casino 4.0.3 → 4.1.0

data/config/locales/fr.yml

@@ -86,3 +86,19 @@ fr:
       x_seconds:
         one: une seconde
         other: ! '%{count} secondes'
+  views:
+    pagination:
+      first: "« Première"
+      last: "Dernière »"
+      previous: "‹ Précédente"
+      next: "Suivante ›"
+      truncate: "…"
+  helpers:
+    page_entries_info:
+      one_page:
+        display_entries:
+          zero: "Aucun(e) %{entry_name} trouvé(e)s"
+          one: "Affichage de <b>1</b> %{entry_name}"
+          other: "Affichage des <b>%{count}</b> %{entry_name}"
+      more_pages:
+        display_entries: "%{entry_name} <b>%{first}</b> à <b>%{last}</b> affiché(e)s sur <b>%{total}</b> au total"

data/config/locales/pt-BR.yml

@@ -86,3 +86,19 @@ pt-BR:
       x_seconds:
         one: um segundo
         other: ! '%{count} segundos'
+  views:
+    pagination:
+      first: "« Primeira"
+      last: "Última »"
+      previous: "‹ Anterior"
+      next: "Próxima ›"
+      truncate: "…"
+  helpers:
+    page_entries_info:
+      one_page:
+        display_entries:
+          zero: "Nenhum %{entry_name} encontrado(a)"
+          one: "Exibindo <b>1</b> %{entry_name}"
+          other: "Exibindo <b>%{count}</b> %{entry_name}"
+      more_pages:
+        display_entries: "Exibindo %{entry_name} <b>%{first}&nbsp;-&nbsp;%{last}</b> de <b>%{total}</b> no total"

