) visit login_path fill_in 'username', with: options[:username] || 'testuser' From 8ca740bfae7375d6184bae2ca8acd1e528649840 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:24:25 +0200 Subject: [PATCH 05/15] Refactor integration tests --- spec/features/login_spec.rb | 22 ++++++++++++---------- spec/features/logout_spec.rb | 14 +++++++++----- spec/spec_helper.rb | 4 ++++ 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 849d5ee7..3a048eab 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -1,23 +1,25 @@ require 'spec_helper' -feature 'Login' do +describe 'Login' do include CASino::Engine.routes.url_helpers - scenario 'with valid username and password' do - integration_sign_in + subject { page } - expect(page).to have_content('Logout') + context 'with valid username and password' do + before { integration_sign_in } + + it { should have_link('Logout') } end - scenario 'with invalid username' do - integration_sign_in username: 'lalala', password: 'foobar123' + context 'with invalid username' do + before { integration_sign_in username: 'lalala', password: 'foobar123' } - expect(page).to have_content('Login') + it { should have_button('Login') } end - scenario 'with blank password' do - integration_sign_in password: '' + context 'with blank password' do + before { integration_sign_in password: '' } - expect(page).to have_content('Login') + it { should have_button('Login') } end end \ No newline at end of file diff --git a/spec/features/logout_spec.rb b/spec/features/logout_spec.rb index 8e9306ce..1c3777ba 100644 --- a/spec/features/logout_spec.rb +++ b/spec/features/logout_spec.rb @@ -1,12 +1,16 @@ require 'spec_helper' -feature 'Logout' do +describe 'Logout' do include CASino::Engine.routes.url_helpers - scenario 'when logged in' do - integration_sign_in - click_link 'Logout' + subject { page } - expect(page).to have_content('logged out') + context 'when logged in' do + before do + integration_sign_in + click_link 'Logout' + end + + it { should have_content('logged out') } end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index d974d4e8..8e5518bb 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -37,4 +37,8 @@ config.order = 'random' config.before(:each, type: :controller) { @routes = CASino::Engine.routes } + + config.before(:each, type: :feature) do + srand # for some reason required to make SecureRandom work + end end From 97d32178e4e1ec59d00a45ca17cc49ab7c55adfc Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:30:37 +0200 Subject: [PATCH 06/15] Use transactional fixtures --- spec/spec_helper.rb | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 8e5518bb..4900990c 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -17,13 +17,7 @@ Dir[File.join(ENGINE_RAILS_ROOT, 'spec/support/**/*.rb')].each {|f| require f } RSpec.configure do |config| - # ## Mock Framework - # - # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line: - # - # config.mock_with :mocha - # config.mock_with :flexmock - # config.mock_with :rr + config.use_transactional_fixtures = true # If true, the base class of anonymous controllers will be inferred # automatically. This will be the default behavior in future versions of @@ -37,8 +31,4 @@ config.order = 'random' config.before(:each, type: :controller) { @routes = CASino::Engine.routes } - - config.before(:each, type: :feature) do - srand # for some reason required to make SecureRandom work - end end From b09bd388b8efe7a4f8cd536c9c8c67dad979afb4 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:37:17 +0200 Subject: [PATCH 07/15] Fix newline --- spec/features/login_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 3a048eab..7c63f9fd 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -22,4 +22,4 @@ it { should have_button('Login') } end -end \ No newline at end of file +end From 6472f7792138e425e29fabee97bdeccbce5142e3 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:37:26 +0200 Subject: [PATCH 08/15] Test for session overview --- spec/features/session_overview_spec.rb | 38 ++++++++++++++++++++++++++ spec/support/browser.rb | 6 ++++ 2 files changed, 44 insertions(+) create mode 100644 spec/features/session_overview_spec.rb create mode 100644 spec/support/browser.rb diff --git a/spec/features/session_overview_spec.rb b/spec/features/session_overview_spec.rb new file mode 100644 index 00000000..04ebeb6c --- /dev/null +++ b/spec/features/session_overview_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper' + +describe 