blob: b56d07b1dfde350b384e3bd14db1c4b467dcb4bc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
require 'test_helper'
require_relative 'srp_test'
class AccountFlowTest < SrpTest
setup do
register_user
end
test "signup response" do
assert_json_response :login => @login, :ok => true
assert last_response.successful?
end
test "signup and login with srp via api" do
authenticate
assert last_response.successful?
assert_nil server_auth["errors"]
assert server_auth["M2"]
end
test "signup and wrong password login attempt" do
authenticate password: "wrong password"
assert_json_error "base" => "Not a valid username/password combination"
assert !last_response.successful?
assert_nil server_auth["M2"]
end
test "signup and wrong username login attempt" do
assert_raises RECORD_NOT_FOUND do
authenticate login: "wrong login"
end
assert_json_error "base" => "Not a valid username/password combination"
assert !last_response.successful?
assert_nil server_auth
end
test "update password via api" do
authenticate
update_user password: "No! Verify me instead."
authenticate
assert last_response.successful?
assert_nil server_auth["errors"]
assert server_auth["M2"]
end
test "change login with password_verifier" do
authenticate
new_login = 'zaph'
cleanup_user new_login
update_user login: new_login, password: @password
assert last_response.successful?
assert_equal new_login, @user.reload.login
end
test "prevent changing login without changing password_verifier" do
authenticate
original_login = @user.login
new_login = 'zaph'
cleanup_user new_login
update_user login: new_login
assert last_response.successful?
# does not change login if no password_verifier is present
assert_equal original_login, @user.reload.login
end
end
|