data/config/locales/ru.yml

@@ -0,0 +1,110 @@
+ru:
+  login_credential_acceptor:
+    invalid_login_ticket: "Ваш запрос на авторизацию не содержит корректную информацию об авторизации."
+    invalid_login_credentials: "Неверное имя пользователя или пароль."
+  login:
+    label_username: "Имя пользователя"
+    label_password: "Пароль"
+    label_button: "Войти"
+    label_remember_me: "Запомнить меня"
+    notice: ""
+  service_not_allowed:
+    title: "Доступ для данного сервиса запрещен"
+    message: "Авторизация для сервиса \"%{service}\" не настроена. Если Вы считаете, что это — ошибка, пожалуйста, свяжитесь с администратором."
+  validate_otp:
+    title: "Двухфакторная аутентификация"
+    description: "Пожалуйста, введите корректный одноразовый пароль."
+    code: "Код"
+    submit: "Продолжить"
+    invalid_otp: "Введённый одноразовый пароль некорректен."
+  logout:
+    title: "Всего доброго!"
+    logged_out_without_url: "Сеанс работы завершен."
+    logged_out_with_url: "Сеанс работы заверешен. Пожалуйста, пройдите по ссылке:"
+  sessions:
+    title: "Добро пожаловать!"
+    currently_logged_in_as: "Вы авторизованы как <strong>%{username}</strong>."
+    label_logout_button: "Выйти"
+    your_active_sessions: "Ваши активные сеансы"
+    table:
+      column_browser: "Браузер"
+      column_services: "Сервисы"
+      column_activity: "Текущая активность"
+    current_session: "Текущий сеанс"
+    end_session: "Завершить сессию"
+  two_factor_authenticators:
+    title: "Двухфакторная аутентификация"
+    setup: "Настройка двухфакторной аутентификации"
+    description: "Двухфакторная авторизация требует ввода дополнительного одноразового пароля при каждой попытке авторизации. Одноразовый пароль может быть получен с помощью приложения <a href='http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447'>Google Authenticator</a> на Вашем мобильном устройстве."
+    instructions: "Если Вы используете Google Authenticator, распознайте расположенный ниже QR с помощью приложения на Вашем мобильном устройстве. Введите код подтверждения в текстовое поле ниже."
+    disabled: "Выключено"
+    enable: "Включить"
+    enabled: "Включено"
+    disable: "Выключить"
+    cancel: "Отмена"
+    secret: "Секретно"
+    code: "Код подтверждения"
+    submit: "Подтвердить и включить"
+    invalid_one_time_password: "Введенный одноразовый пароль некорректен."
+    invalid_two_factor_authenticator: "Время для двухфакторной авторизации истекло. Пожалуйста, следуйте инструкциям ниже."
+    successfully_activated: "Двухфакторная авторизация успешно подключена для данной учетной записи."
+    successfully_deleted: "Двухфакторная авторизация отключена для данной учетной записи."
+  datetime:
+    ago: "%{datetime} назад"
+    distance_in_words:
+      about_x_hours:
+        few: около %{count} часов
+        many: около %{count} часов
+        one: около %{count} часа
+        other: около %{count} часа
+      about_x_months:
+        few: около %{count} месяцев
+        many: около %{count} месяцев
+        one: около %{count} месяца
+        other: около %{count} месяца
+      about_x_years:
+        few: около %{count} лет
+        many: около %{count} лет
+        one: около %{count} года
+        other: около %{count} лет
+      almost_x_years:
+        one: почти 1 год
+        few: почти %{count} года
+        many: почти %{count} лет
+        other: почти %{count} лет
+      half_a_minute: меньше минуты
+      less_than_x_minutes:
+        few: меньше %{count} минут
+        many: меньше %{count} минут
+        one: меньше %{count} минуты
+        other: меньше %{count} минуты
+      less_than_x_seconds:
+        few: меньше %{count} секунд
+        many: меньше %{count} секунд
+        one: меньше %{count} секунды
+        other: меньше %{count} секунды
+      over_x_years:
+        few: больше %{count} лет
+        many: больше %{count} лет
+        one: больше %{count} года
+        other: больше %{count} лет
+      x_days:
+        few: "%{count} дня"
+        many: "%{count} дней"
+        one: "%{count} день"
+        other: "%{count} дня"
+      x_minutes:
+        few: "%{count} минуты"
+        many: "%{count} минут"
+        one: "%{count} минуту"
+        other: "%{count} минуты"
+      x_months:
+        few: "%{count} месяца"
+        many: "%{count} месяцев"
+        one: "%{count} месяц"
+        other: "%{count} месяца"
+      x_seconds:
+        few: "%{count} секунды"
+        many: "%{count} секунд"
+        one: "%{count} секунду"
+        other: "%{count} секунды"

data/config/locales/zh-CN.yml

@@ -86,3 +86,19 @@ zh-CN:
       x_seconds:
         one: 一秒
         other: ! '%{count}秒'
+  views:
+    pagination:
+      first: "« 第一页"
+      last: "最后一页 »"
+      previous: "‹ 上一页"
+      next: "下一页 ›"
+      truncate: "…"
+  helpers:
+    page_entries_info:
+      one_page:
+        display_entries:
+          zero: "没有任何 %{entry_name}"
+          one: "显示 <b>1</b> 个 %{entry_name}"
+          other: "显示 <b>全部 %{count}</b> 个 %{entry_name}"
+      more_pages:
+        display_entries: "显示 <b>%{total}</b> 个 %{entry_name} 中的第 <b>%{first}&nbsp;-&nbsp;%{last}</b> 个"

data/config/locales/zh-TW.yml

@@ -86,3 +86,19 @@ zh-TW:
       x_seconds:
         one: 一秒
         other: ! '%{count}秒'
+  views:
+    pagination:
+      first: "« 第一頁"
+      last: "最後一頁 »"
+      previous: "‹ 上一頁"
+      next: "下一頁 ›"
+      truncate: "…"
+  helpers:
+    page_entries_info:
+      one_page:
+        display_entries:
+          zero: "沒有任何 %{entry_name}"
+          one: "顯示 <b>1</b> 筆 %{entry_name}"
+          other: "顯示 <b>全部 %{count}</b> 筆 %{entry_name}"
+      more_pages:
+        display_entries: "顯示 <b>%{total}</b> 筆 %{entry_name} 中的第 <b>%{first}&nbsp;-&nbsp;%{last}</b> 筆"

data/config/routes.rb

@@ -9,6 +9,8 @@ CASino::Engine.routes.draw do
   get 'logout' => 'sessions#logout'
   post 'validate_otp' => 'sessions#validate_otp'
 
