467b45b427
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
65 lines
2 KiB
Ruby
65 lines
2 KiB
Ruby
require 'rails_helper'
|
|
|
|
RSpec.describe 'Session', type: :request do
|
|
describe 'GET /sign_in' do
|
|
let!(:account) { create(:account) }
|
|
|
|
context 'when it is invalid credentials' do
|
|
it 'returns unauthorized' do
|
|
params = { email: 'invalid@invalid.com', password: 'invalid' }
|
|
|
|
post new_user_session_url,
|
|
params: params,
|
|
as: :json
|
|
expect(response).to have_http_status(:unauthorized)
|
|
expect(response.body).to include('Invalid login credentials')
|
|
end
|
|
end
|
|
|
|
context 'when it is valid credentials' do
|
|
let!(:user) { create(:user, password: 'Password1!', account: account) }
|
|
|
|
it 'returns successful auth response' do
|
|
params = { email: user.email, password: 'Password1!' }
|
|
|
|
post new_user_session_url,
|
|
params: params,
|
|
as: :json
|
|
|
|
expect(response).to have_http_status(:success)
|
|
expect(response.body).to include(user.email)
|
|
end
|
|
end
|
|
|
|
context 'when it is invalid sso auth token' do
|
|
let!(:user) { create(:user, password: 'Password1!', account: account) }
|
|
|
|
it 'returns unauthorized' do
|
|
params = { email: user.email, sso_auth_token: SecureRandom.hex(32) }
|
|
|
|
post new_user_session_url,
|
|
params: params,
|
|
as: :json
|
|
expect(response).to have_http_status(:unauthorized)
|
|
expect(response.body).to include('Invalid login credentials')
|
|
end
|
|
end
|
|
|
|
context 'when with valid sso auth token' do
|
|
let!(:user) { create(:user, password: 'Password1!', account: account) }
|
|
|
|
it 'returns successful auth response' do
|
|
params = { email: user.email, sso_auth_token: user.generate_sso_auth_token }
|
|
|
|
post new_user_session_url, params: params, as: :json
|
|
|
|
expect(response).to have_http_status(:success)
|
|
expect(response.body).to include(user.email)
|
|
|
|
# token won't work on a subsequent request
|
|
post new_user_session_url, params: params, as: :json
|
|
expect(response).to have_http_status(:unauthorized)
|
|
end
|
|
end
|
|
end
|
|
end
|