main
1require "rails_helper"
2
3describe SessionsController do
4 describe "#new" do
5 it "loads the login page" do
6 get :new
7 expect(response).to be_ok
8 end
9 end
10
11 describe "#create" do
12 let!(:user) { create(:user, password: 'password') }
13
14 context "when the email and password is incorrect" do
15 it "displays an error" do
16 post :create, email: 'email@example.com', password: 'wrong'
17 expect(flash[:error]).to eql(I18n.translate(:invalid_credentials))
18 expect(response).to redirect_to(new_session_path)
19 end
20 end
21
22 context "when the email is not known" do
23 it "displays an error" do
24 post :create, email: 'unknown@example.com'
25 expect(flash[:error]).to eql(I18n.translate(:invalid_credentials))
26 expect(response).to redirect_to(new_session_path)
27 end
28 end
29
30 context "when the email and password is correct" do
31 before { post :create, email: user.email, password: 'password' }
32
33 it "redirects to the dashboard" do
34 expect(response).to redirect_to(root_path(anchor: ''))
35 end
36
37 it 'assigns a session key to a secure cookie' do
38 expect(cookies.signed[:raphael]).to eql(Session.last.key)
39 end
40 end
41 end
42
43 context "#destroy" do
44 let(:user_session) { create(:session) }
45
46 before :each do
47 cookies.signed[:raphael] = user_session.key
48 delete :destroy, { id: 'mine' }
49 end
50
51 it "removes the current session" do
52 expect(request.cookies[:raphael]).to be_nil
53 expect(response).to redirect_to(new_session_path)
54 end
55
56 it 'revokes the current session' do
57 user_session.reload
58 expect(user_session.revoked_at).to_not be_nil
59 end
60 end
61end