+  resources :login_attempts, only: [:index]
+
   get 'destroy-other-sessions' => 'sessions#destroy_others'
 
   get 'validate' => 'service_tickets#validate'

data/db/migrate/20160502074450_create_login_attempts.rb

@@ -0,0 +1,14 @@
+class CreateLoginAttempts < ActiveRecord::Migration
+  def change
+    create_table :casino_login_attempts do |t|
+      t.integer :user_id, null: true
+      t.string :username, null: false
+      t.boolean :successful, default: false
+
+      t.string  :user_ip
+      t.text  :user_agent
+
+      t.timestamps
+    end
+  end
+end

data/lib/casino/engine.rb

@@ -1,5 +1,6 @@
 require 'casino'
 require 'casino/inflections'
+require 'yaml'
 
 module CASino
   class Engine < Rails::Engine

data/lib/casino/version.rb

@@ -1,3 +1,3 @@
 module CASino
-  VERSION = '4.0.3'
+  VERSION = '4.1.0'
 end

data/spec/controllers/login_attempts_controller_spec.rb

@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+describe CASino::LoginAttemptsController do
+  routes { CASino::Engine.routes }
+
+  describe 'GET #index' do
+    context 'with ticket granting ticket' do
+      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+      let(:login_attempt) { FactoryGirl.create :login_attempt, user: ticket_granting_ticket.user }
+      let(:old_login_attempt) do
+        FactoryGirl.create :login_attempt, user: ticket_granting_ticket.user, created_at: 10.weeks.ago
+      end
+
+      before do
+        sign_in(ticket_granting_ticket)
+        login_attempt.touch
+        FactoryGirl.create :login_attempt
+      end
+
+      it 'assigns current users login attempts @login_attempts' do
+        get :index
+
+        expect(assigns(:login_attempts)).to eq([login_attempt, old_login_attempt])
+      end
+    end
+
+    context 'without a ticket-granting ticket' do
+      it 'redirects to the login page' do
+        get :index
+
+        response.should redirect_to(login_path)
+      end
+    end
+  end
+end

data/spec/controllers/sessions_controller_spec.rb

@@ -2,8 +2,10 @@ require 'spec_helper'
 
 describe CASino::SessionsController do
   include CASino::Engine.routes.url_helpers
+
+  routes { CASino::Engine.routes }
+
   let(:params) { { } }
-  let(:request_options) { params.merge(use_route: :casino) }
   let(:user_agent) { 'YOLOBrowser 420.00'}
 
   before(:each) do
@@ -20,14 +22,14 @@ describe CASino::SessionsController do
       let(:params) { { service: service } }
 
       it 'renders the service_not_allowed template' do
-        get :new, request_options
+        get :new, params
         response.should render_template(:service_not_allowed)
       end
     end
 
     context 'when logged out' do
       it 'renders the new template' do
-        get :new, request_options
+        get :new, params
         response.should render_template(:new)
       end
 
@@ -37,7 +39,7 @@ describe CASino::SessionsController do
           let(:params) { { service: service, gateway: 'true' } }
 
           it 'redirects to the service' do
-            get :new, request_options
+            get :new, params
             response.should redirect_to(service)
           end
         end
@@ -46,7 +48,7 @@ describe CASino::SessionsController do
           let(:params) { { gateway: 'true' } }
 
           it 'renders the new template' do
-            get :new, request_options
+            get :new, params
             response.should render_template(:new)
           end
         end
@@ -64,7 +66,7 @@ describe CASino::SessionsController do
         let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, :awaiting_two_factor_authentication }
 
         it 'renders the new template' do
-          get :new, request_options
+          get :new, params
           response.should render_template(:new)
         end
       end
@@ -76,7 +78,7 @@ describe CASino::SessionsController do
         end
 
