mirror of
				https://github.com/scinote-eln/scinote-web.git
				synced 2025-10-25 05:27:33 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			108 lines
		
	
	
	
		
			2.9 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			108 lines
		
	
	
	
		
			2.9 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| # frozen_string_literal: true
 | |
| 
 | |
| require 'rails_helper'
 | |
| 
 | |
| RSpec.describe Users::SessionsController, type: :controller do
 | |
|   describe 'POST #create' do
 | |
|     before do
 | |
|       @request.env['devise.mapping'] = Devise.mappings[:user]
 | |
|     end
 | |
| 
 | |
|     let(:user) { create :user }
 | |
|     let(:password) { 'asdf1243' }
 | |
|     let(:params) do
 | |
|       { user: {
 | |
|         email: user.email,
 | |
|         password: password
 | |
|       } }
 | |
|     end
 | |
| 
 | |
|     let(:action) do
 | |
|       post :create, params: params
 | |
|     end
 | |
| 
 | |
|     context 'when have invalid email or password' do
 | |
|       let(:password) { '123' }
 | |
| 
 | |
|       it 'returns error message' do
 | |
|         action
 | |
| 
 | |
|         expect(flash[:alert]).to eq('Invalid Email or password.')
 | |
|       end
 | |
| 
 | |
|       it 'does not set current user' do
 | |
|         expect { action }.not_to(change { subject.current_user })
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     context 'when have valid email and password' do
 | |
|       context 'when user has 2FA disabled' do
 | |
|         it 'returns successfully log in' do
 | |
|           action
 | |
| 
 | |
|           expect(flash[:notice]).to eq('Logged in successfully.')
 | |
|         end
 | |
| 
 | |
|         it 'sets current user' do
 | |
|           expect { action }.to(change { subject.current_user }.from(nil).to(User))
 | |
|         end
 | |
|       end
 | |
| 
 | |
|       context 'when user has 2FA enabled' do
 | |
|         it 'redirects to 2fa code form, sets the session and does not sign in the user' do
 | |
|           user.two_factor_auth_enabled = true
 | |
|           user.save!
 | |
|           expect(action).to redirect_to(users_two_factor_auth_path)
 | |
|           expect(action.request.session[:otp_user_id]).to eq user.id
 | |
|           expect { action }.not_to(change { subject.current_user })
 | |
|         end
 | |
|       end
 | |
|     end
 | |
|   end
 | |
| 
 | |
|   describe 'POST #authenticate_with_two_factor' do
 | |
|     before do
 | |
|       @request.env['devise.mapping'] = Devise.mappings[:user]
 | |
|     end
 | |
| 
 | |
|     let(:user) { create :user }
 | |
|     let(:params) { { otp: '123123' } }
 | |
|     let(:otp_user_id) { user.id }
 | |
|     let(:action) do
 | |
|       post :authenticate_with_two_factor, params: params, session: { otp_user_id: otp_user_id }
 | |
|     end
 | |
| 
 | |
|     context 'when have valid otp' do
 | |
|       it 'sets current user' do
 | |
|         allow_any_instance_of(User).to receive(:valid_otp?).and_return(true)
 | |
| 
 | |
|         expect { action }.to(change { subject.current_user }.from(nil).to(User))
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     context 'when have invalid valid otp' do
 | |
|       it 'returns error message' do
 | |
|         allow_any_instance_of(User).to receive(:valid_otp?).and_return(nil)
 | |
|         action
 | |
| 
 | |
|         expect(flash[:alert]).to eq(I18n.t('devise.sessions.2fa.error_message'))
 | |
|       end
 | |
| 
 | |
|       it 'does not set current user' do
 | |
|         allow_any_instance_of(User).to receive(:valid_otp?).and_return(nil)
 | |
| 
 | |
|         expect { action }.not_to(change { subject.current_user })
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     context 'when user is not found' do
 | |
|       let(:otp_user_id) { -1 }
 | |
| 
 | |
|       it 'returns error message' do
 | |
|         action
 | |
| 
 | |
|         expect(flash[:alert]).to eq('Cannot find user!')
 | |
|       end
 | |
|     end
 | |
|   end
 | |
| end
 |