'Session overview' do + include CASino::Engine.routes.url_helpers + + subject { page } + + context 'when logged in' do + before do + integration_sign_in + visit sessions_path + end + + it { should have_link('Logout') } + it { should have_text('Your Active Sessions') } + it { should have_text('Active Session') } + + context 'without other sessions' do + it { should_not have_link('End session') } + end + + context 'when other sessions exist' do + before do + in_browser(:other) do + integration_sign_in + end + visit sessions_path + end + it { should have_link('End session') } + end + end + + context 'when not logged in' do + before { visit sessions_path } + + it { should have_button('Login') } + end +end diff --git a/spec/support/browser.rb b/spec/support/browser.rb new file mode 100644 index 00000000..e202ff9f --- /dev/null +++ b/spec/support/browser.rb @@ -0,0 +1,6 @@ +def in_browser(name) + original_browser = Capybara.session_name + Capybara.session_name = name + yield + Capybara.session_name = original_browser +end From f4ea1b4473b01c506eb4eec96a301ac19ec16191 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:46:32 +0200 Subject: [PATCH 09/15] Only include feature helpers in integration tests --- spec/features/login_spec.rb | 6 +++--- spec/features/logout_spec.rb | 2 +- spec/features/session_overview_spec.rb | 18 ++++++++++++++++-- spec/support/browser.rb | 6 ------ spec/support/features_helper.rb | 19 +++++++++++++++++++ spec/support/sign_in.rb | 6 ------ 6 files changed, 39 insertions(+), 18 deletions(-) delete mode 100644 spec/support/browser.rb create mode 100644 spec/support/features_helper.rb delete mode 100644 spec/support/sign_in.rb diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 7c63f9fd..3d25743c 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -6,19 +6,19 @@ subject { page } context 'with valid username and password' do - before { integration_sign_in } + before { sign_in } it { should have_link('Logout') } end context 'with invalid username' do - before { integration_sign_in username: 'lalala', password: 'foobar123' } + before { sign_in username: 'lalala', password: 'foobar123' } it { should have_button('Login') } end context 'with blank password' do - before { integration_sign_in password: '' } + before { sign_in password: '' } it { should have_button('Login') } end diff --git a/spec/features/logout_spec.rb b/spec/features/logout_spec.rb index 1c3777ba..c25aa6a9 100644 --- a/spec/features/logout_spec.rb +++ b/spec/features/logout_spec.rb @@ -7,7 +7,7 @@ context 'when logged in' do before do - integration_sign_in + sign_in click_link 'Logout' end diff --git a/spec/features/session_overview_spec.rb b/spec/features/session_overview_spec.rb index 04ebeb6c..ab52b168 100644 --- a/spec/features/session_overview_spec.rb +++ b/spec/features/session_overview_spec.rb @@ -7,7 +7,7 @@ context 'when logged in' do before do - integration_sign_in + sign_in visit sessions_path end @@ -22,12 +22,26 @@ context 'when other sessions exist' do before do in_browser(:other) do - integration_sign_in + sign_in end visit sessions_path end it { should have_link('End session') } end + + context 'with two-factor authentication disabled' do + before do + in_browser(:other) do + sign_in + end + visit sessions_path + end + it { should have_link('Enable', href: new_two_factor_authenticator_path) } + end + + context 'with two-factor authentication enabled' do + it { should have_link('Enable', href: new_two_factor_authenticator_path) } + end end context 'when not logged in' do diff --git a/spec/support/browser.rb b/spec/support/browser.rb deleted file mode 100644 index e202ff9f..00000000 --- a/spec/support/browser.rb +++ /dev/null @@ -1,6 +0,0 @@ -def in_browser(name) - original_browser = Capybara.session_name - Capybara.session_name = name - yield - Capybara.session_name = original_browser -end diff --git a/spec/support/features_helper.rb b/spec/support/features_helper.rb new file mode 100644 index 00000000..56be73a6 --- /dev/null +++ b/spec/support/features_helper.rb @@ -0,0 +1,19 @@ +module FeatureHelpers + def in_browser(name) + original_browser = Capybara.session_name + Capybara.session_name = name + yield + Capybara.session_name = original_browser + end + + def sign_in(options = {}) + visit login_path + fill_in 'username', with: options[:username] || 'testuser' + fill_in 'password', with: options[:password] || 'foobar123' + click_button 'Login' + end +end + +RSpec.configure do |config| + config.include FeatureHelpers, type: :feature +end diff --git a/spec/support/sign_in.rb b/spec/support/sign_in.rb deleted file mode 100644 index d07b2632..00000000 --- a/spec/support/sign_in.rb +++ /dev/null @@ -1,6 +0,0 @@ -def integration_sign_in(options = {}) - visit login_path - fill_in 'username', with: options[:username] || 'testuser' - fill_in 'password', with: options[:password] || 'foobar123' - click_button 'Login' -end From e29f4983a450845170e3bbe0157c4810d14c12c6 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:54:25 +0200 Subject: [PATCH 10/15] More testing on login screen --- spec/features/login_spec.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 3d25743c..406b7e31 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -8,18 +8,21 @@ context 'with valid username and password' do before { sign_in } - it { should have_link('Logout') } + it { should_not have_button('Login') } + its(:current_path) { should == sessions_path } end context 'with invalid username' do before { sign_in username: 'lalala', password: 'foobar123' } it { should have_button('Login') } + it { should have_text('Incorrect username or password') } end context 'with blank password' do before { sign_in password: '' } it { should have_button('Login') } + it { should have_text('Incorrect username or password') } end end From 756dad86dd3b7dbbe8c37a1c9e30fd7a4932665b Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 16:55:44 +0200 Subject: [PATCH 11/15] Test paths --- spec/features/session_overview_spec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/spec/features/session_overview_spec.rb b/spec/features/session_overview_spec.rb index ab52b168..3e7477af 100644 --- a/spec/features/session_overview_spec.rb +++ b/spec/features/session_overview_spec.rb @@ -11,7 +11,7 @@ visit sessions_path end - it { should have_link('Logout') } + it { should have_link('Logout', href: logout_path) } it { should have_text('Your Active Sessions') } it { should have_text('Active Session') } @@ -48,5 +48,6 @@ before { visit sessions_path } it { should have_button('Login') } + its(:current_path) { should == login_path } end end From 3725f9ce8a3e0e38bad2971b882369a3b34476fe Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 17:18:24 +0200 Subject: [PATCH 12/15] Updated gems --- Gemfile.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6a0ec9ff..9c71db6f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -37,7 +37,7 @@ GEM activesupport (3.2.13) i18n (= 0.6.1) multi_json (~> 1.0) - addressable (2.3.3) + addressable (2.3.4) arel (3.0.2) builder (3.0.4) capybara (2.1.0) @@ -46,18 +46,18 @@ GEM rack (>= 1.0.0) rack-test (>= 0.5.4) xpath (~> 2.0) - casino_core (1.4.0) + casino_core (1.4.3) activerecord (~> 3.2.9) addressable (~> 2.3) faraday (~> 0.8) rotp (~> 1.4) terminal-table (~> 1.4) useragent (~> 0.4) - diff-lcs (1.2.1) + diff-lcs (1.2.4) erubis (2.7.0) faraday (0.8.7) multipart-post (~> 1.1) - hike (1.2.1) + hike (1.2.2) http_accept_language (2.0.0.pre) i18n (0.6.1) journey (1.0.4) @@ -69,7 +69,7 @@ GEM i18n (>= 0.4.0) mime-types (~> 1.16) treetop (~> 1.4.8) - mime-types (1.21) + mime-types (1.23) multi_json (1.7.2) multipart-post (1.2.0) nokogiri (1.5.9) @@ -96,7 +96,7 @@ GEM rake (>= 0.8.7) rdoc (~> 3.4) thor (>= 0.14.6, < 2.0) - rake (10.0.3) + rake (10.0.4) rdoc (3.12.2) json (~> 1.4) rotp (1.4.1) @@ -107,7 +107,7 @@ GEM rspec-core (2.13.1) rspec-expectations (2.13.0) diff-lcs (>= 1.1.3, < 2.0) - rspec-mocks (2.13.0) + rspec-mocks (2.13.1) rspec-rails (2.13.0) actionpack (>= 3.0) activesupport (>= 3.0) @@ -126,8 +126,8 @@ GEM tilt (~> 1.1, != 1.3.0) sqlite3 (1.3.7) terminal-table (1.4.5) - thor (0.17.0) - tilt (1.3.6) + thor (0.18.1) + tilt (1.3.7) treetop (1.4.12) polyglot polyglot (>= 0.3.1) From 807e82626f30d60d86eb1287015eb99d88695e38 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 17:24:45 +0200 Subject: [PATCH 13/15] Test language detection --- spec/features/login_spec.rb | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 406b7e31..59d10703 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -25,4 +25,13 @@ it { should have_button('Login') } it { should have_text('Incorrect username or password') } end + + context 'with german locale' do + before do + page.driver.header 'Accept-Language', 'de' + visit login_path + end + + it { should have_text('Benutzername') } + end end From 8b84a11f0b40eaf3f9a116fe7866ff0a6bfcba69 Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 17:36:01 +0200 Subject: [PATCH 14/15] Session overview with two-factor enabled --- app/views/casino/two_factor_authenticators/new.html.erb | 2 +- spec/features/session_overview_spec.rb | 5 ++++- spec/support/features_helper.rb | 8 ++++++++ 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/app/views/casino/two_factor_authenticators/new.html.erb b/app/views/casino/two_factor_authenticators/new.html.erb index 8f1a35a6..afc2c369 100644 --- a/app/views/casino/two_factor_authenticators/new.html.erb +++ b/app/views/casino/two_factor_authenticators/new.html.erb @@ -13,7 +13,7 @@