         it 'renders the new template' do
-          get :new, request_options
+          get :new, params
           response.should render_template(:new)
         end
       end
@@ -86,24 +88,24 @@ describe CASino::SessionsController do
         let(:params) { { service: service } }
 
         it 'redirects to the service' do
-          get :new, request_options
+          get :new, params
           response.location.should =~ /^#{Regexp.escape service}\?ticket=ST-/
         end
 
         it 'generates a service ticket' do
           lambda do
-            get :new, request_options
+            get :new, params
           end.should change(CASino::ServiceTicket, :count).by(1)
         end
 
         it 'does not set the issued_from_credentials flag on the service ticket' do
-          get :new, request_options
+          get :new, params
           CASino::ServiceTicket.last.should_not be_issued_from_credentials
         end
 
         context 'with renew parameter' do
           it 'renders the new template' do
-            get :new, request_options.merge(renew: 'true')
+            get :new, params.merge(renew: 'true')
             response.should render_template(:new)
           end
         end
@@ -114,7 +116,7 @@ describe CASino::SessionsController do
         let(:params) { { service: service } }
 
         it 'does not remove the attributes' do
-          get :new, request_options
+          get :new, params
           response.location.should =~ /^#{Regexp.escape service}&ticket=ST-/
         end
       end
@@ -124,20 +126,20 @@ describe CASino::SessionsController do
         let(:params) { { service: service } }
 
         it 'redirects to the session overview' do
-          get :new, request_options
+          get :new, params
           response.should redirect_to(sessions_path)
         end
       end
 
       context 'without a service' do
         it 'redirects to the session overview' do
-          get :new, request_options
+          get :new, params
           response.should redirect_to(sessions_path)
         end
 
         it 'does not generate a service ticket' do
           lambda do
-            get :new, request_options
+            get :new, params
           end.should change(CASino::ServiceTicket, :count).by(0)
         end
 
@@ -149,7 +151,7 @@ describe CASino::SessionsController do
           end
 
           it 'renders the new template' do
-            get :new, request_options
+            get :new, params
             response.should render_template(:new)
           end
         end
@@ -167,7 +169,7 @@ describe CASino::SessionsController do
   describe 'POST "create"' do
     context 'without a valid login ticket' do
       it 'renders the new template' do
-        post :create, request_options
+        post :create, params
         response.should render_template(:new)
       end
     end
@@ -177,20 +179,35 @@ describe CASino::SessionsController do
       let(:params) { { lt: expired_login_ticket.ticket }}
 
       it 'renders the new template' do
-        post :create, request_options
+        post :create, params
         response.should render_template(:new)
       end
     end
 
     context 'with a valid login ticket' do
       let(:login_ticket) { FactoryGirl.create :login_ticket }
-      let(:params) { { lt: login_ticket.ticket }}
+      let(:username) { 'testuser' }
+      let(:params) { { lt: login_ticket.ticket, username: username, password: 'wrrooonnng' }}
+      let!(:user) { FactoryGirl.create :user, username: username }
 
       context 'with invalid credentials' do
         it 'renders the new template' do
-          post :create, request_options
+          post :create, params
           response.should render_template(:new)
         end
+
+        it 'creates session log' do
+          expect do
+            post :create, params
+          end.to change { CASino::LoginAttempt.count }.by 1
+        end
+
+        it 'assigns session log the correct attributes' do
+          post :create, params
+
+          expect(CASino::LoginAttempt.last.user).to eq user
+          expect(CASino::LoginAttempt.last.successful).to eq false
+        end
       end
 
       context 'with valid credentials' do
@@ -200,16 +217,29 @@ describe CASino::SessionsController do
         let(:params) { { lt: login_ticket.ticket, username: username, password: 'foobar123', service: service } }
 
         it 'creates a cookie' do
-          post :create, request_options
+          post :create, params
           response.cookies['tgt'].should_not be_nil
         end
 
         it 'saves user_ip' do
-          post :create, request_options
+          post :create, params
           tgt = CASino::TicketGrantingTicket.last
           tgt.user_ip.should == '0.0.0.0'
         end
 
