diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2017-06-15 07:40:47 +0300 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2017-07-03 19:25:10 +0300 |
| commit | 6bfc355e17ef2a431940b6f697b7cd6b743fb8ad (patch) | |
| tree | 3c3160c5a3496d13b2a8baa2cfdf32fb5b46f03f /spec | |
| parent | dd9264011bf554567b3e7f860c2acbf53dfa3f77 (diff) | |
Test the "Remember Me" flow for OAuth-based login.
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/features/oauth_login_spec.rb | 61 | ||||
| -rw-r--r-- | spec/support/capybara_helpers.rb | 5 | ||||
| -rw-r--r-- | spec/support/login_helpers.rb | 5 |
3 files changed, 68 insertions, 3 deletions
diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb index f960dacdcac..2d51abd0e97 100644 --- a/spec/features/oauth_login_spec.rb +++ b/spec/features/oauth_login_spec.rb @@ -19,7 +19,7 @@ feature 'OAuth Login', feature: true, js: true do providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, :facebook] before do - OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') } + OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(/#{request['REQUEST_PATH']}.*/, '') } messages = { enabled: true, @@ -39,7 +39,6 @@ feature 'OAuth Login', feature: true, js: true do login_via(provider.to_s, user, 'my-uid') expect(current_path).to eq root_path - save_screenshot end end @@ -53,6 +52,64 @@ feature 'OAuth Login', feature: true, js: true do expect(current_path).to eq root_path end end + + context 'when "remember me" is checked' do + context "when two-factor authentication is disabled" do + it 'remembers the user after a browser restart' do + stub_omniauth_config(provider) + user = create(:omniauth_user, extern_uid: 'my-uid', provider: provider.to_s) + login_via(provider.to_s, user, 'my-uid', remember_me: true) + + restart_browser + + visit(root_path) + expect(current_path).to eq root_path + end + end + + context "when two-factor authentication is enabled" do + it 'remembers the user after a browser restart' do + stub_omniauth_config(provider) + user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: provider.to_s) + login_via(provider.to_s, user, 'my-uid', remember_me: true) + enter_code(user.current_otp) + + restart_browser + + visit(root_path) + expect(current_path).to eq root_path + end + end + end + + context 'when "remember me" is not checked' do + context "when two-factor authentication is disabled" do + it 'does not remember the user after a browser restart' do + stub_omniauth_config(provider) + user = create(:omniauth_user, extern_uid: 'my-uid', provider: provider.to_s) + login_via(provider.to_s, user, 'my-uid', remember_me: false) + + restart_browser + + visit(root_path) + expect(current_path).to eq new_user_session_path + end + end + + context "when two-factor authentication is enabled" do + it 'remembers the user after a browser restart' do + stub_omniauth_config(provider) + user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: provider.to_s) + login_via(provider.to_s, user, 'my-uid', remember_me: false) + enter_code(user.current_otp) + + restart_browser + + visit(root_path) + expect(current_path).to eq new_user_session_path + end + end + end end end end diff --git a/spec/support/capybara_helpers.rb b/spec/support/capybara_helpers.rb index b57a3493aff..1037e9def8c 100644 --- a/spec/support/capybara_helpers.rb +++ b/spec/support/capybara_helpers.rb @@ -35,6 +35,11 @@ module CapybaraHelpers visit 'about:blank' visit url end + + # Simulate a browser restart by clearing the session cookie. + def restart_browser + page.driver.remove_cookie('_gitlab_session') + end end RSpec.configure do |config| diff --git a/spec/support/login_helpers.rb b/spec/support/login_helpers.rb index 27f12cacc62..789cf9baae2 100644 --- a/spec/support/login_helpers.rb +++ b/spec/support/login_helpers.rb @@ -62,10 +62,13 @@ module LoginHelpers Thread.current[:current_user] = user end - def login_via(provider, user, uid) + def login_via(provider, user, uid, remember_me: false) mock_auth_hash(provider, uid, user.email) visit new_user_session_path expect(page).to have_content('Sign in with') + + check "Remember Me" if remember_me + click_link "oauth-login-#{provider}" end |