Installed authentication-zero

2024-08-17 21:18:23 +02:00
parent cbe55aee36
commit c4b96a43e4
44 changed files with 988 additions and 10 deletions
--- a/test/controllers/identity/password_resets_controller_test.rb
+++ b/test/controllers/identity/password_resets_controller_test.rb
@@ -0,0 +1,65 @@
+require "test_helper"
+
+class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @user = users(:lazaro_nixon)
+  end
+
+  test "should get new" do
+    get new_identity_password_reset_url
+    assert_response :success
+  end
+
+  test "should get edit" do
+    sid = @user.generate_token_for(:password_reset)
+
+    get edit_identity_password_reset_url(sid: sid)
+    assert_response :success
+  end
+
+  test "should send a password reset email" do
+    assert_enqueued_email_with UserMailer, :password_reset, params: { user: @user } do
+      post identity_password_reset_url, params: { email: @user.email }
+    end
+
+    assert_redirected_to sign_in_url
+  end
+
+  test "should not send a password reset email to a nonexistent email" do
+    assert_no_enqueued_emails do
+      post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
+    end
+
+    assert_redirected_to new_identity_password_reset_url
+    assert_equal "You can't reset your password until you verify your email", flash[:alert]
+  end
+
+  test "should not send a password reset email to a unverified email" do
+    @user.update! verified: false
+
+    assert_no_enqueued_emails do
+      post identity_password_reset_url, params: { email: @user.email }
+    end
+
+    assert_redirected_to new_identity_password_reset_url
+    assert_equal "You can't reset your password until you verify your email", flash[:alert]
+  end
+
+  test "should update password" do
+    sid = @user.generate_token_for(:password_reset)
+
+    patch identity_password_reset_url, params: { sid: sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
+    assert_redirected_to sign_in_url
+  end
+
+  test "should not update password with expired token" do
+    sid = @user.generate_token_for(:password_reset)
+
+    travel 30.minutes
+
+    patch identity_password_reset_url, params: { sid: sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
+
+    assert_redirected_to new_identity_password_reset_url
+    assert_equal "That password reset link is invalid", flash[:alert]
+  end
+end