7 files changed, 80 insertions, 22 deletions

diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 01a1a2f..03a5a62 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -31,7 +31,7 @@ module V1
     protected
 
     def account
-      Account.new(@user)
+      @user.account
     end
 
   end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 310eecd..a14fcb5 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -82,6 +82,10 @@ class User < CouchRest::Model::Base
     identity.keys[:pgp]
   end
 
+  def account
+    Account.new(self)
+  end
+
   def identity
     @identity ||= Identity.for(self)
   end
diff --git a/users/test/integration/browser/account_test.rb b/users/test/integration/browser/account_test.rb
index a5ec2c5..8c2c997 100644
--- a/users/test/integration/browser/account_test.rb
+++ b/users/test/integration/browser/account_test.rb
@@ -13,9 +13,7 @@ class AccountTest < BrowserIntegrationTest
     assert page.has_content?("Sign Up")
     assert_equal '/', current_path
     assert user = User.find_by_login(username)
-    assert id = user.identity
-    id.destroy
-    user.destroy
+    user.account.destroy
   end
 
   test "successful login" do
@@ -47,17 +45,6 @@ class AccountTest < BrowserIntegrationTest
     assert page.has_content?("server failed")
   end
 
-  def submit_signup
-    username = "test_#{SecureRandom.urlsafe_base64}".downcase
-    password = SecureRandom.base64
-    visit '/users/new'
-    fill_in 'Username', with: username
-    fill_in 'Password', with: password
-    fill_in 'Password confirmation', with: password
-    click_on 'Sign Up'
-    return username, password
-  end
-
   def inject_malicious_js
     page.execute_script <<-EOJS
       var calc = new srp.Calculate();
diff --git a/users/test/integration/browser/session_test.rb b/users/test/integration/browser/session_test.rb
new file mode 100644
index 0000000..bb4e8c9
--- /dev/null
+++ b/users/test/integration/browser/session_test.rb
@@ -0,0 +1,28 @@
+require 'test_helper'
+
+class SessionTest < BrowserIntegrationTest
+
+  setup do
+    Capybara.current_driver = Capybara.javascript_driver
+    @username, password = submit_signup
+  end
+
+  teardown do
+    user = User.find_by_login(@username)
+    id = user.identity
+    id.destroy
+    user.destroy
+  end
+
+  test "valid session" do
+    assert page.has_content?("Welcome #{@username}")
+  end
+
+  test "expired session" do
+    assert page.has_content?("Welcome #{@username}")
+    pretend_now_is(Time.now + 40.minutes) do
+      visit '/'
+      assert page.has_no_content?("Welcome #{@username}")
+    end
+  end
+end
diff --git a/users/test/support/integration_test_helper.rb b/users/test/support/integration_test_helper.rb
new file mode 100644
index 0000000..cfe72cf
--- /dev/null
+++ b/users/test/support/integration_test_helper.rb
@@ -0,0 +1,12 @@
+module IntegrationTestHelper
+  def submit_signup
+    username = "test_#{SecureRandom.urlsafe_base64}".downcase
+    password = SecureRandom.base64
+    visit '/users/new'
+    fill_in 'Username', with: username
+    fill_in 'Password', with: password
+    fill_in 'Password confirmation', with: password
+    click_on 'Sign Up'
+    return username, password
+  end
+end
diff --git a/users/test/support/time_test_helper.rb b/users/test/support/time_test_helper.rb
new file mode 100644
index 0000000..f673f12
--- /dev/null
+++ b/users/test/support/time_test_helper.rb
@@ -0,0 +1,30 @@
+# Extend the Time class so that we can offset the time that 'now'
+# returns.  This should allow us to effectively time warp for functional
+# tests that require limits per hour, what not.
+class Time #:nodoc:
+  class <<self
+    attr_accessor :testing_offset
+
+    def now_with_testing_offset
+      now_without_testing_offset - testing_offset
+    end
+    alias_method_chain :now, :testing_offset
+  end
+end
+Time.testing_offset = 0
+
+module TimeTestHelper
+  # Time warp to the specified time for the duration of the passed block
+  def pretend_now_is(time)
+    begin
+      Time.testing_offset = Time.now - time
+      yield
+    ensure
+      Time.testing_offset = 0
+    end
+  end
+end
+
+class ActiveSupport::TestCase
+  include TimeTestHelper
+end
diff --git a/users/test/unit/account_test.rb b/users/test/unit/account_test.rb
index 39969c0..94a9980 100644
--- a/users/test/unit/account_test.rb
+++ b/users/test/unit/account_test.rb
@@ -9,15 +9,14 @@ class AccountTest < ActiveSupport::TestCase
     assert id = user.identity
     assert_equal user.email_address, id.address
     assert_equal user.email_address, id.destination
-    id.destroy
-    user.destroy
+    user.account.destroy
   end
 
   test "create and remove a user account" do
     assert_no_difference "Identity.count" do
       assert_no_difference "User.count" do
         user = Account.create(FactoryGirl.attributes_for(:user))
-        Account.new(user).destroy
+        user.account.destroy
       end
     end
   end
@@ -26,7 +25,7 @@ class AccountTest < ActiveSupport::TestCase
     user = Account.create(FactoryGirl.attributes_for(:user))
     old_id = user.identity
     old_email = user.email_address
-    Account.new(user).update(FactoryGirl.attributes_for(:user))
+    user.account.update(FactoryGirl.attributes_for(:user))
     user.reload
     old_id.reload
     assert user.valid?
@@ -37,9 +36,7 @@ class AccountTest < ActiveSupport::TestCase
     assert_equal user.email_address, id.destination
     assert_equal user.email_address, old_id.destination
     assert_equal old_email, old_id.address
-    old_id.destroy
-    id.destroy
-    user.destroy
+    user.account.destroy
   end
 
 end