devise_token_auth 0.1.42 → 0.1.43.beta1

data/test/controllers/devise_token_auth/sessions_controller_test.rb

@@ -8,7 +8,7 @@ require 'test_helper'
 
 class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
   describe DeviseTokenAuth::SessionsController do
-    describe "Confirmed user" do
+    describe 'Confirmed user' do
       before do
         @existing_user = users(:confirmed_email_user)
         @existing_user.skip_confirmation!
@@ -23,10 +23,11 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           @old_sign_in_ip         = @existing_user.current_sign_in_ip
           @old_last_sign_in_ip    = @existing_user.last_sign_in_ip
 
-          xhr :post, :create, {
-            email: @existing_user.email,
-            password: 'secret123'
-          }
+          post :create,
+               params: {
+                 email: @existing_user.email,
+                 password: 'secret123'
+               }
 
           @resource = assigns(:resource)
           @data = JSON.parse(response.body)
@@ -38,11 +39,11 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           @new_last_sign_in_ip    = @resource.last_sign_in_ip
         end
 
-        test "request should succeed" do
+        test 'request should succeed' do
           assert_equal 200, response.status
         end
 
-        test "request should return user data" do
+        test 'request should return user data' do
           assert_equal @existing_user.email, @data['data']['email']
         end
 
@@ -63,31 +64,30 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
 
           test 'sign_in_ip is updated' do
             refute @old_sign_in_ip
-            assert_equal "0.0.0.0", @new_sign_in_ip
+            assert_equal '0.0.0.0', @new_sign_in_ip
           end
 
           test 'last_sign_in_ip is updated' do
             refute @old_last_sign_in_ip
-            assert_equal "0.0.0.0", @new_last_sign_in_ip
+            assert_equal '0.0.0.0', @new_last_sign_in_ip
           end
         end
       end
 
       describe 'get sign_in is not supported' do
         before do
-          xhr :get, :new, {
-            nickname: @existing_user.nickname,
-            password: 'secret123'
-          }
+          get :new,
+              params: { nickname: @existing_user.nickname,
+                        password: 'secret123' }
           @data = JSON.parse(response.body)
         end
 
         test 'user is notified that they should use post sign_in to authenticate' do
           assert_equal 405, response.status
         end
-        test "response should contain errors" do
+        test 'response should contain errors' do
           assert @data['errors']
-          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_supported")]
+          assert_equal @data['errors'], [I18n.t('devise_token_auth.sessions.not_supported')]
         end
       end
 
@@ -95,9 +95,10 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           request.headers.merge!(
             'email' => @existing_user.email,
-            'password' => 'secret123')
+            'password' => 'secret123'
+          )
 
-          xhr :head, :create
+          head :create
           @data = JSON.parse(response.body)
         end
 
@@ -108,10 +109,9 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
 
       describe 'alt auth keys' do
         before do
-          xhr :post, :create, {
-            nickname: @existing_user.nickname,
-            password: 'secret123'
-          }
+          post :create,
+               params: { nickname: @existing_user.nickname,
+                         password: 'secret123' }
           @data = JSON.parse(response.body)
         end
 
@@ -123,23 +123,28 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
 
       describe 'authed user sign out' do
         before do
-          def @controller.reset_session_called; @reset_session_called == true; end
-          def @controller.reset_session; @reset_session_called = true; end
+          def @controller.reset_session_called
+            @reset_session_called == true
+          end
+
+          def @controller.reset_session
+            @reset_session_called = true
+          end
           @auth_headers = @existing_user.create_new_auth_token
           request.headers.merge!(@auth_headers)
-          xhr :delete, :destroy, format: :json
+          delete :destroy, format: :json
         end
 
-        test "user is successfully logged out" do
+        test 'user is successfully logged out' do
           assert_equal 200, response.status
         end
 
-        test "token was destroyed" do
+        test 'token was destroyed' do
           @existing_user.reload
-          refute @existing_user.tokens[@auth_headers["client"]]
+          refute @existing_user.tokens[@auth_headers['client']]
         end
 
-        test "session was destroyed" do
+        test 'session was destroyed' do
           assert_equal true, @controller.reset_session_called
         end
       end
@@ -147,38 +152,39 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       describe 'unauthed user sign out' do
         before do
           @auth_headers = @existing_user.create_new_auth_token
-          xhr :delete, :destroy, format: :json
+          delete :destroy, format: :json
           @data = JSON.parse(response.body)
         end
 
-        test "unauthed request returns 404" do
+        test 'unauthed request returns 404' do
           assert_equal 404, response.status
         end
 
