2020-02-15 17:27:48 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
RSpec.describe 'Session', type: :request do
|
|
|
|
describe 'GET /sign_in' do
|
|
|
|
let!(:account) { create(:account) }
|
|
|
|
|
|
|
|
context 'when it is invalid credentials' do
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
params = { email: 'invalid@invalid.com', password: 'invalid' }
|
|
|
|
|
|
|
|
post new_user_session_url,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
expect(response.body).to include('Invalid login credentials')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is valid credentials' do
|
2021-06-07 11:56:08 +00:00
|
|
|
let!(:user) { create(:user, password: 'Password1!', account: account) }
|
2020-02-15 17:27:48 +00:00
|
|
|
|
|
|
|
it 'returns successful auth response' do
|
2021-06-07 11:56:08 +00:00
|
|
|
params = { email: user.email, password: 'Password1!' }
|
2020-02-15 17:27:48 +00:00
|
|
|
|
|
|
|
post new_user_session_url,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(response.body).to include(user.email)
|
|
|
|
end
|
|
|
|
end
|
2020-11-25 08:29:38 +00:00
|
|
|
|
|
|
|
context 'when it is invalid sso auth token' do
|
2021-06-07 11:56:08 +00:00
|
|
|
let!(:user) { create(:user, password: 'Password1!', account: account) }
|
2020-11-25 08:29:38 +00:00
|
|
|
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
params = { email: user.email, sso_auth_token: SecureRandom.hex(32) }
|
|
|
|
|
|
|
|
post new_user_session_url,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
expect(response.body).to include('Invalid login credentials')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when with valid sso auth token' do
|
2021-06-07 11:56:08 +00:00
|
|
|
let!(:user) { create(:user, password: 'Password1!', account: account) }
|
2020-11-25 08:29:38 +00:00
|
|
|
|
|
|
|
it 'returns successful auth response' do
|
|
|
|
params = { email: user.email, sso_auth_token: user.generate_sso_auth_token }
|
|
|
|
|
|
|
|
post new_user_session_url, params: params, as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(response.body).to include(user.email)
|
|
|
|
|
|
|
|
# token won't work on a subsequent request
|
|
|
|
post new_user_session_url, params: params, as: :json
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
2020-02-15 17:27:48 +00:00
|
|
|
end
|
|
|
|
end
|