Commit 04ffb1d8
Changed files (2)
app
controllers
spec
controllers
app/controllers/sessions_controller.rb
@@ -4,9 +4,14 @@ class SessionsController < ApplicationController
end
def create
- user_session = Session.login(session_params[:username], session_params[:password])
- cookies.signed[:cookie_monster] = user_session.id
- render nothing: true
+ @session = Session.login(session_params[:username], session_params[:password])
+ if @session
+ cookies.signed[:cookie_monster] = @session.id
+ render nothing: true
+ else
+ flash[:error] = "invalid credentials"
+ render :new
+ end
end
private
spec/controllers/sessions_controller_spec.rb
@@ -23,5 +23,17 @@ describe SessionsController do
expect(cookies.signed[:cookie_monster]).to eql(user_session.id)
end
end
+
+ context "when the username is not known" do
+ before :each do
+ Session.stub(:login).and_return(nil)
+ end
+
+ it "returns an error" do
+ post :create, session: { username: 'x', password: 'y' }
+ expect(response).to render_template(:new)
+ expect(flash[:error]).to_not be_empty
+ end
+ end
end
end