" height="250" width="250">
-

+

<%= t('two_factor_authenticators.secret') %>: <%= @two_factor_authenticator.secret %>

diff --git a/spec/features/session_overview_spec.rb b/spec/features/session_overview_spec.rb index 3e7477af..f3b0d8f9 100644 --- a/spec/features/session_overview_spec.rb +++ b/spec/features/session_overview_spec.rb @@ -37,10 +37,13 @@ visit sessions_path end it { should have_link('Enable', href: new_two_factor_authenticator_path) } + it { should_not have_link('Disable') } end context 'with two-factor authentication enabled' do - it { should have_link('Enable', href: new_two_factor_authenticator_path) } + before { enable_two_factor_authentication } + it { should_not have_link('Enable', href: new_two_factor_authenticator_path) } + it { should have_link('Disable') } end end diff --git a/spec/support/features_helper.rb b/spec/support/features_helper.rb index 56be73a6..de29e010 100644 --- a/spec/support/features_helper.rb +++ b/spec/support/features_helper.rb @@ -12,6 +12,14 @@ def sign_in(options = {}) fill_in 'password', with: options[:password] || 'foobar123' click_button 'Login' end + + def enable_two_factor_authentication + visit new_two_factor_authenticator_path + secret = find('p#secret').text.gsub(/^Secret:\s*/, '') + totp = ROTP::TOTP.new(secret) + fill_in 'otp', with: "#{totp.now}" + click_button 'Verify and enable' + end end RSpec.configure do |config| From 6c55fb5e730dbdfcf2b982085657ef8315a9ab0b Mon Sep 17 00:00:00 2001 From: Nils Caspar Date: Sun, 21 Apr 2013 17:47:39 +0200 Subject: [PATCH 15/15] Test login with two-factor authentication --- spec/features/login_spec.rb | 48 ++++++++++++++++++++++++++++++--- spec/support/features_helper.rb | 7 ++--- 2 files changed, 48 insertions(+), 7 deletions(-) diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 59d10703..960d07ef 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -5,11 +5,51 @@ subject { page } - context 'with valid username and password' do - before { sign_in } + context 'with two-factor authentication enabled' do + before do + in_browser(:other) do + sign_in + @totp = enable_two_factor_authentication + end + end + + context 'with valid username and password' do + before { sign_in } + + it { should_not have_button('Login') } + it { should have_button('Continue') } + its(:current_path) { should == login_path } + + context 'when filling in the correct otp' do + before do + fill_in :otp, with: @totp.now + click_button 'Continue' + end + + it { should_not have_button('Login') } + it { should_not have_button('Continue') } + its(:current_path) { should == sessions_path } + end - it { should_not have_button('Login') } - its(:current_path) { should == sessions_path } + context 'when filling in an incorrect otp' do + before do + fill_in :otp, with: 'aaaaa' + click_button 'Continue' + end + + it { should have_text('The one-time password you entered is not correct') } + it { should have_button('Continue') } + end + end + end + + context 'with two-factor authentication disabled' do + context 'with valid username and password' do + before { sign_in } + + it { should_not have_button('Login') } + its(:current_path) { should == sessions_path } + end end context 'with invalid username' do diff --git a/spec/support/features_helper.rb b/spec/support/features_helper.rb index de29e010..eca827b2 100644 --- a/spec/support/features_helper.rb +++ b/spec/support/features_helper.rb @@ -16,9 +16,10 @@ def sign_in(options = {}) def enable_two_factor_authentication visit new_two_factor_authenticator_path secret = find('p#secret').text.gsub(/^Secret:\s*/, '') - totp = ROTP::TOTP.new(secret) - fill_in 'otp', with: "#{totp.now}" - click_button 'Verify and enable' + ROTP::TOTP.new(secret).tap do |totp| + fill_in 'otp', with: "#{totp.now}" + click_button 'Verify and enable' + end end end