+        it 'creates session log' do
+          expect do
+            post :create, params
+          end.to change { CASino::LoginAttempt.count }.by 1
+        end
+
+        it 'assigns session log the correct attributes' do
+          post :create, params
+
+          expect(CASino::LoginAttempt.last.user.username).to eq username
+          expect(CASino::LoginAttempt.last.successful).to eq true
+        end
+
         context 'with rememberMe set' do
           let(:cookie_jar) { HashWithIndifferentAccess.new }
 
@@ -219,12 +249,12 @@ describe CASino::SessionsController do
           end
 
           it 'creates a cookie with an expiration date set' do
-            post :create, request_options
+            post :create, params
             cookie_jar['tgt']['expires'].should be_kind_of(Time)
           end
 
           it 'creates a long-term ticket-granting ticket' do
-            post :create, request_options
+            post :create, params
             tgt = CASino::TicketGrantingTicket.last
             tgt.long_term.should == true
           end
@@ -235,7 +265,7 @@ describe CASino::SessionsController do
           let!(:two_factor_authenticator) { FactoryGirl.create :two_factor_authenticator, user: user }
 
           it 'renders the validate_otp template' do
-            post :create, request_options
+            post :create, params
             response.should render_template(:validate_otp)
           end
         end
@@ -247,7 +277,7 @@ describe CASino::SessionsController do
           let(:service) { 'http://www.example.org/' }
 
           it 'renders the service_not_allowed template' do
-            post :create, request_options
+            post :create, params
             response.should render_template(:service_not_allowed)
           end
         end
@@ -260,7 +290,7 @@ describe CASino::SessionsController do
           end
 
           it 'renders the new template' do
-            post :create, request_options
+            post :create, params
             response.should render_template(:new)
           end
         end
@@ -269,25 +299,25 @@ describe CASino::SessionsController do
           let(:service) { nil }
 
           it 'redirects to the session overview' do
-            post :create, request_options
+            post :create, params
             response.should redirect_to(sessions_path)
           end
 
           it 'generates a ticket-granting ticket' do
             lambda do
-              post :create, request_options
+              post :create, params
             end.should change(CASino::TicketGrantingTicket, :count).by(1)
           end
 
           context 'when the user does not exist yet' do
             it 'generates exactly one user' do
               lambda do
-                post :create, request_options
+                post :create, params
               end.should change(CASino::User, :count).by(1)
             end
 
             it 'sets the users attributes' do
-              post :create, request_options
+              post :create, params
               user = CASino::User.last
               user.username.should == username
               user.authenticator.should == authenticator
@@ -299,13 +329,13 @@ describe CASino::SessionsController do
 
             it 'does not regenerate the user' do
               lambda do
-                post :create, request_options
+                post :create, params
               end.should_not change(CASino::User, :count)
             end
 
             it 'updates the extra attributes' do
               lambda do
-                post :create, request_options
+                post :create, params
                 user.reload
               end.should change(user, :extra_attributes)
             end
@@ -316,24 +346,24 @@ describe CASino::SessionsController do
           let(:service) { 'https://www.example.com' }
 
           it 'redirects to the service' do
-            post :create, request_options
+            post :create, params
             response.location.should =~ /^#{Regexp.escape service}\/\?ticket=ST-/
           end
 
           it 'generates a service ticket' do
             lambda do
-              post :create, request_options
+              post :create, params
             end.should change(CASino::ServiceTicket, :count).by(1)
           end
 
           it 'does set the issued_from_credentials flag on the service ticket' do
-            post :create, request_options
+            post :create, params
             CASino::ServiceTicket.last.should be_issued_from_credentials
           end
 
           it 'generates a ticket-granting ticket' do
             lambda do
-              post :create, request_options
+              post :create, params
             end.should change(CASino::TicketGrantingTicket, :count).by(1)
           end
         end
@@ -360,12 +390,12 @@ describe CASino::SessionsController do
           end
 
           it 'redirects to the service' do
-            post :validate_otp, request_options
+            post :validate_otp, params
             response.location.should =~ /^#{Regexp.escape service}\?ticket=ST-/
           end
 
           it 'does activate the ticket-granting ticket' do
-            post :validate_otp, request_options
+            post :validate_otp, params
             ticket_granting_ticket.reload.should_not be_awaiting_two_factor_authentication
           end
 