-        test "response should contain errors" do
+        test 'response should contain errors' do
           assert @data['errors']
-          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.user_not_found")]
+          assert_equal @data['errors'],
+                       [I18n.t('devise_token_auth.sessions.user_not_found')]
         end
       end
 
       describe 'failure' do
         before do
-          xhr :post, :create, {
-            email: @existing_user.email,
-            password: 'bogus'
-          }
+          post :create,
+               params: { email: @existing_user.email,
+                         password: 'bogus' }
 
           @resource = assigns(:resource)
           @data = JSON.parse(response.body)
         end
 
-        test "request should fail" do
+        test 'request should fail' do
           assert_equal 401, response.status
         end
 
-        test "response should contain errors" do
+        test 'response should contain errors' do
           assert @data['errors']
-          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
+          assert_equal @data['errors'],
+                       [I18n.t('devise_token_auth.sessions.bad_credentials')]
         end
       end
 
@@ -190,31 +196,29 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           # which initializes client_id
           @controller.current_user
 
-          xhr :post, :create, {
-            email: @existing_user.email,
-            password: 'bogus'
-          }
+          post :create,
+               params: { email: @existing_user.email,
+                         password: 'bogus' }
 
           @resource = assigns(:resource)
           @data = JSON.parse(response.body)
         end
 
-        test "request should fail" do
+        test 'request should fail' do
           assert_equal 401, response.status
         end
 
-        test "response should contain errors" do
+        test 'response should contain errors' do
           assert @data['errors']
-          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
+          assert_equal @data['errors'], [I18n.t('devise_token_auth.sessions.bad_credentials')]
         end
 
         after do
-            DeviseTokenAuth.change_headers_on_each_request = true
+          DeviseTokenAuth.change_headers_on_each_request = true
         end
       end
 
       describe 'case-insensitive email' do
-
         before do
           @resource_class = User
           @request_params = {
@@ -223,51 +227,49 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           }
         end
 
-        test "request should succeed if configured" do
+        test 'request should succeed if configured' do
           @resource_class.case_insensitive_keys = [:email]
-          xhr :post, :create, @request_params
+          post :create, params: @request_params
           assert_equal 200, response.status
         end
 
-        test "request should fail if not configured" do
+        test 'request should fail if not configured' do
           @resource_class.case_insensitive_keys = []
-          xhr :post, :create, @request_params
+          post :create, params: @request_params
           assert_equal 401, response.status
         end
-
       end
     end
 
-    describe "Unconfirmed user" do
+    describe 'Unconfirmed user' do
       before do
         @unconfirmed_user = users(:unconfirmed_email_user)
-        xhr :post, :create, {
-          email: @unconfirmed_user.email,
-          password: 'secret123'
-        }
+        post :create, params: { email: @unconfirmed_user.email,
+                                password: 'secret123' }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
 
-      test "request should fail" do
+      test 'request should fail' do
         assert_equal 401, response.status
       end
 
-      test "response should contain errors" do
+      test 'response should contain errors' do
         assert @data['errors']
-        assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_confirmed", email: @unconfirmed_user.email)]
+        assert_equal @data['errors'],
+                     [I18n.t('devise_token_auth.sessions.not_confirmed',
+                             email: @unconfirmed_user.email)]
       end
     end
 
-    describe "Unconfirmed user with allowed unconfirmed access" do
+    describe 'Unconfirmed user with allowed unconfirmed access' do
       before do
         @original_duration = Devise.allow_unconfirmed_access_for
         Devise.allow_unconfirmed_access_for = 3.days
         @recent_unconfirmed_user = users(:recent_unconfirmed_email_user)
-        xhr :post, :create, {
-          email: @recent_unconfirmed_user.email,
-          password: 'secret123'
-        }
+        post :create,
+             params: { email: @recent_unconfirmed_user.email,
+                       password: 'secret123' }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -276,24 +278,23 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         Devise.allow_unconfirmed_access_for = @original_duration
       end
 
-      test "request should succeed" do
+      test 'request should succeed' do
         assert_equal 200, response.status
       end
 
-      test "request should return user data" do
+      test 'request should return user data' do
         assert_equal @recent_unconfirmed_user.email, @data['data']['email']
       end
     end
 
-    describe "Unconfirmed user with expired unconfirmed access" do
+    describe 'Unconfirmed user with expired unconfirmed access' do
       before do
         @original_duration = Devise.allow_unconfirmed_access_for
         Devise.allow_unconfirmed_access_for = 3.days
         @unconfirmed_user = users(:unconfirmed_email_user)
-        xhr :post, :create, {
-          email: @unconfirmed_user.email,
-          password: 'secret123'
-        }
+        post :create,
+             params: { email: @unconfirmed_user.email,
+                       password: 'secret123' }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -302,35 +303,34 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         Devise.allow_unconfirmed_access_for = @original_duration
       end
 
-      test "request should fail" do
+      test 'request should fail' do
         assert_equal 401, response.status
       end
 
-      test "response should contain errors" do
+      test 'response should contain errors' do
         assert @data['errors']
       end
     end
 
-    describe "Non-existing user" do
+    describe 'Non-existing user' do
       before do
-        xhr :post, :create, {
-          email: -> { Faker::Internet.email },
-          password: -> { Faker::Number.number(10) }
-        }
+        post :create,
+             params: { email: -> { Faker::Internet.email },
+                       password: -> { Faker::Number.number(10) } }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
 
-      test "request should fail" do
+      test 'request should fail' do
         assert_equal 401, response.status
       end
 
-      test "response should contain errors" do
+      test 'response should contain errors' do
         assert @data['errors']
       end
     end
 
-    describe "Alternate user class" do
+    describe 'Alternate user class' do
       setup do
         @request.env['devise.mapping'] = Devise.mappings[:mang]
       end
@@ -344,20 +344,19 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         @existing_user.skip_confirmation!
         @existing_user.save!
 
-        xhr :post, :create, {
-          email: @existing_user.email,
-          password: 'secret123'
-        }
+        post :create,
+             params: { email: @existing_user.email,
+                       password: 'secret123' }
 
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
 
-      test "request should succeed" do
+      test 'request should succeed' do
         assert_equal 200, response.status
       end
 
-      test "request should return user data" do
+      test 'request should return user data' do
         assert_equal @existing_user.email, @data['data']['email']
       end
     end
@@ -375,10 +374,9 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         @existing_user = only_email_users(:user)
         @existing_user.save!
 
-        xhr :post, :create, {
-          email: @existing_user.email,
-          password: 'secret123'
-        }
+        post :create,
+             params: { email: @existing_user.email,
+                       password: 'secret123' }
 
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
@@ -390,7 +388,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       end
     end
 
-    describe "Lockable User" do
+    describe 'Lockable User' do
       setup do
         @request.env['devise.mapping'] = Devise.mappings[:lockable_user]
       end
@@ -414,65 +412,62 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         Devise.unlock_strategy = @original_unlock_strategy
       end
 
-      describe "locked user" do
+      describe 'locked user' do
         before do
           @locked_user = lockable_users(:locked_user)
-          xhr :post, :create, {
-            email: @locked_user.email,
-            password: 'secret123'
-          }
+          post :create,
+               params: { email: @locked_user.email,
+                         password: 'secret123' }
           @data = JSON.parse(response.body)
         end
 
-        test "request should fail" do
+        test 'request should fail' do
           assert_equal 401, response.status
         end
 
-        test "response should contain errors" do
+        test 'response should contain errors' do
           assert @data['errors']
-          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_confirmed", email: @locked_user.email)]
+          assert_equal @data['errors'], [I18n.t('devise_token_auth.sessions.not_confirmed', email: @locked_user.email)]
         end
       end
 
-      describe "unlocked user with bad password" do
+      describe 'unlocked user with bad password' do
         before do
           @unlocked_user = lockable_users(:unlocked_user)
-          xhr :post, :create, {
-            email: @unlocked_user.email,
-            password: 'bad-password'
-          }
+          post :create,
+               params: { email: @unlocked_user.email,
+                         password: 'bad-password' }
           @data = JSON.parse(response.body)
         end
 
-        test "request should fail" do
+        test 'request should fail' do
           assert_equal 401, response.status
         end
 
-        test "should increase failed_attempts" do
+        test 'should increase failed_attempts' do
           assert_equal 1, @unlocked_user.reload.failed_attempts
         end
 
-        test "response should contain errors" do
+        test 'response should contain errors' do
           assert @data['errors']
-          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
+          assert_equal @data['errors'], [I18n.t('devise_token_auth.sessions.bad_credentials')]
         end
 
         describe 'after maximum_attempts should block the user' do
           before do
             4.times do
-              xhr :post, :create, {
-                email: @unlocked_user.email,
-                password: 'bad-password'
-              }
+              post :create,
+                   params: { email: @unlocked_user.email,
+                             password: 'bad-password' }
             end
             @data = JSON.parse(response.body)
           end
 
-          test "should increase failed_attempts" do
+          test 'should increase failed_attempts' do
             assert_equal 5, @unlocked_user.reload.failed_attempts
           end
 
-          test "should block the user" do
+          test 'should block the user' do
             assert_equal true, @unlocked_user.reload.access_locked?
           end
         end