-
-
Notifications
You must be signed in to change notification settings - Fork 457
/
sessions_controller_spec.rb
83 lines (66 loc) · 2.2 KB
/
sessions_controller_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
require 'spec_helper'
describe Clearance::SessionsController do
describe 'on GET to /sessions/new' do
before { get :new }
it { should respond_with(:success) }
it { should render_template(:new) }
it { should_not set_the_flash }
end
context 'when password is optional' do
describe 'POST create' do
it 'renders the page with error' do
user = create(:user_with_optional_password)
post :create, session: { email: user.email, password: user.password }
expect(response).to render_template(:new)
expect(flash[:notice]).to match(/^Bad email or password/)
end
end
end
describe 'on POST to #create with good credentials' do
before do
@user = create(:user)
@user.update_attribute :remember_token, 'old-token'
post :create, :session => { :email => @user.email, :password => @user.password }
end
it { should redirect_to_url_after_create }
it 'sets the user in the clearance session' do
controller.current_user.should == @user
end
it 'should not change the remember token' do
@user.reload.remember_token.should == 'old-token'
end
end
describe 'on POST to #create with good credentials and a session return url' do
before do
@user = create(:user)
@return_url = '/url_in_the_session'
@request.session[:return_to] = @return_url
post :create, :session => { :email => @user.email, :password => @user.password }
end
it 'redirects to the return URL' do
should redirect_to(@return_url)
end
end
describe 'on DELETE to #destroy given a signed out user' do
before do
sign_out
delete :destroy
end
it { should redirect_to_url_after_destroy }
end
describe 'on DELETE to #destroy with a cookie' do
before do
@user = create(:user)
@user.update_attribute :remember_token, 'old-token'
@request.cookies['remember_token'] = 'old-token'
delete :destroy
end
it { should redirect_to_url_after_destroy }
it 'should reset the remember token' do
@user.reload.remember_token.should_not == 'old-token'
end
it 'should unset the current user' do
@controller.current_user.should be_nil
end
end
end