@@ -378,7 +408,7 @@ describe CASino::SessionsController do
             end
 
             it 'creates a cookie with an expiration date set' do
-              post :validate_otp, request_options
+              post :validate_otp, params
               cookie_jar['tgt']['expires'].should be_kind_of(Time)
             end
           end
@@ -390,7 +420,7 @@ describe CASino::SessionsController do
             let(:service) { 'http://www.example.org/' }
 
             it 'renders the service_not_allowed template' do
-              post :validate_otp, request_options
+              post :validate_otp, params
               response.should render_template(:service_not_allowed)
             end
           end
@@ -402,12 +432,12 @@ describe CASino::SessionsController do
           end
 
           it 'renders the validate_otp template' do
-            post :validate_otp, request_options
+            post :validate_otp, params
             response.should render_template(:validate_otp)
           end
 
           it 'does not activate the ticket-granting ticket' do
-            post :validate_otp, request_options
+            post :validate_otp, params
             ticket_granting_ticket.reload.should be_awaiting_two_factor_authentication
           end
         end
@@ -416,7 +446,7 @@ describe CASino::SessionsController do
 
     context 'without a ticket-granting ticket' do
       it 'redirects to the login page' do
-        post :validate_otp, request_options
+        post :validate_otp, params
         response.should redirect_to(login_path)
       end
     end
@@ -434,12 +464,12 @@ describe CASino::SessionsController do
       end
 
       it 'deletes the ticket-granting ticket' do
-        get :logout, request_options
+        get :logout, params
         CASino::TicketGrantingTicket.where(id: ticket_granting_ticket.id).first.should == nil
       end
 
       it 'renders the logout template' do
-        get :logout, request_options
+        get :logout, params
         response.should render_template(:logout)
       end
 
@@ -447,7 +477,7 @@ describe CASino::SessionsController do
         let(:url) { 'http://www.example.com' }
 
         it 'assigns the URL' do
-          get :logout, request_options
+          get :logout, params
           assigns(:url).should == url
         end
       end
@@ -458,7 +488,7 @@ describe CASino::SessionsController do
 
         context 'when whitelisted' do
           it 'redirects to the service' do
-            get :logout, request_options
+            get :logout, params
             response.should redirect_to(url)
           end
         end
@@ -469,12 +499,12 @@ describe CASino::SessionsController do
           end
 
           it 'renders the logout template' do
-            get :logout, request_options
+            get :logout, params
             response.should render_template(:logout)
           end
 
           it 'does not assign the URL' do
-            get :logout, request_options
+            get :logout, params
             assigns(:url).should be_nil
           end
         end
@@ -483,7 +513,7 @@ describe CASino::SessionsController do
 
     context 'without a ticket-granting ticket' do
       it 'renders the logout template' do
-        get :logout, request_options
+        get :logout, params
         response.should render_template(:logout)
       end
     end
@@ -501,7 +531,7 @@ describe CASino::SessionsController do
 
         context 'without a two-factor authenticator registered' do
           it 'does not assign any two-factor authenticators' do
-            get :index, request_options
+            get :index, params
             assigns(:two_factor_authenticators).should == []
           end
         end
@@ -510,7 +540,7 @@ describe CASino::SessionsController do
           let!(:two_factor_authenticator) { FactoryGirl.create :two_factor_authenticator, :inactive, user: user }
 
           it 'does not assign any two-factor authenticators' do
-            get :index, request_options
+            get :index, params
             assigns(:two_factor_authenticators).should == []
           end
         end
@@ -520,7 +550,7 @@ describe CASino::SessionsController do
           let!(:other_two_factor_authenticator) { FactoryGirl.create :two_factor_authenticator }
 
           it 'does assign the two-factor authenticator' do
-            get :index, request_options
+            get :index, params
             assigns(:two_factor_authenticators).should == [two_factor_authenticator]
           end
         end
@@ -534,7 +564,7 @@ describe CASino::SessionsController do
           let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, user: user }
 
