Skip to content

Commit

Permalink
Redirect signed in user to url_for_signed_in_users
Browse files Browse the repository at this point in the history 
This adds a `before_filter` for `sessions#new` that will redirect signed in
users to the same url that is configured for `url_after_create`, which, by
default, points to `Clearance.configuration.redirect_url`.
  • Loading branch information
@kenyonj
kenyonj committed Jan 9, 2015
1 parent ed6f8f4 commit 4f2c14c
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 54 deletions.
1 change: 1 addition & 0 deletions README.md
View file
Expand Up @@ -216,6 +216,7 @@ All of these controller methods redirect to `'/'` by default:

passwords#url_after_update
sessions#url_after_create
sessions#url_for_signed_in_users
users#url_after_create
application#url_after_denied_access_when_signed_in

Expand Down
15 changes: 13 additions & 2 deletions app/controllers/clearance/sessions_controller.rb
View file
@@ -1,4 +1,5 @@
class Clearance::SessionsController < Clearance::BaseController
before_filter :redirect_signed_in_users, only: [:new]
skip_before_filter :require_login, only: [:create, :new, :destroy]
protect_from_forgery except: :create

Expand All @@ -10,7 +11,7 @@ def create
redirect_back_or url_after_create
else
flash.now.notice = status.failure_message
render template: 'sessions/new', status: :unauthorized
render template: "sessions/new", status: :unauthorized
end
end
end
Expand All @@ -21,16 +22,26 @@ def destroy
end

def new
render template: 'sessions/new'
render template: "sessions/new"
end

private

def redirect_signed_in_users
if signed_in?
redirect_to url_for_signed_in_users
end
end

def url_after_create
Clearance.configuration.redirect_url
end

def url_after_destroy
sign_in_url
end

def url_for_signed_in_users
url_after_create
end
end
118 changes: 66 additions & 52 deletions spec/controllers/sessions_controller_spec.rb
View file
@@ -1,19 +1,31 @@
require 'spec_helper'
require "spec_helper"

describe Clearance::SessionsController do
it { should be_a Clearance::BaseController }

describe 'on GET to /sessions/new' do
before { get :new }
describe "on GET to #new" do
context "when a user is not signed in" do
before { get :new }

it { should respond_with(:success) }
it { should render_template(:new) }
it { should_not set_the_flash }
it { should respond_with(:success) }
it { should render_template(:new) }
it { should_not set_the_flash }
end

context "when a user is signed in" do
before do
sign_in
get :new
end

it { should redirect_to(Clearance.configuration.redirect_url) }
it { should_not set_the_flash }
end
end

context 'when password is optional' do
describe 'POST create' do
it 'renders the page with error' do
describe "on POST to #create" do
context "when password is optional" do
it "renders the page with error" do
user = create(:user_with_optional_password)

post :create, session: { email: user.email, password: user.password }
Expand All @@ -22,64 +34,66 @@
expect(flash[:notice]).to match(/^Bad email or password/)
end
end
end

describe 'on POST to #create with good credentials' do
before do
@user = create(:user)
@user.update_attribute :remember_token, 'old-token'
post :create, session: { email: @user.email, password: @user.password }
end
context "with good credentials" do
before do
@user = create(:user)
@user.update_attribute :remember_token, "old-token"
post :create, session: { email: @user.email, password: @user.password }
end

it { should redirect_to_url_after_create }
it { should redirect_to_url_after_create }

it 'sets the user in the clearance session' do
expect(controller.current_user).to eq @user
end
it "sets the user in the clearance session" do
expect(controller.current_user).to eq @user
end

it 'should not change the remember token' do
expect(@user.reload.remember_token).to eq 'old-token'
it "should not change the remember token" do
expect(@user.reload.remember_token).to eq "old-token"
end
end
end

describe 'on POST to #create with good credentials and a session return url' do
before do
@user = create(:user)
@return_url = '/url_in_the_session?foo=bar'
@request.session[:return_to] = @return_url
post :create, session: { email: @user.email, password: @user.password }
end
context "with good credentials and a session return url" do
before do
@user = create(:user)
@return_url = "/url_in_the_session?foo=bar"
@request.session[:return_to] = @return_url
post :create, session: { email: @user.email, password: @user.password }
end

it 'redirects to the return URL' do
should redirect_to(@return_url)
it "redirects to the return URL" do
should redirect_to(@return_url)
end
end
end

describe 'on DELETE to #destroy given a signed out user' do
before do
sign_out
delete :destroy
end

it { should redirect_to_url_after_destroy }
end
describe "on DELETE to #destroy" do
context "given a signed out user" do
before do
sign_out
delete :destroy
end

describe 'on DELETE to #destroy with a cookie' do
before do
@user = create(:user)
@user.update_attribute :remember_token, 'old-token'
@request.cookies['remember_token'] = 'old-token'
delete :destroy
it { should redirect_to_url_after_destroy }
end

it { should redirect_to_url_after_destroy }
context "with a cookie" do
before do
@user = create(:user)
@user.update_attribute :remember_token, "old-token"
@request.cookies["remember_token"] = "old-token"
delete :destroy
end

it 'should reset the remember token' do
expect(@user.reload.remember_token).not_to eq 'old-token'
end
it { should redirect_to_url_after_destroy }

it 'should unset the current user' do
expect(@controller.current_user).to be_nil
it "should reset the remember token" do
expect(@user.reload.remember_token).not_to eq "old-token"
end

it "should unset the current user" do
expect(@controller.current_user).to be_nil
end
end
end
end

0 comments on commit 4f2c14c

Please sign in to comment.