diff options
author | Robert Speicher <rspeicher@gmail.com> | 2015-05-11 21:31:31 +0300 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-05-11 21:31:31 +0300 |
commit | 24bef5e67a81c5edf9dacb65ecc091cac1f4c528 (patch) | |
tree | e915aa8c1bc0ff6e735a0d510c107ed0e126ef55 /spec/features/password_reset_spec.rb | |
parent | 19b897e998d4b376390a3e0c12ccac4d1e92597d (diff) |
Handle password reset for users with 2FA enabled
Diffstat (limited to 'spec/features/password_reset_spec.rb')
-rw-r--r-- | spec/features/password_reset_spec.rb | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/spec/features/password_reset_spec.rb b/spec/features/password_reset_spec.rb new file mode 100644 index 00000000000..a34efce09ef --- /dev/null +++ b/spec/features/password_reset_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper' + +feature 'Password reset' do + def forgot_password + click_on 'Forgot your password?' + fill_in 'Email', with: user.email + click_button 'Reset password' + user.reload + end + + def get_reset_token + mail = ActionMailer::Base.deliveries.last + body = mail.body.encoded + body.scan(/reset_password_token=(.+)\"/).flatten.first + end + + def reset_password(password = 'password') + visit edit_user_password_path(reset_password_token: get_reset_token) + + fill_in 'New password', with: password + fill_in 'Confirm new password', with: password + click_button 'Change your password' + end + + describe 'with two-factor authentication' do + let(:user) { create(:user, :two_factor) } + + it 'requires login after password reset' do + visit root_path + + forgot_password + reset_password + + expect(page).to have_content("Your password was changed successfully.") + expect(page).not_to have_content("You are now signed in.") + expect(current_path).to eq new_user_session_path + end + end + + describe 'without two-factor authentication' do + let(:user) { create(:user) } + + it 'automatically logs in after password reset' do + visit root_path + + forgot_password + reset_password + + expect(current_path).to eq root_path + expect(page).to have_content("Your password was changed successfully. You are now signed in.") + end + end +end |