diff options
| author | Robert Speicher <rspeicher@gmail.com> | 2016-05-31 05:17:26 +0300 |
|---|---|---|
| committer | Robert Speicher <rspeicher@gmail.com> | 2016-05-31 05:25:35 +0300 |
| commit | a602df303175aaaf1d5b60a2c009f5e259d187db (patch) | |
| tree | 68eb6241dfbd4ccc8ae8474b73ead87018e92386 /spec | |
| parent | de20bd5b31715f096db3fb0155c82b0eea992b6c (diff) | |
Pass the "Remember me" value to the 2FA token form
Prior, if a user had 2FA enabled and checked the "Remember me" field,
the setting was ignored because the OTP input was on a new form and the
value was never passed.
Closes #18000
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/sessions_controller_spec.rb | 21 | ||||
| -rw-r--r-- | spec/features/login_spec.rb | 8 | ||||
| -rw-r--r-- | spec/support/login_helpers.rb | 6 |
3 files changed, 32 insertions, 3 deletions
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index ab57c52c7cd..b39d8c8cd5b 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -35,6 +35,27 @@ describe SessionsController do post(:create, { user: user_params }, { otp_user_id: user.id }) end + context 'remember_me field' do + it 'sets a remember_user_token cookie when enabled' do + allow(controller).to receive(:find_user).and_return(user) + expect(controller). + to receive(:remember_me).with(user).and_call_original + + authenticate_2fa(remember_me: '1', otp_attempt: user.current_otp) + + expect(response.cookies['remember_user_token']).to be_present + end + + it 'does nothing when disabled' do + allow(controller).to receive(:find_user).and_return(user) + expect(controller).not_to receive(:remember_me) + + authenticate_2fa(remember_me: '0', otp_attempt: user.current_otp) + + expect(response.cookies['remember_user_token']).to be_nil + end + end + ## # See #14900 issue # diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb index 8c38dd5b122..a7dc3b2701b 100644 --- a/spec/features/login_spec.rb +++ b/spec/features/login_spec.rb @@ -32,7 +32,7 @@ feature 'Login', feature: true do let(:user) { create(:user, :two_factor) } before do - login_with(user) + login_with(user, remember: true) expect(page).to have_content('Two-factor Authentication') end @@ -52,6 +52,12 @@ feature 'Login', feature: true do expect(current_path).to eq root_path end + it 'persists remember_me value via hidden field' do + field = first('input#user_remember_me', visible: false) + + expect(field.value).to eq '1' + end + it 'blocks login with invalid code' do enter_code('foo') expect(page).to have_content('Invalid two-factor code') diff --git a/spec/support/login_helpers.rb b/spec/support/login_helpers.rb index cd9fdc6f18e..7a0f078c72b 100644 --- a/spec/support/login_helpers.rb +++ b/spec/support/login_helpers.rb @@ -26,11 +26,13 @@ module LoginHelpers # Internal: Login as the specified user # - # user - User instance to login with - def login_with(user) + # user - User instance to login with + # remember - Whether or not to check "Remember me" (default: false) + def login_with(user, remember: false) visit new_user_session_path fill_in "user_login", with: user.email fill_in "user_password", with: "12345678" + check 'user_remember_me' if remember click_button "Sign in" Thread.current[:current_user] = user end |