           it 'assigns both ticket granting tickets' do
-            get :index, request_options
+            get :index, params
             assigns(:ticket_granting_tickets).should == [ticket_granting_ticket, other_ticket_granting_ticket]
           end
         end
@@ -544,16 +574,39 @@ describe CASino::SessionsController do
           let(:tgt) { ticket_granting_ticket.ticket }
 
           it 'does not assign the other ticket granting ticket' do
-            get :index, request_options
+            get :index, params
             assigns(:ticket_granting_tickets).should == [ticket_granting_ticket]
           end
         end
       end
+
+      describe 'last login attempts' do
+        let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+
+        let(:login_attempts) do
+          6.times.map do |counter|
+            FactoryGirl.create :login_attempt, user: ticket_granting_ticket.user,
+                                               created_at: counter.minutes.ago
+          end
+        end
+
+        before do
+          sign_in(ticket_granting_ticket)
+
+          login_attempts
+        end
+
+        it 'assigns last five login attempts' do
+          get :index, params
+
+          expect(assigns(:login_attempts)).to eq login_attempts.sort_by(&:created_at).from(1).to(6).reverse
+        end
+      end
     end
 
     context 'without a ticket-granting ticket' do
       it 'redirects to the login page' do
-        get :index, request_options
+        get :index, params
         response.should redirect_to(login_path)
       end
     end
@@ -575,17 +628,17 @@ describe CASino::SessionsController do
 
       it 'deletes exactly one ticket-granting ticket' do
         lambda do
-          delete :destroy, request_options
+          delete :destroy, params
         end.should change(CASino::TicketGrantingTicket, :count).by(-1)
       end
 
       it 'deletes the ticket-granting ticket' do
-        delete :destroy, request_options
+        delete :destroy, params
         CASino::TicketGrantingTicket.where(id: params[:id]).length.should == 0
       end
 
       it 'redirects to the session overview' do
-        delete :destroy, request_options
+        delete :destroy, params
         response.should redirect_to(sessions_path)
       end
     end
@@ -594,12 +647,12 @@ describe CASino::SessionsController do
       let(:params) { { id: 99999 } }
       it 'does not delete a ticket-granting ticket' do
         lambda do
-          delete :destroy, request_options
+          delete :destroy, params
         end.should_not change(CASino::TicketGrantingTicket, :count)
       end
 
       it 'redirects to the session overview' do
-        delete :destroy, request_options
+        delete :destroy, params
         response.should redirect_to(sessions_path)
       end
     end
@@ -610,12 +663,12 @@ describe CASino::SessionsController do
 
       it 'does not delete a ticket-granting ticket' do
         lambda do
-          delete :destroy, request_options
+          delete :destroy, params
         end.should_not change(CASino::TicketGrantingTicket, :count)
       end
 
       it 'redirects to the session overview' do
-        delete :destroy, request_options
+        delete :destroy, params
         response.should redirect_to(sessions_path)
       end
     end
@@ -637,12 +690,12 @@ describe CASino::SessionsController do
 
       it 'deletes all other ticket-granting tickets' do
         lambda do
-          get :destroy_others, request_options
+          get :destroy_others, params
         end.should change(CASino::TicketGrantingTicket, :count).by(-3)
       end
 
       it 'redirects to the session overview' do
-        get :destroy_others, request_options
+        get :destroy_others, params
         response.should redirect_to(sessions_path)
       end
 
@@ -650,7 +703,7 @@ describe CASino::SessionsController do
         let(:url) { 'http://www.example.com' }
 
         it 'redirects to the service' do
-          get :destroy_others, request_options
+          get :destroy_others, params
           response.should redirect_to(url)
         end
       end
@@ -661,7 +714,7 @@ describe CASino::SessionsController do
         let(:url) { 'http://www.example.com' }
 
         it 'redirects to the service' do
-          get :destroy_others, request_options
+          get :destroy_others, params
           response.should redirect_to(url)
         end
       end