Skip to content

Instantly share code, notes, and snippets.

@siannopollo
Created January 22, 2009 13:46
Show Gist options
  • Select an option

  • Save siannopollo/50542 to your computer and use it in GitHub Desktop.

Select an option

Save siannopollo/50542 to your computer and use it in GitHub Desktop.
require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
describe SessionsController do
before do
@user = User.new
@user.id = 10
@user.stub!(:save).and_return(true)
User.stub!(:authenticate).and_return(@user)
end
it 'should login and redirect' do
post :create, :login => 'quentin', :password => 'password'
session[:user_id].should == 10
response.should be_redirect
end
it 'should fail login and not redirect' do
User.stub!(:authenticate).and_return(nil)
post :create, :login => 'quentin', :password => 'bad password'
session[:user_id].should be_nil
response.should be_success
end
it 'should should logout' do
login_as @user
delete :destroy
session[:user_id].should be_nil
response.should be_redirect
end
it 'should should remember me' do
@request.cookies["auth_token"] = nil
post :create, :login => 'quentin', :password => 'password', :remember_me => "1"
@response.cookies["auth_token"].should_not be_nil
end
it 'should not remember me' do
@request.cookies["auth_token"] = nil
post :create, :login => 'quentin', :password => 'password', :remember_me => "0"
@response.cookies["auth_token"].should be_blank
end
it 'should delete token on logout' do
login_as @user
delete :destroy
@response.cookies["auth_token"].should be_blank
end
it 'should login with cookie' do
cookie = cookie_for(@user)
User.should_receive(:find_by_remember_token).with(cookie).and_return(@user)
@user.remember_me
@request.cookies["auth_token"] = cookie
get :new
@controller.should be_logged_in
end
it 'should fail expired cookie login' do
cookie = cookie_for(@user)
User.should_receive(:find_by_remember_token).with(cookie).and_return(@user)
@user.remember_me
@user.remember_token_expires_at = 5.minutes.ago
@request.cookies["auth_token"] = cookie
get :new
@controller.should_not be_logged_in
end
it 'should fail cookie login' do
@user.remember_me
@request.cookies["auth_token"] = auth_token('invalid_auth_token')
get :new
@controller.should_not be_logged_in
end
protected
def auth_token(token)
CGI::Cookie.new('name' => 'auth_token', 'value' => token)
end
def cookie_for(user)
auth_token user.remember_token
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment