2 files changed, 28 insertions, 11 deletions

diff --git a/users/test/integration/browser/account_test.rb b/users/test/integration/browser/account_test.rb
index 06f2401..8c2c997 100644
--- a/users/test/integration/browser/account_test.rb
+++ b/users/test/integration/browser/account_test.rb
@@ -45,17 +45,6 @@ class AccountTest < BrowserIntegrationTest
     assert page.has_content?("server failed")
   end
 
-  def submit_signup
-    username = "test_#{SecureRandom.urlsafe_base64}".downcase
-    password = SecureRandom.base64
-    visit '/users/new'
-    fill_in 'Username', with: username
-    fill_in 'Password', with: password
-    fill_in 'Password confirmation', with: password
-    click_on 'Sign Up'
-    return username, password
-  end
-
   def inject_malicious_js
     page.execute_script <<-EOJS
       var calc = new srp.Calculate();
diff --git a/users/test/integration/browser/session_test.rb b/users/test/integration/browser/session_test.rb
new file mode 100644
index 0000000..bb4e8c9
--- /dev/null
+++ b/users/test/integration/browser/session_test.rb
@@ -0,0 +1,28 @@
+require 'test_helper'
+
+class SessionTest < BrowserIntegrationTest
+
+  setup do
+    Capybara.current_driver = Capybara.javascript_driver
+    @username, password = submit_signup
+  end
+
+  teardown do
+    user = User.find_by_login(@username)
+    id = user.identity
+    id.destroy
+    user.destroy
+  end
+
+  test "valid session" do
+    assert page.has_content?("Welcome #{@username}")
+  end
+
+  test "expired session" do
+    assert page.has_content?("Welcome #{@username}")
+    pretend_now_is(Time.now + 40.minutes) do
+      visit '/'
+      assert page.has_no_content?("Welcome #{@username}")
+    end
+  end
+end